What is Hacktivism, and Who Do They Target?
- By Alison OLeary
- Jun 30, 2022
Social and political issues have spread like wildfire across the globe since the advent of the internet. While this instantaneous interconnectedness provides a platform for informing the world about the plight of one group or another, it doesn't solve the issue of doing something about the issues at hand.
Hacktivists take action when a Go Fund Me or other donation request isn't appropriate (such as for political issues or when the story's villain is too big to take on).
Hacktivism, which couches its motivation in ethical terms, is how technologically savvy individuals can draw attention to or even harm a perceived "bad guy" by attacking their online presence, customers, or accounts.
Where Did Hacktivism Start?
Differences are emerging among segments of people who perform similar acts online. Some people hack accounts seeking to publicly shame and harm organizations, and governments are seen as evil. They are hacktivists. Others are becoming known as leaktivists because they facilitate leaks, often initiated by insiders, to achieve the same goal.
In 2006 a group registered the domain name wikileaks.org. Headed publicly by Julian Assange, it was designed to share potentially damaging government files with journalists in pursuit of public shame and likely political change. It's believed that the democratic process will provide the path to justice, including removing corrupt politicians implicated. Assange took shelter in a foreign embassy to avoid prosecution related to Wikileaks and other charges, becoming a fugitive for decades.
In 2010 an even larger data leak called the Panama Papers alerted the world to the presence of slush funds and secret intermediaries, which masked wealth held by heads of state. The "leak" was from a Panamanian law firm that used outdated software. In all, 11 million files were affected.
Several leaktivists and hacktivists have gone to prison for their roles in this type of illegal access and dissemination of information, but journalists they work with are often aware of their identities to verify documents.
Hacktivists often work collectively but independently. Secrecy is a hallmark of their trade. Internet historians credit the online discussion forum 4chan for bringing together those who formed the well-known hacktivist group Anonymous. In 2008, a hacker made one of the first known coordinated attacks on the Church of Scientology after claiming the church tried to censor a media outlet, Gawker, over a video of church member Tom Cruise. The techniques used included DoS (Denial of Service), website defacement, and bombarding the church offices with faxes.
In 2010, Anonymous hackers acted in response to companies that allegedly censured Wikileaks, attacking Amazon, Mastercard, and Visa. The effort successfully stopped the credit card companies from operating for a day. Around the same time, Anonymous threatened to launch cyber-attacks against the American Marine base at Quantico, where Wikileaks source Chelsea Manning was being held in solitary confinement.
Who is Targeted by Hacktivists?
There's a difference between doxing (or doxxing) and hacktivism. Doxing is "outing" or publicly shaming a private individual by releasing potentially damaging personal information to intimidate or silence the victim.
Hacktivism rarely targets individuals. While hacktivism claims moral righteousness by zeroing in on bad actors, the practice is still illegal, and individuals involved are subject to arrest and prosecution. Victims of hacktivists include:
- Institutions like churches may be targets of social justice hacktivists opposing censorship or patriarchy.
- Governments, such as Russia's, have been targeted by hacktivists for policies and actions, including human rights abuses (attacking Ukraine, prosecution of homosexuals) and anti-environment stances (such as VandaTheGod hacking Brazilian government sites to post visuals of the Amazon burning).
- Banks that support environmentally damaging businesses have been targets of hacktivists.
How Hacktivists Work
Many computer systems have weaknesses, whether in construction or due to modifications. Hacktivists are patient, often stalking and testing different methods of breaking into websites, cloud storage, and databases.
Some of the methods used by hacktivists include:
- Attacking employees as the weakest link to the data desired. Phishing emails, spoofed websites, and keyloggers are standard techniques for getting passwords from unsuspecting employees.
- Malware launched on a company's website may be entered in a phishing email or through a targeted approach (spearfishing). Such malware can lay dormant for any period and can be programmed to infect related computers, to lock up sensitive files and hold them for ransom, or to do harm to databases.
- Insiders who cooperate with hacktivists, such as the U.S. Government's Bradley Manning, facilitate leaks over social justice and political transparency concerns.
- Access is frequently gained through partner companies and the process of sharing files.
Hacktivists may be lauded for “Robin Hood” like ideals, prompting Time magazine readers to name Anonymous the world’s most influential person in 2012. These groups morph and change, selecting targets that sometimes seem random. When Russia attacked Ukraine in 2022, Anonymous partnered with DdoSecrets, a successor of Wikileaks, to attack Russian national interests, posting reams of private data online.