Hacktivism is the use of cyber attacks and sabotage to communicate politically motivated causes; it is as old as the internet.
Solo hacktivists have always acted in an individual manner to demonstrate their protest using various attack methods. One popular attack has been, and continues to be, the defacement of websites- Microsoft’s website, for example, was replaced with a Saudi Arabian flag in 2007.
Something else happens when hacktivists group together; they commonly perform what’s called a Distributed Denial of Service (DDoS) attack. With the increased number of participants they are able to flood the targeted website with traffic so that the server becomes overloaded. As the site attempts to process the large volume of malicious traffic it denies access from legitimate users and often crashes altogether.
Operation Payback is a series of DoS attacks carried out by hacktivists. Their initial goal was to bring down anti-piracy sites, such as the recording and media companies who attempted to act against illegal file sharers, and a UK government intellectual property site.
They even attacked law firms who threatened to bring the illegal downloaders to court. In the latest chain of activities they have also started targeting organizations that have spoken against Wikileaks’ activities or any other form of “Internet censorhip”. MasterCard, for example, was attacked by the hacktivist group ‘Anonymous’ when it refused to process donations to the whistle-blowing site.
Hackers, in short order, build attack software designed to take down websites and services. This software is then made easily available for download by other hactivists.
Once installed on a user’s machine it sits idly waiting for the attack command, and when the time is ripe for the attack a “wake up” call is issued to the malware on the hacktivist’s machine. At that stage the machine will start spurting out the malicious traffic to the specific site.
Using the power of the community, i.e. all involved hacktivists, the target is inundated with voluminous traffic which causes the servers to crash.
When looking at this specific group, we can see that social factors have a part to play. As the activities of Operation Payback received more media attention, the number of hacktivists joining the specific hacktivist network increased.
Modern hacking, in general, is motivated by data theft. Stolen credentials, credit card numbers and so forth are highly valued on the black market. Data is the currency of cyber crime so staying invisible is essential.
In contrast to other forms of cybercrime hacktivism is not motivated by money and actively seeks to gain as much attention as possible; high visibility is the key.
Hacktivists are motivated by revenge, politics, ideology, protest and a desire to humiliate their victims- what would be the point of embarrassing someone if they didn’t know who performed the attack?
Another attention-grabbing DDoS attack was executed in June 2009 by hacktivists protesting against the Iranian elections. In this attack hacktivists operated from outside of Iran and targeted government and other state-sponsored websites. As a result, the Iranian government blocked access to different social network sites to prevent netizens from providing coverage regarding the current state of affairs on the street.
The current chain of events show that the industrialisation of hacking (ie hacking-for-profit), as witnessed in the past couple of years, will continue to increase.
Although there are threats originating from state-sponsored attacks, for example, North Korea DDoSing South Korea and US sites, there still remains another group of attackers.
These individuals remain in the background of the threat landscape as the aforementioned threats take the front seat. But every once in a while, they raise their head to protest in unison, carrying out their acts through the Internet channels. With the right power and means they may create much havoc and attention.
Noa Bar Yosef is a senior security strategist at Imperva
Seemingly accidental leak reveals Google is developing Jarvis AI extension that can browse the web…
Amazon is reportedly in talks to pump billions of dollars more into AI start-up Anthropic,…
Star witness for the US prosecution of FTX founder Sam Bankman-Fried, has begun her two…
After axing 31 percent of its workforce when it failed to be acquired by Amazon,…
Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…
Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…