• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Google fined $314M for misusing idle Android users' data

 | 

A flaw in Catwatchful spyware exposed logins of +62,000 users

 | 

China-linked group Houken hit French organizations using zero-days

 | 

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Hacking
  • Security
  • They are Not What You Think They are … They are Hacktivists

They are Not What You Think They are … They are Hacktivists

Pierluigi Paganini May 06, 2012

Article Published on The Hacker New Magazine – May Edition “They are Not What You Think they Are … they are hacktivists”

During the last couple of years, we have witnessed the escalation of operations conducted by the Anonymous group, the collective of hackers that is expressing a social dissent through cyber attacks.

In modern society, the technology plays a crucial role, it represents a cultural vector and an element of aggregation, obviously, it could be used also to express dissent against the policies of governments and private companies.

Groups like Anonymous are the maximum expression of a phenomenon defined “Hacktivism” that refers the usage of computers and computer networks to express social protest or to promote political ideology. If you believe that this form of protest is recent you are wrong, the term was introduced for the first time in 1996 by a member of the popular group of hackers the Cult of the Dead Cow hacker named Omega. The hacktivists use to attack systems and architectures with legal and illegal tools as a form of protest. Denial-of-service attacks, data thefts, data breaches, website defacement, typosquatting are just some of the methods used by hacktivists during operations of digital sabotage. Forms of hacktivism are carried out in the belief that proper use of the technical tools will be able to produce similar results to those produced by regular activism or civil disobedience to promote political ideology.

The Anonymous collective is now the incarnation of the hacktivism concept that has monopolized the worldwide attention on the phenomenon. The group and its operations are at the center of a heated debate, public opinion and industry experts are divided between those who believe that a collective is a group of cyber criminals and those who take due account of the phenomenon, trying to understand the dynamics of its genesis and not neglecting the value added to their participation in social dialogue.

We must consider that Internet world is profoundly changing due the continuous acts of hacktivism, the related operations represent one of the major cyber threats. The attacks of these groups produce the same effects of those perpetrated by cyber criminals or governments while targeting strategic objectives, for these reasons the cyber protests must be taken into serious consideration in national cyber strategy.

According to the study “Data Breach Investigations Report”, published by Verizon, hacktivists stole almost twice as many records of ordinary cybercrime from organizations and government agencies.

The most significant change we saw in 2011 was the rise of “hacktivism” against larger organizations worldwide. An impressive number of attacks made by activists with a regular frequency has been observed during last year causing a great deal of effort responding to the cyber threat. Cyber activists use hacking techniques to perform their operations involving critical masses made of ordinary people. The most common form of attack is the Distributed Denial of Service (DDoS), which attempts to make a site or service unavailable to its users due to an enormous quantity of requests sent in a short period. Hacktivists are demonstrating increasing skills in their attacks and we expect increasing in the number of their operations with possible extensive damage.

In the past, Anonymous supporters have used a program called LOIC allowing them to join in an attack on a particular website, flooding it with unwanted traffic, the group has also released on the web instructions and videos on how to conduct this kind of operations. In terms of media, Anonymous group can be a lesson to many. However, the latest attack I believe represents an element of further development for the group, although it is always a DDoS type, the method used has profoundly changed in the conception.

The recruitment campaign for the attack has also exploited social media to engage the largest number of participants with devastating consequences for victims. Hence the web and social networks like Facebook and Twitter have been flooded with messages of affiliates to the group, a massive media campaign. Anonymous in this way has raised the bar, even a user without his knowledge, by simply visiting a web page without interaction it is possible to flood a victim with unwanted traffic.  The trick is possible simply hiding within the web pages a JavaScript that instructs the browser into visiting a specific phase (the target).

Hacktivism has made a quantum leap with this new method for two simple reasons:

  • The first is that the attack capability has increased dramatically.
  • The second, more subtle but formidable in my opinion, is that from a legal standpoint it is hardly attributable to each user a criminal liability. A user who participates in the attack, unlike what happened before with Loic, today could not always claim to be aware. This subtle aspect could work as a stimulus for a wide category of undecided people who share the ideology but that fear of legal implication.

The dispute between governments and groups of hacktivists such as Anonymous has an important social connotation. The fight for freedom of expression, the total aversion to any form of control and monitoring, reporting of abuse of power and blatant violations are the main arguments that invite to the action groups of hacktivist, however, there is a thin line between a cyber protest and an act of cyber crime. While many operations are limited to DDoS against few web sites in more than one occasion, the disclosure of information acquired through hacking systems have exposed sensitive data to public opinions with serious consequences.

It has happened last Christmas when Wikileaks has published with the support of Anonymous more than five millions of email from Texas-based global security think tank company Stratfor, one of the most important global intelligence firm.
WikiLeaks and Anonymous,  a strategic partnership between the major expression of hacktivism culture, two forces that together are able to frighten the world’s great, the new alliance against dirty affairs.  The hack of the Stratfor Global Intelligence service was made by the same collective Anonymous who leaked company data online, including the full client list of over 4000 individuals and corporations.

They gained access to a subscriber list stored on stratfor.com, and that list contained unencrypted credit card data of the customers. The published email demonstrate that Stratfor company was providing confidential intelligence services to several corporations, such as Lockheed Martin, and also to government agencies such as the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency. The exposed material shows how Government and diplomatic sources all around the world give Stratfor firm advance knowledge of the events and of the politic strategies, all in exchange for money.

A great spider of informants, government employees, embassy staff and journalists, recruited worldwide and paid through Swiss banks accounts and pre-paid credit cards. The mutual cooperation had already been manifested when the Anonymous group opposed to the actions tied against the founder of Wikileaks Julian Assange accused of publishing hundreds of Thousands of secret U.S. government cables beginning in December 2010. The US government applied as

The US government blocked the donations to the Wikileaks via PayPal, MasterCard, and Visa. To protest against the penalty, Anonymous arranged massive attacks against these financial institutions. Of course, the actions of groups of hacktivists represent a serious threat to private industry and the national security of each country. The hacktivism is considered within a cyber strategy a major cyber threats that can cripple with his attacks critical infrastructures, financial services and government agencies.

Groups of hacktivist are considered as uncontrollable variables in the cyber space capable of surprising us with striking operations worthy of the most skilled cyber army.

Are we able to mitigate the risks of exposure?

The cornerstone of the hacktivism is the recruitment of common people through social media to engage in protests, powerful machine that moves announcing its arrival and producing a loud noise. This undoubtedly provides two advantages:

  1. Knowledge of group policies.
  2. Ability to operate covert actions against strategic objectives by exploiting the group’s operations as a diversionary action.

Governments and law enforcement agencies understood the offensive potential of the group has accelerated the implementation of measures to control the main channels of communication adopted by hacktivist.

My thought is shared in many environments, and many experts are convinced that the phenomenon Anonymous must be analyzed from another perspective in some ways innovative.

Is it possible to use the Group and its function as a cyber weapon? How is it possible?

It is widely believed that it should be used to carry out intelligence operations aimed at infiltrating the system. The brand of groups like Anonymous could be used to involve a critical mass of people for their attacks, making impossible the attribution. In a hypothetical phase two does not makes sense to destroy it. Threat actors could be interested in influencing their actions, suggesting operations against strategic objectives for cyber operations or planning military operations behind a diversionary action conducted by groups like Anonymous.

A fake cell of hacktivists could recruit hackers and use them in operations against institutions and hostile governments. The group has always been driven by purely political motivation, and for this reason, imagining it for strategic planning of operations could destabilize an opponent government exaggerates the tone of the internal political debate. We know very wall the dangerous of a protest supported via PSYOPs operations.


Assumed the possibility of using groups like Anonymous, or rather its model of protest, as a cyber weapon who might be interested in its “recruitment,” what are related risks?

Obviously, the idea is very appealing to all governments that have to conceive cyber actions and that need guarantee a low media exposure.  How to approach the dangerous groups and with what risks?

Intelligence operations and study of the phenomenon are preparatory to the approach of groups of hacktivists. There is the concrete possibility to infiltrate groups of hacktivists and influence their strategy. The risks are related to the negotiation phase with unstable and mutable organizations that are not really known.

Gen. Keith Alexander, current director of the National Security Agency warned of the possibility that groups of hacktivists will have the ability in a short term to bring cyber attacks to the national power supplies causing a limited power outage in the US.
Power supplies are just one possible targets together with telecommunications systems, gas and oil storage and transportation, banking and finance, transportation, water supply systems and emergency services.  The profile of cyber assaults against US government and corporate targets is increasing manifesting high skill in the cyber strategy of the attacks. Gen. Alexander declared :

If forces like those of hacktivist have the technical capacities and critical mass such that they can influencing foreign policy, are we sure that among their goals there are critical infrastructures?

Why we want to consider Anonymous a criminal organization?

Mr. Richard Stiennon, Chief Research Analyst at IT-HARVEST, draws some distinctions in the definitions as well. A cybercriminal is generally motivated purely by profit. That is a different goal than cyber espionage, which seeks to access intellectual property for military or industrial strategic advantage, or cyberwar, which focuses on actually sabotaging infrastructure, disrupting critical systems, or inflicting physical damage on an enemy.

Do you recognize anonymous in one of these definitions? Does Anonymous want this?

In an official message to the Wall Street Journal Anonymous regarding the accusation has written

“Ridiculous! Why should Anonymous shut off power grid? Makes no sense! They just want to make you feel afraid.”

Is hacktivism only a threat or also a voice to listen?

Some forms of protest are for sure illegal but we must consider that they are the expression of dissent shared among large communities, they are the voice of masses.The main events of protest in the history were always characterized by elements of illegality due to their connotation of opposing the current governments. From a legislative perspective, we must distinguish hacktivist from a cyber criminal. There are countless methods of judgment about the actions of Anonymous and similar. We must consider the reasons on the genesis of these movements, otherwise, we will not have framed what I consider a historical phenomenon.

In terms of security, the group is without doubts a threat due to its capabilities and objectives it targets. I think that Anonymous is a voice to be taken into account. You cannot stop ideologies with the repression!

 

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Hacktivism) 


facebook linkedin twitter

Anonymous Cyber attacks DDoS hacker hacktivists Intelligence social networks Verizon Wikileaks

you might also like

Pierluigi Paganini July 09, 2025
Nippon Steel Solutions suffered a data breach following a zero-day attack
Read more
Pierluigi Paganini July 09, 2025
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    DoNot APT is expanding scope targeting European foreign ministries

    APT / July 10, 2025

    Nippon Steel Solutions suffered a data breach following a zero-day attack

    Data Breach / July 09, 2025

    Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

    Malware / July 09, 2025

    Hackers weaponize Shellter red teaming tool to spread infostealers

    Malware / July 09, 2025

    Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

    Security / July 08, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT