The very existence of the United States as a nation can be traced back to a protest movement against taxes. The colonists expressed their objection to a tax on tea by seizing quantities of it and dumping it into Boston Harbor, the famous Boston Tea Party. Like just every other modern activity, social and political activism have been transformed by the internet and web technologies. You no longer need a soap box to be heard, you can setup a blog. You don’t need a town hall to gather, you can organize on Facebook. If Paul Revere were alive today he would not have needed a horse to ride, a twitter account would do!
Technology literally refers to the tools that humans have available and like any tool the internet can be used for good ends or for ill. It can be used wisely or recklessly. We have web sites for the Red Cross and for Al Qaeda. We have sites for Suicide Prevention and sites to show you how.
The use of internet technology by political activists covers the same range of extremes. The American tradition, not to mention the 1st Amendment, tolerates provocative and inflammatory expression that many societies would never allow. We even respect civil disobedience when conducted in an appropriate manner. Where we draw the line as a society is when activism becomes violent and does damage to personal property, particularly when it affects those who we consider innocent bystanders.
It is in this context that we should consider the phenomenon of “hacktivism” and “hactivists”. These are terms for hackers motivated by political activism. Most hackers breach networks for financial gain, to steal and commit fraud. Some do it for personal reasons such as the sheer pleasure of it. Hacktivists may have a mix of motives, but what sets them apart is the desire to advance or draw attention to a cause.
Hacktivists tend to come from the far left of the political spectrum, though not exclusively. However, this is akin to the types of protest movements which historically are more popular with liberals and leftists. Noted hacktivist attacks have attempted to harm or embarrass prominent corporations who they view as symbols of Capitalism, which they oppose.
Some hacktivism is, though perhaps acting outside the law, relatively harmless. For example, in 2001 n a Chinese jet collided with an American surveillance plane killing the Chinese pilot. This prompted both American and Chinese hackers to break into web sites and post messages expressing their feelings about the incident. While this could not have pleased the operators of these sites, the harm was easy to undo and it drew attention to the issue in a way that setting up your own site would not.
“Anonymous” is probably the most famous hacktivist group, although it is really a very loosely associated collection of groups that unite under the same banner. They are unified in a belief that the internet should not be regulated in any way and oppose any censorship and control.
Groups allied with Anonymous have hacked into government web sites in the US and UK. They have also target commercial companies.
Last year an Anonymous group hacked into the servers of Symantec and stole the source code for the 2006 versions of Norton Software, including Norton Antivirus and PC Anywhere. They published the code on web sites, making it available to anyone who might want to exploit the code in hack attacks or use the code to make better viruses.
Although Symantec claims the 2006 code is obsolete and useless, some feel that it will be a valuable resource for hackers.
While Hacktivists view themselves as the guys with the white hats, pursuing noble gains, they do not always appreciate the trouble they cause for innocent bystanders. They may think that corporations are not people, but when you harm a corporation you may hurt their employees, their customers and their owners. While corporate owners are cast as rich fat cats, and some may be, shares are also owned by pension funds, university endowments, charities and mutual funds held in 401k accounts.
Hacktivism appears to be a growing threat to network security in general. An annual report by Verizon on network security breaches in 2011 estimated that 58% of all data stolen through breaches was the result of hacktivism. The amount of data stolen by hactivists in 2011 exceeded the cumulative amount stolen from the time they started reporting in 2004 through 2010.
This is just another reason to make sure you have best and latest firewall systems and antivirus scanners in your organization. It is why you have to constantly review your networks and web sites for weakness’s and vulnerabilities. It explains the increasing popularity of “white hat” Network Penetration Testing services, which are hired to attack networks as if they were the bad guys to identify where they are vulnerable.