What is Hacktivism and Who Does It Target?
Table of Contents
- By Alison OLeary
- Jun 30, 2022
Social and political issues have spread like wildfire across the globe since the advent of the internet. While this instantaneous interconnectedness provides a platform for informing the world about the plight of one group or another, it doesn't solve the issue of doing something about the issues at hand.
Hacktivists act when a Go Fund Me or other donation request isn't appropriate (such as for political issues or when the story's villain is too big to take on).
Hacktivism, which couches its motivation in ethical terms, is how technologically savvy individuals can draw attention to or even harm a perceived "bad guy" by attacking their online presence, customers, or accounts.
Hacktivism vs. Cyberterrorism
There is a somewhat ambiguous line drawn between hacktivism and cyberterrorism. Both processes aim to do harm or disrupt a target, but their main differences come down to the attacker’s motivations.
Hacktivism is any politically or socially motivated cyber-attack to reveal relevant information or prevent the spread of a false narrative.
- Hacktivists are motivated by a personal sense of justice and aren’t seeking to profit from any conflicts or problems their actions cause.
For example, WikiLeaks released confidential reports that contradicted how the US government portrayed the Afghanistan war. This collection is also known as the “Afghan War Diary.” The leaked files detailed US failures in the war, including the number of murdered civilians and increased Taliban activity.
One of the goals of the Afghan War Diary was to give Americans accurate and relevant information so they wouldn’t blindly support the war. However, the released reports included the names of whistleblowers within Afghanistan and put them in danger of Taliban punishment.
This event undoubtedly put people in danger. However, the motivation behind it was political transparency and not personal gain.
Cyberterrorism refers to any cyber-attack intended to harm people, instill fear, or cause destruction. At its core, cyberterrorism is a threat. It’s a showcase of power and a warning to the terrorist’s enemies. Often the goal is to counter hacktivist activities.
- Cyberterrorists are not motivated by morals but are instead designed to gain profit from or power over another party.
A Brief History of Hacktivism
People go about hacktivism in different ways. Some people personally attack and hack accounts seeking to publicize the secrets of organizations and governments that they deem evil. They are traditional hacktivists.
Others are engaging in leaktivism, a term popularized after the infamous Panama Papers. These people facilitate leaks often initiated by insiders. The distinction from hacktivism comes from the idea that leaktivists aren’t breaking into confidential servers or email accounts but are only distributing what they’re told from privileged sources.
In 2006 a group registered the domain name wikileaks.org. Headed publicly by Julian Assange, it was designed to share potentially damaging government files with journalists in pursuit of public shame and induce political change
The WikiLeaks founders believed that the democratic process would provide the path to justice and remove corrupt politicians from office. Assange understood the personal risks he was taking and found shelter in a foreign embassy to avoid prosecution related to Wikileaks and other charges.
Assange was most recently protected in the Embassy of Ecuador in London. However, he was arrested by London forces in April 2019 on charges of conspiracy to commit computer intrusion against the government.
We mentioned it earlier, but the Panama Papers was an even larger data leak than the Afghan War Diary, which spanned over 90,000 documents.
Several leaktivists and hacktivists, like Assange, have gone to prison for their roles in this type of illegal access and dissemination of information. This causes them to stringently protect their personal identities, but the journalists they work with are often aware of the hacktivist's identities for the purpose of verifying documents.
Hacktivists often work collectively toward a goal, but through independent actions. Secrecy is a hallmark of their trade. Internet historians credit the online discussion forum 4chan for bringing together those who formed the well-known hacktivist group Anonymous.
In 2008, a hacker made one of the first known coordinated attacks on the Church of Scientology after claiming the church tried to censor a media outlet, Gawker, over a video of church member Tom Cruise. The techniques used included DoS (Denial of Service), website defacement, and bombarding the church offices with faxes.
In 2010, Anonymous hackers acted in response to companies that allegedly censured Wikileaks, attacking Amazon, Mastercard, and Visa. The effort successfully stopped the credit card companies from operating for a day. Around the same time, Anonymous threatened to launch cyber-attacks against the American Marine base at Quantico, where Wikileaks source Chelsea Manning was being held in solitary confinement
Discussing Hacktivist Group ‘Anonymous’
Hacktivist groups can range from solo basement operations to special, state-sponsored attack forces. Sometimes groups are formed to combat a specific social issue only to dissipate when their job is done. However, the most infamous hacktivist entity never disappears because it isn’t really a group at all.
You’d be hard-pressed to find someone who doesn’t at least know the name Anonymous.
Characterized by the Guy Fawkes masks from V for Vendetta, Anonymous is an amorphous hacktivist group following the motto, “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”
Rather than a cohesive body, calling Anonymous a hive mind is more accurate. Anyone identifying with Anonymous’ sense of justice can join, but individualism is still emphasized. If enough individual action is taken, then evil will fall. In line with this idea, Anonymous lacks centralized leadership or the strict hierarchy that characterizes most organizations.
Among Anonymous’ most famous feats is its crusade against the Church of Scientology in 2008. The Church of Scientology was attempting to remove an interview with Tom Cruise from the internet. Anonymous labeled this censorship an abuse of power and started a chain of DDoS attacks against the church.
Breakdown of Modern Hacktivism
Until recently, hacktivism has been popularized by formless hacking groups bound together by a loosely defined ideal of justice. However, Russia's declaration of war on Ukraine last year has solidified those beliefs, and more purposeful attacks are frequently popping up from both sides.
Gone are the days when it seemed like ambiguous Russian hackers dominated online weaponry. Although pro-Russia groups are still carrying out attacks around the globe, their home country is being hit every bit as hard.
This upsurge in hacktivism hasn't been limited to Eastern Europe, either. Group resurgences have occurred throughout the Middle East and Asia as well.
Pro-Russia Global Attacks
In late 2022, European lawmakers disparaged Russia as a "state sponsor" of terrorism. The assembly called for a global effort to reduce interactions with Russia until they ceased hostilities. As if waiting for such a declaration, a pro-Russia group called "Killnet" immediately launched a distributed denial of service (DDoS) attack that took down the European Parliament's website.
Killnet claimed responsibility for many additional attacks throughout 2022. Most of their efforts targeted foreign governments, while a few went for independent companies. Among the most newsworthy were their attacks against Lockheed Martin and the Eurovision Song Contest.
Lockheed Martin, an American Defense Corporation, supplied Ukraine with four HIMARS systems. Killnet responded by framing the weapons company as "the actual sponsor of world terrorism," knocking their websites offline for a few hours.
On the pop culture side of things, Russian performers were barred from attending the 2022 Eurovision Song Contest. The move strongly displayed solidarity among the participating countries against the war. Hacktivists countered by attempting cyberattacks ranging from blocking the broadcast during Ukraine's performance to flooding the voting system with outside requests. Ultimately, the Kalush Orchestra from Ukraine found themselves in the winner's seat.
Network Battalion 65
Network Battalion 65 (NB65) is a political hacktivist group that ran an enormous information heist from Russian corporations last year. Its members took over webpages, stole government emails, and published sensitive financial data.
Among the leaked documents were reports that government agencies were arresting citizens displaying negative attitudes toward current policies. These reports showed increasing concerns over antimilitaristic sentiment on social media.
An NB65 spokesperson stated, "We pay for our own infrastructure and dedicate our time outside of jobs and familial obligations to this. We ask for nothing in return. It's just the right thing to do." This sentiment closely mimics the ideals with which the infamous hacktivist group Anonymous first broke onto the scene.
One of the most critical outcomes of NB65's raid is that it tore down Russia's image of online invincibility. Russia was no longer the untouchable cyber-boogeyman, and it opened the door for others to strike back against a violent regime.
OpIsrael and OpsBedilReloaded
Hacktivism has become a prominent weapon in one of the oldest religious conflicts in history. In 2021, pro-Palestine hacktivist groups like Black Shadow and Moses Staff began "OpIsrael," a chain of attacks targeting Israeli businesses and citizens.
However, tensions from the Russia-Ukraine war caused the leading hacktivist groups to focus elsewhere, and the attacks died out.
The newly revived operations are carried out by DragonForce Malaysia, a group with membership spread throughout Southeast Asia. This group states that their actions are reactionary and directly respond to Israeli political actions from April 11, 2022.
DragonForce Malaysia attacked Israeli organizations by taking down websites and leaking the private information of their memberships. Many attacks left messages with a call to action for other hackers to support Palestinian efforts during the holy month of Ramadan.
These attacks have shown individuals and countries the potency of a well-organized hacktivist group. For the first time, people are coming together with long-term goals and aiming for global organizations. This has caused many to show concern over hacktivism racing into the geopolitical sphere and how governments may weaponize them in future conflicts.
There's already a lot of doubt over whether pro-Russian hacktivists are genuinely independent of their government. Some believe that the groups are government operations hiding behind hacktivism to instill a sense of justification for the ongoing violence in Ukraine.
Who is Targeted by Hacktivists?
There's a difference between doxing (or doxxing) and hacktivism. Doxing is "outing" or publicly shaming a private individual by releasing potentially damaging personal information to intimidate or silence the victim.
Hacktivism rarely targets individuals. Even attacks on presidential candidates usually target members of their staff and immoral deals with financial backers. When the goal is social and political change, only big fish can make a big splash. Hacktivists zero in on influential entities like companies and political campaigns, since those types of targets are the most likely to lead to large change.
Hacktivists commonly focus on the following goals:
- Stopping censorship and promoting freedom of speech
- Attacking terrorist groups
- Aiding the weak and oppressed
- Exposing inhumane practices and violent policies
Additionally, despite their claims to the greater good, hacktivists are still on the wrong side of the law. Individuals involved are subject to arrest and prosecution, so attackers must carefully choose their targets to make the endeavor worth the risk. Common victims of hacktivists include:
It's nothing new. Governments act in the state's interest or often in the interests of the individuals running said state. This means no shortage of objectionable policies and a huge, neon welcome sign for hacktivist groups.
The most heavily targeted country in recent years is Russia, which has been targeted by hacktivists for human rights abuses including the persecution of LGBTQ+ people and anti-environment stances. However, the massive increase in attacks in recent years is primarily due to Russia’s violent war on Ukraine and the accompanying war crimes.
Governments are also targeted because of civil unrest and protests. In 2013, a protest in Ankara, Turkey’s capital, was violently ended by the police. A hacktivist group called RedHack responded by accessing a government portal and erasing people’s debts to the city. They even explained on Twitter how people could do it themselves.
Institutions like churches are frequently targeted by hacktivists who disagree with a church’s actions or its stance on social issues. The Catholic Church’s clergy is a frequent guest in headlines worldwide. Apart from sexual assault, the hacktivist identity Anonymous once took down the Vatican’s website citing historical hypocrisy and profiteering practices.
There's also a website called MormonLeaks created to force transparency within the Church of Latter-Day Saints. This group acts as a safe space for whistleblowers to report any corruption or abuse within their church.
Political campaigns give people the chance to put a face to the party. Individual politicians become their respective groups' faces, making them prime targets for hacktivist activity.
It doesn't help that politicians are notorious for keeping skeletons in their closets, and many candidates weaponize hackers to ruin the competition. Former President Donald Trump even made a "joke" asking Russia to find and expose Hillary Clinton's emails during the 2016 election.
The raid on the Capitol building in 2021 also spurred immense hacktivism. People were frantically breaking into people's social media accounts and engaging in vigilante detective work. Some hackers attacked right-wing websites that they viewed as instigators of the raid.
How Hacktivists Work
Many computer systems have weaknesses, whether in construction or due to modifications. Hacktivists are patient, often stalking and testing different methods of breaking into websites, cloud storage, and databases.
Some of the methods used by hacktivists include:
- Attacking employees as the weakest link to the data desired. Phishing emails, spoofed websites, and keyloggers are standard techniques for getting passwords from unsuspecting employees.
- Malware launched on a company's website may be entered in a phishing email or through a targeted approach (spearfishing). Such malware can lay dormant for any period and can be programmed to infect related computers, to lock up sensitive files and hold them for ransom, or to do harm to databases.
- Insiders who cooperate with hacktivists, such as the U.S. Government's Bradley Manning, facilitate leaks over social justice and political transparency concerns.
- Access is frequently gained through partner companies and the process of sharing files.
Hacktivists may be lauded for “Robin Hood” like ideals, prompting Time magazine readers to name Anonymous the world’s most influential person in 2012. These groups morph and change, selecting targets that sometimes seem random. When Russia attacked Ukraine in 2022, Anonymous partnered with DdoSecrets, a successor of Wikileaks, to attack Russian national interests, posting reams of private data online.