Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

7/21/2020
05:30 PM
Connect Directly
Facebook
Twitter
LinkedIn
RSS
E-Mail
50%
50%

The State of Hacktivism in 2020

Activism via hacking might not be as noisy as it once was, but it hasn't been silenced yet.

Hacktivism is alive and well, if a bit weird, in 2020, says Gabriella Coleman, a cultural anthropologist specializing in hacker culture at McGill University.

At the end of June, Twitter banned the account of the Distributed Denial of Secrets (DDoSecrets), a group that leaks documents online, and blocked links to "BlueLeaks," DDoSecrets' data trove of 270 GB of data containing internal records from more than 200 police departments.

The hacktivist collective Anonymous also returned to prominence as its members took actions to support Black Lives Matter protesters, including getting legions of Korean pop music superfans to participate in social media disruptions. 

"BlueLeaks shows that there's still a lot of interest in activist hacking," Coleman says. "In the context of the English-speaking world, DDoSecrets is the hinge between the Wikileaks and Anonymous era and the contemporary movement. They created a platform to keep leaking alive. If it wasn't for them it would be much dimmer. It's still dim because it's such a high-risk behavior."

High-Risk Behavior
While the days of high-risk technical hacks dominating headlines may be gone, the Twitter hijack and BlueLeaks show there are still hackers looking to access secure data — and their reasons remain varied.

One thing that might temper planned hacktivist actions could be "the hammer of the state" in the form of aggressive law enforcement, says Coleman, author of "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous."

DDoSecrets has said they're prepared for the US government to come after them, but Coleman isn't so sure. "The question is whether BlueLeaks will be stamped out in the next few months. But the blocking and censorship makes them more visible," she says.

Organizing groups to participate in social media actions is not prevented under the Computer Fraud and Abuse Act (CFAA), the broad antihacking law that has been amended several times but not dramatically changed since it was passed in 1986. But more technical hacks of networks remain illegal, and prosecutors still have broad leeway in pursuing computer crimes, seven years after the prosecution and subsequent suicide of Internet hacktivist Aaron Swartz under the CFAA. 

Despite the threat of jail time in US federal prison, hacktivists are more willing than ever to risk their freedom for their causes, says Ken Pfeil, a longtime security expert and chief security architect at Tech Democracy, who is moderating an online panel on hacktivism on July 24

"The [Washington Redskins] renaming would've been a ripe target for hacktivism had team sponsors not threatened to take their name off the stadium if the team didn't change [its name]," he says. (The NFL football team decided this month to change its nickname after ignoring 50 years of criticisms that the name was a derogatory term for Native Americans.) However, there are more tools available to hacktivists today than simply taking down or defacing websites, says Pfeil.

"People who don't have the money to influence a company will take other steps. If a hacktivist can take over someone's Twitter account and tie it to Facebook or LinkedIn, the believability takes off from there," he says. "From a disinformation perspective, you can spread severe reputational damage."

Activism as a Disguise?
A report by The New York Times suggests that last week's Twitter breach was perpetrated by a trio of seemingly unconnected individuals, not a group of like-minded hacktivists or a nation-state actor.

However, the attackers wrapped their scam in words chosen to pull at their victims' sense of deserving more, if not justice. The attackers compromised 130 Twitter accounts — including verified users Joe Biden, Barack Obama, Bill Gates, Elon Musk, Kanye West, and others — and sent phony tweets.

"I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled," said one of the scam's tweets. "Due to Covid-19, we are giving back over $10,000,000 in Bitcoin! All payments sent to our address below will be sent back doubled," said another.

The scam netted over $100,000 in Bitcoin. But whether the hackers had a goal in mind aside from making money remains an unanswered question. 

Related Content:

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Seth is editor-in-chief and founder of The Parallax, an online cybersecurity and privacy news magazine. He has worked in online journalism since 1999, including eight years at CNET News, where he led coverage of security, privacy, and Google. Based in San Francisco, he also ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/22/2020 | 10:33:58 AM
White Hat to Black Hat
Good article. I feel that Hacktivists walk a very thin line. Their intentions may be altruistic but their impact could cause monumental downstream detriment. 

It's like the saying goes, "The road to hell is paved with good intentions."
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.