Hacktivism happens when political or social activists use computer technology to make a statement supporting one of their causes. In most cases, hacktivism focuses on either government or corporate targets, but it can include any significant institution, such as religious groups, drug dealers, terrorists, or pedophiles. Hacking means breaking into someone’s computer. Activism refers to promoting a social perspective. “Hacktivism” is a combination of the two.
Even though all hacktivist attacks are meant to further an ideology or counteract one the hacktivists see as a threat to their cause, the similarities often stop there. The methods used by hacktivists vary wildly, as do the severity and legality of their actions.
For example, when hacktivists organize an online movement to promote the free use of the internet, they do not have to break any laws or attack anyone’s computer. On the other end, hacktivism can turn into a cyber crime when cyberattacks, such as denial-of-service (DoS) attacks, are used to destroy computers and reputations and cost companies millions of dollars in damage. In many cases, hacktivism is only a threat to organizations or people who espouse a belief that goes against the hacktivists' position.
How Hacktivism Works?
Hacktivism typically seeks to accomplish one or more of the following objectives:
- Stop or interrupt the financing of terrorism
- Go around censorship laws put in place by the government
- Speak out against war
- Use social media to help censored people or those whose rights are being violated
- Speak out against capitalism
- Attack government websites that try to quash political upheavals
- Promote democracy and freedom of speech
- Help immigrants get across country boundaries
- Help local uprisings
- Undermine the power of a corporation
- Discredit or attack a government’s authority
Types of Hacktivism
When people use civil disobedience to bring awareness to an issue, they may orchestrate a sit-in. In this kind of protest, because dozens or hundreds of people are physically sitting inside an area, the business that has to be carried out there has to stop. Because the conduct of business is forced to halt, the activists gain the attention of the public.
Hacktivists use a similar method when they engage in a DoS attack. Although they do not change any of a website’s content, they can flood the site with requests, clogging its server and rendering it useless to regular visitors.
Doxing involves making sensitive or embarrassing documents public. Often, the targets are people with a lot to lose if the public becomes aware of their private activities. Examples include government officials, company executives, the military, or law enforcement. Depending on the types of documents being made public, doxing may result in anything from embarrassment to compromising military strategies if secret plans are revealed.
Leaking Information is a Popular Tactic with Hacktivists
Hacktivists leak information not just to go after an organization or person who stands against their beliefs but also to generate publicity. When accurate information is released, news agencies are quick to publish it. If a news story gives credit to a hacktivist group, movement, or publication, like WikiLeaks, that movement gains power, recognition, and respect.
The Use of the Software RECAP
RECAP is software that enables users to find copies of documents you would otherwise have to pay the U.S. Federal Court to access. In this way, hacktivists provide a service for free, removing a barrier they feel should not be there in the first place.
Often, bloggers can convince people they are telling the truth—as well as making valid social statements—even without publishing their real names. Because the blogger is anonymous, the target cannot go after them.
In geo-bombing, a hacktivist uses the geo-location feature to allow the viewers of a video to know where it was shot. This is often used to let viewers see where political prisoners or human rights activists are being held.
When a website gets censored, hacktivists may copy the content of the site and publish it under a different Uniform Resource Locator (URL). Because the second URL is not blocked by the censoring entity, the content is still available to the public.
Changing the Code for Websites
DoS attacks do not affect the content of the target website, but when hacktivists change a website's code, either a message or an error pops up for visitors. In this way, they can redefine the image and message of an organization, engaging in a form of “definition hacking” as they attempt to change how the public perceives the company. To gain access to the site’s administrator credentials, the hacker may use keylogger software or fake websites to steal login information until they are able to impersonate an admin and alter the code.
Who Do Hacktivists Target?
Hacktivists tend to target people or organizations they feel represent beliefs or practices that violate the principles held dear by the hacktivist organization. Regardless of the benevolent nature of some hacktivist actions, hacking into an organization’s system is still a crime.
What Motivates Hacktivists?
The actions of a hacktivist are often spurred by the perception that they need to right a “wrong” or make a statement on behalf of justice. In some cases, the motivation is as simple as revenge or to teach an organization or person a lesson. In other situations, the motive of a hacktivist is to undermine the validity of an entire organization.
Who is Anonymous?
Anonymous gained notoriety when they went after the Church of Scientology using a video on YouTube that featured the famous actor, Tom Cruise. When the church asked them to take it down, Anonymous hit their site with a DoS attack. Anonymous has gone up against several powerful organizations since then, including ISIS, in an effort to promote their specific world view.
Examples of the Most Infamous Campaigns by Influential Hacktivist Groups
Fox.com was targeted by a group associated with Anonymous called LulzSec in 2011. Anonymous also put offline the Central Intelligence Agency (CIA) and the Sony PlayStation Network, and even compromised the passwords and user data of CIA officials.
In 2012, WikiLeaks, which, like Byline, seeks to expose hidden truths, turned on PayPal, Visa, Amazon, and Mastercard, hitting them with distributed denial-of-service (DDoS) attacks that shut down their websites. The attacks were orchestrated in response to requests by the United States government for these service providers to disallow people from using them to send money in support of WikiLeaks.
Black Lives Matter Movement
Anonymous, also known as Anon, got behind the Black Lives Matter movement when it targeted the Minneapolis police department to expose racial injustices the group felt were being perpetrated by the police. This resulted in Anon’s Twitter account garnering 3.5 million followers. Also, the campaign used DDoS attacks on the Minneapolis police department’s website, forcing it to shut down.
Collection of Clinton Emails Leaked
Arguably, one of the most influential hacks of all time, WikiLeaks gained access to private emails sent between Hillary Clinton and her campaign manager. Although it is impossible to retrospectively determine the end effect of this hack, some argue that it was a significant contributing factor to Ms. Clinton’s loss to Donald Trump in the 2016 American election.
How Fortinet Can Help
One of the most effective techniques hacktivists use is DoS attacks. In these attacks, a website is inundated with so many fake attempts until it no longer has the processing power to serve legitimate users. This renders the site useless to visitors who may be customers or business partners, thus costing the organization considerable money.
Whether a DoS attack comes from a hacktivist or another cyber criminal, the Fortinet FortiDDoS tool can help prevent it. FortiDDoS can analyze behavior to identify threats instead of relying on signature files. This not only catches numerous legitimate threats but it also eliminates false positives that are likely to consume valuable resources. FortiDDoS can ascertain whether website requests are legitimate or the result of a DoS attack, preventing your organization’s website from being locked up by hacktivists and others.
If hacktivists feel they can profit off capturing an organization’s resources—or if they decide that something or someone in a company opposes their beliefs—they may go after it (or them) with a ransomware attack. The Fortinet Security Fabric allows organizations to protect their data and resources from ransomware. It safeguards the company's various attack surfaces, from company-issued computers to personal devices or endpoints employees introduce to the network through a bring-your-own-device (BYOD) policy.
The Fortinet Security Fabric uses threat intelligence to find and respond to attacks by hacktivists and other opportunists who capitalize on a network’s vulnerabilities to “kidnap” computers. It makes use of a variety of tools, including intrusion prevention systems (IPS), that protect a range of network architectures, from software-defined wide-area networks (SD-WANs) to virtualized networks.
What is hacktivism?
Hacktivism occurs when political or social activists use computer technology to make a statement supporting one of their causes.
Is hacktivism ethical?
In many cases, such as malware attacks, hacktivism is unethical because it involves breaking the law. In other situations, such as organizing protests using the internet, it can be argued that hacktivism is ethical.
Can you join Anonymous?
Anonymous is not an official group, so there is no way you can join it.
Who do hacktivists target?
Hacktivists target people or organizations that represent beliefs that contradict their own.
What motivates hacktivists?
Each hacktivist is driven by unique motivations. However, many seek respect from other hackers, money, fame, or to further a social perspective.