Post By RelatedRelated Post


Cybersecurity firms have been raising fiery alarms about incumbent ‘Hacktivist’ threats for over a decade. After the Manning and Snowden cases, the press jumped on the bandwagon and connoted ‘hacktivism’ with espionage, war, terrorism and crime. However, the term has not always been used to denote sinister behavior and many still define it as a means to achieving positive social change. So just how big and bad of a threat is ‘Hacktivism’?

‘Hacktivists’ are activists that use technical tools and the power these provide to further a social cause. The technical aspect of their actions is what distinguishes them from traditional ‘activists’. Hacktivists therefore are not ‘online activists’ that use social media to gather people, promote their ideas, or start mass actions. They may be involved in all those things, but what defines them as Hacktivists is specifically their use of technical tools such as: Cracking, Distributed Denial of Service (DDoS), Doxing and Defacements.

Most threat reports are published by security firms, which is good because they are best placed to shed light on global trends but is also problematic because they also have an interest in rising danger levels. In 2012, for example, Verizon reported that Hacktivists accounted for 58% of all data breaches, which sounds like a significant threat. However, a subsequent interview with a member of Verizon’s RISK Team revealed that only 2% of the 90 actions analyzed in the study made up 58% percent of the breaches; meaning that the probability of a hacktivist attack is rather small.

The interpretation of risk, however, hinges on the definition of ‘hacktvisim’ that is adopted. The term comes from the anti (or ‘alter’) globalization movement of the 90’s, when groups like the Critical Arts Ensemble called for people to gather in cyberspace and engage in ‘Electronic Civil Disobedience’. The logic for this was that the addressees of the protests, mostly large multi-nationals and nation states, were decentralized entities that were not impacted by localized action. Consequently, if protesters wanted to have the same impact as protesters in the early 20th century, their actions would have to go viral.

The view that hacktivists are just old-school protesters in cyberspace is highly contested. Some opponents point out that the anonymity afforded online would not be allowed in street protests in several jurisdictions, including Germany’s, where people are prohibited from wearing masks when engaging in public demonstrations. Further, not only does the Internet allow for anonymity, but it also gives opportunities for single individuals or small groups to have disproportionate impacts on systems. However, the definition of activism rests in a notion of community, and if any individual is acting for his/her own interest or if a group is artificially enhancing its own power to act, they fall outside the definition of activism both in the physical world and in cyberspace.

Other critics note that many hacktivists attacks, particularly those that involve DDoS actions, have unpredictable impacts and can be distinguished from traditional protests on the grounds that they are not containable. The logic here is that if a DDoS attack, which involves sending more service requests than the site can handle, is launched on a website it will impact other websites on the victim’s server. This could result in serious consequences if, for example, the Treasury’s website was attacked and it happened to share its server with the NHS’s site. To date, there have been no reported hacktivists attacks that have resulted, either directly or indirectly, in physical injury or in serious damage to critical infrastructure, but their potential is nonetheless real.

Finally, most of the arguments surrounding the differences between ‘real world’ civil disobedience and electronic civil disobedience rest on the notion the tools used by hacktivists are criminalized while open street protests and union strikes are not. Meaning that online-protest is fundamentally criminal while real life protest is not. This apparently simple distinction between licit and criminal activism becomes complicated if one takes account of the historical dimension of social movements. The histories of the Suffragettes, Civil Rights Activists in the 60’s, and LGBT social movements all demonstrate that legality is not a precursor to ‘legitimate’ activism.

Comparing hacktivists attacks to disobedience in the physical world is only a fraction of the picture. How do hacktivists attacks relate to cyberterrorism? Cyberwar? Cybercrime? The answer to all these questions involves evaluating the role that community plays in defining a hacktivist attack, the actual consequences of that attack, and the reasons for which the attack was committed.

While it might seem petty to engage in this type of lexical puzzle, the lack of distinction between the various cyber-social terms has had serious consequences for many individuals. Aaron Swartz committed suicide after facing a maximum prison sentence of 50 years and a fine of $1million for gaining unauthorized access to JSTOR articles; Barrett Brown is facing 15 years in prison for posting a link to a zip file that contained data obtained illegally although he is not responsible for obtaining the data; Jeremy Hammond, who obtained the information posted by Mr. Brown, is currently serving 10 years even though his actions had no significant physical consequences. Deciding if, as a society, we believe it just to endorse these types of sentences or whether, instead, we think they are the result of misplaced anxieties is an exercise we can no longer ignore.