Imperva Blog|Login|中文Deutsch日本語
Glossary

Hacktivism

Hacktivism uses cyber attacks based on political motivations who use cyber sabotage to promote a specific cause. As opposed to the hacking industry intent on data theft, hacktivism is not motivated by money and high visibility is key. Hacktivisms are motivated by revenge, politics, ideology, protest and a desire to humiliate victims. Profit is not a factor. And visibility is key: what’s the point of embarrassing someone if you they didn’t know who performed the attack?

Popular Hacktivism Techniques

Sole hacktivists demonstrate their protest using different attack methods. One popular attack is to deface websites. For example, Microsoft’s UK Event’s website was displaced with a Saudi Arabian flag. But when hacktivists group together, they may join forces to execute another favorite attack of theirs – Distributed Denial of Service (DDoS) attacks. With the increased number of participants, they are able to flood the website with too much traffic that the server could handle. As the site attempts to process the large volume of malicious traffic, it in effect denies access from legitimate users. At other times, the server just crashes as a result.

Popular Hacktivism Campaigns

The summer of 2009 has provided us with a couple of high-profiled hacktivity campaigns:

  • Hacktivists protesting against the Iranian election - In this DDoS attack, hacktivists operating from outside of Iran, targeted Iranian government and other state-sponsored websites. As a result, the Iranian government blocked access to different social network sites to prevent netizens from providing coverage regarding the current state of affairs on the street.
  • Russian hacktivists targeting Social Networks hosting Georgian blogger – By employing DDoS attacks, Russian hacktivists were able to bring down social network services such as Facebook and Twitter. This was their retaliation campaign against a controversial Georgian blogger who had accounts on these networks.

Operation Payback

Operation Payback is a series of DDoS attacks carried out by hacktivists, named Anonymous, as of September 2010. Their campaign focuses against targets that impose what they consider as, “Internet censorship”. The group’s initial goal was to bring down anti-piracy sites, such as the recording and media companies who attempted to act against illegal file sharers. Also law firms threatening to bring those who illegally downloaded files to court were attacked. In the latest of their chain of cyber-protests, the Anonymous group proceeded to organizations who have shown to act against companies who had severed ties with Wikileaks. For instance, MasterCard was attacked since they refused to process donations to Wikileaks.

To conduct these attacks, members of Anonymous downloaded a piece of code which could be configured, or pre-configured, to DDoS a certain server. In effect, the individuals were knowingly engaging themselves in a “voluntary botnet”. However, at a certain stage botnet farmers began to donate their bots to their campaign in order to increase attack “horse-power”. In addition, the operators of the campaign started to camouflage a Javascript version of the attack tool behind appealing contents (such as porn) to lure users to unknowingly engage in the DDoS activity. The evolvement of the hacktivist’s DDoS attacks shows that hacktivists are starting to use the same tools that industrial hackers are using.