Hacktivism refers to a social or political activist act that is performed by people known as “hacktivists”, hacktivists attack by using a plethora of hacking methods that allow them to gain access to personal computers, where they can take control and gain private information.
In most cases, hacktivism is not used for financial gain. Rather, hacktivism is conducted on government bodies to gain information that is used to stimulate social or political reform (free speech, human rights, or freedom of information movements).
Hacking as a form of activism can be carried out through a group network of activists, such as Anonymous and WikiLeaks, or through a singular activist, working in collaboration toward common goals without an overarching authority figure.
“Hacktivism” is a controversial term with several meanings. The word was coined to characterize electronic direct action as working toward social change by combining programming skills and critical thinking. But just as hacking, which sometimes mean activism that is malicious, destructive, and undermining the security of the Internet as a technical, economic, and political platform.
According to the United States 2020-2022 Counterintelligence Strategy, in addition to state adversaries and transnational criminal organizations,
ideologically motivated entities such as hacktivists, leaktivists, and public disclosure organizations, also pose significant threats.
Maybe the progressive government sees it as a correction on the issue raised and its own internet security but others may only consider hacktivism as a demonstrative and insulting effort.
Origin of Hacktivism
Writer Jason Sack first used the term hacktivism in a 1995 article in conceptualizing New Media artist Shu Lea Cheang’s film “Fresh Kill”. Fresh Kill is a 1994 British and American experimental film, the story about two lesbian parents who are drawn into a corporate conspiracy involving the Fresh Kills Landfill. Fresh Kill was an official selection at the 1994 Berlin International Film Festival and the Toronto International Film Festival and is noted for its influence on hacker subculture, with an article about the film for the now-defunct hacker publication “InfoNation” containing one of the first uses of the term “hacktivism”. However, the term is frequently attributed to the Cult of the Dead Cow (cDc) member “Omega,” who used it in a 1996 e-mail to the group. Due to the variety of meanings of its root words, the definition of hacktivism is nebulous and there exists significant disagreement over the kinds of activities and purposes it encompasses. Some definitions include acts of cyberterrorism while others simply reaffirm the use of technological hacking to effect social change.
Hacktivism Agendas
Hacktivism is an attack on individuals, public figures, or government entities with the intention to fulfill activist agendas and spread awareness. Agenda intentions range from political, social, religious, and anarchist.
As mentioned, hacktivism is an activist act that is done to spread information to the public. Shown below are the different forms of hacktivist intentions:
Political: Most commonly, hacktivism is performed on government bodies to gain and spread private information to the public in an attempt to start social or political movements or protests.
Social: Also common, hacktivists intend to bring societal change by disrupting government bodies so that they can spread their beliefs.
Religious: Hacktivism can be conducted for religious agendas that aim to recruit individuals or dismantle a religious entity.
Anarchist: Anarchist-driven agendas conducted by hacktivists aim to cause social distress by hacking entire populations and military installation and unleashing computerized viruses.
Forms and Hacking Tactics
Self-proclaimed “hactivists” often work anonymously, sometimes operating in groups while other times operating as a lone-wolf with several cyber-personas all corresponding to one activist within the cyberactivism umbrella that has been gaining public interest and power in pop-culture. Hactivists generally operate under apolitical ideals and express uninhibited ideas or abuse without being scrutinized by society while representing or defending them publicly under an anonymous identity giving them a sense of power in the cyberactivism community.
In order to carry out their operations, hacktivists might create new tools; or integrate or use a variety of software tools readily available on the Internet. One class of hacktivist activities includes increasing the accessibility of others to take politically motivated action online.
Most commonly methods used in hacktivism are Doxxing, DDoS and Defacement. The attack type of Hacktivism:
Anonymous blogging: is when a hacktivist blogs under an anonymous name, oftentimes to protect a whistleblower who is exposing an injustice. It could be considered a form of free speech.
Protestware: The use of malware to promote a social cause or protest.
Website defacement: is when hacktivists change the visual appearance of a website, oftentimes to push messaging that underscores a cause important to the hacktivist group.
Website redirects change the address of a website so that visitors are redirected to a site that supports a hacktivist’s agenda.
Website mirroring is a workaround for censored websites whereby hacktivists copy a censored website and post it on a site with a modified URL for all to see. It promotes freedom of information.
Denial of Service (DoS) or Distributed Denial of Service attacks (DDoS) prevent targets from accessing their computers and sometimes crash websites by installing traffic-inundating malware on them.
Virtual sit-ins are sort of a manual DoS or DDoS attack in that they’re executed by individual users, not software, who repeatedly load web pages to overwhelm a site to the degree that the site crashes.
Leaks are usually the result of an inside source or person sharing classified intelligence with hacktivists, who then share the intel publicly in hopes of causing incrimination, embarrassment, Freedom of information, freedom of speech or change for the fulfillment of public rights (taxpayers).
Doxxing is similar to a data leak in that hacktivists gather intelligence and expose it publicly in hopes of causing incrimination, embarrassment, Freedom of information, freedom of speech or change for the fulfillment of public rights (taxpayers).
Geo-bombing exposes the Google Earth location where YouTube videos are taken. It’s been used to reveal the location of political prisoners and detained human rights activists.
Hacktivism Attack Examples
Here are a few examples of hacktivist attacks that have occurred over this years triggered by the Ukraine crisis:
Starting from late 2021, Anonymous took notice of the military build-up near the Russia-Ukraine border and thus acted to propagate peace plans to end the War in Donbass by defacing various websites, such as United Nations’ Networks on Migration, Polar Research Institute of China, Convention on Biological Diversity, and various government websites in China. As a response against 2022 Russian invasion of Ukraine, Anonymous performed multiple cyberattacks against Russian computer systems.
February 25, 2022, Twitter accounts associated with Anonymous declared that they had launched a ‘cyber operation’ against the Russian Federation, in retaliation for the invasion of Ukraine ordered by Russian president Vladimir Putin. The operation was dubbed “OpRussia”, results:
Disabled websites such as RT.com and the website of the Russian Defence Ministry along with other Russian state owned websites.
Leaked 200 GB worth of emails from the Belarusian weapons manufacturer Tetraedr, which provided logistical support for Russia in the Russian invasion of Ukraine.
Hacked into Russian TV channels and played Ukrainian music through them and showed uncensored news of what was happening in Ukraine.
Hacked into a Russian Center for the Protection of Monuments website (memorials.tomsk.ru) and uploaded three defacement pages adorned with the blue and yellow colors of the Ukrainian flag.
Hacked a Chinese SIMATIC programmable logic controller along with two Russian Modbus devices.
A yacht allegedly belonging to Vladimir Putin was reportedly hacked by the group where they changed its call sign to “FCKPTN” and setting its target destination to “hell”. Furthermore, they broadcast a troll face picture through a hacked Russian military radio.
At least 2,500 Russian and Belarusian targets were reportedly hacked by Anonymous. These included more than three hundred websites of Russian government agencies, state media outlets, banks, as well as websites of leading Belarusian banks such as Belarusbank, Priorbank and Belinvestbank. Furthermore they also hacked a website belonging to Chechnya’s regional government.
Over 400 Russian cameras were hacked by Anonymous with anti-Putin messages such as “Putin is killing children”. Some of the cameras had its live feeds compiled onto a website called behindenemylines.live.
In response to the seizure of Ukraine’s Zaporizhia Nuclear Power Plant by Russia, Anonymous defaced the website of Rosatom and gained access to gigabytes of data which they intended to leak publicly. Furthermore, they had hacked into printers in Russia to spread spread anti-propaganda messages.
In the aftermath of Bucha massacre, the hacking collective leaked the personal information of 120,000 Russian soldiers in Ukraine.
On May 9, 2022, which is the Victory Day in Russia, the video-hosting website RuTube was taken down through cyberattacks, which Anonymous had claimed responsibility later. Furthermore, Network Battalion 65 (NB65), a hacktivist group affiliated with Anonymous, has reportedly hacked Russian payment processor Qiwi. A total of 10.5 terabytes of data including transaction records and customers’ credit cards had been exfiltrated. They further infected Qiwi with ransomwares and threatened to release more customer records.
On September 1, 2022, Russian taxi service Yandex Taxi was hacked which sent dozens of cars to a location resulting in a traffic jam that lasted up to three hours. Anonymous claimed responsibility for the hack shortly thereafter.
Takeaway
With the rise of digital technologies as a technical, economic, culture, socials and political platform, activists will inevitably leverage ethical (and sometimes unethical) hacking techniques to demonstrate or to bring down who they perceive as “evildoers.” The best way to protect against hacktivism is by maintaining a solid and secure online presence, communicating with regulatory bodies, adhering to ethical practices, and adopting transparency as a part of organizational culture.
Sources: Cyber Security Degrees, Spice Works, Stanford University, IT Pro UK, Norton US, Fortinet, Wikipedia.