Cyber Subversives

By root

By 
A range of factors can be attributed to the rise of hacktivism. Throughout history, economic and political dissatisfaction have always been cause for public dissent, but the increased prominence and dominance of the Internet has made online subversion one of the first ports of call for 21st century dissidents.
Hacktivist groups like Anonymous have made it their mission to exploit social media, taking aim at governments and organisations they perceive to be corrupt and dictatorial. Julian Assange’s WikiLeaks has also gained infamy by publishing a range of information about high-level wrongdoing on a range of culprits. In the Middle East, the Syrian Electronic Army is an organisation that is never far from IT-related headlines. The group frequently defaces the social media accounts of numerous high-profile American organisations, and has targeted Forbes, Microsoft and CNBC amongst others. Although the attacks may not be incredibly sophisticated or damaging, they grab widespread attention.
“Before the Internet, there was the power of street protests and demonstrations,” Jason Hart, Vice President, Cloud Solutions, SafeNet, says. “The rise of the Internet changed the rules of the game. The principle remains the same at its core, in terms of motivation, purpose and result. The evolution of technology marked the change in technique for those who want to change the world and the results are at least as dramatic.”
Nicolai Solling, Director of Technology Services, Help AG, also believes the ubiquity of IT services makes hacktivism the obvious choice for mayhem, “A prominent factor in the increasing scale of hacktivism is the growing significance of IT systems in everyday life,” he says. “Today, any large public or private sector organisation has an online presence and will certainly depend very heavily on a number of IT systems. Given that disruption to these services can cause an immediate and noticeable impact on the business, it is no wonder why hacktivism is such an effective tool.”
The typical hacktivist is not financially motivated. In that vein, their main goal is to influence opinion, and to negate the reputation of their target. The main way they can do this is to disrupt web services or by defacing sites. This service interruption and resultant bad press can always have a negative impact on a business, and against unscrupulous rulers, serves as a form of non-violent yet effective protest. Unlike hackers who are often financially motivated and whose ends are self-serving, hacktivists will always have a degree of support, as their actions are mostly politically or socially motivated. Their other principle means of attack is by extorting information, which can be used to blackmail their victims.
“One school of thought considers hacktivists to be cybercriminals that must be prosecuted, the other, despite being conscious of the threat they represent, maintains that they are a voice to listen to,” says Firosh Ummer, Managing Director, EMEA, Paladion Networks. “Their intent is never to hit civil people or critical infrastructures, so one of their most common attacks has been distributed denial of service, which has become sophisticated over time by using any visitor on a site as an attacker to send an enormous quantity of requests in a short period to disable a website or web service.”
Although hacktivists are not always associated with governments or powerful organisations, their beliefs often align with them. But is there a point at which the lines blur between noble hacktivism and illegal sabotage, or are the two one and the same? Can hacktivists be regarded as a modern-day Robin Hood, attacking the powerful to help the afflicted, or are their actions conducive to a culture of cybercrime?
Mohammed Amin Hasbini, Senior Security Researcher, Kaspersky Lab, believes there is a clear pocket of what is acceptable, “There’s only one type of hacking that can be defended: ethical hacking,” he says. “After an agreement with an organisation, an ethical hacker is hired to test the organisation services for weaknesses that could be abused by cyber criminals; the ethical hacker might be requested to exploit the vulnerabilities only if officially approved by the organisation, to find the range of a certain weakness.”
Mohamed Djenane, Security Specialist, ESET Middle East, thinks it is becoming increasingly difficult to distinguish between the two, “We are seeing hacktivism now blend with more serious cyber-terrorism as was the case with the Sony hack in 2014,” he says. “Here, beyond reputation loss, sensitive information was leaked which was then used for blackmail. When an organisation falls victim to a traditional hacker, the news of the data breach is not generally publicised as the hackers are driven by financial motives and would prefer not to draw attention to themselves.”
Although most civilian organisations do not run a great risk of being a victim of hacktivism, vigilance still pays, says Greg Day, Vice President and Chief Technology Officer, EMEA, FireEye. “As with all cyber-threats, each organisation needs to consider the probability and potential impact to themselves; their business risk analysis,” he says. “This should include analysis as to what their brand externally represents, who could see them as a target and why, then analysis of their own technology – the business dependancies on this and how well they would be able to detect and respond to such an incident.”