Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

7/21/2020
05:30 PM
Connect Directly
Facebook
Twitter
LinkedIn
RSS
E-Mail
50%
50%

The State of Hacktivism in 2020

Activism via hacking might not be as noisy as it once was, but it hasn't been silenced yet.

Hacktivism is alive and well, if a bit weird, in 2020, says Gabriella Coleman, a cultural anthropologist specializing in hacker culture at McGill University.

At the end of June, Twitter banned the account of the hacker collective Distributed Denial of Secrets (DDoSecrets) and blocked links to "BlueLeaks," the group's data trove of 270 GB of data containing internal records from more than 200 police departments.

The hacktivist collective Anonymous also returned to prominence as its members took actions to support Black Lives Matter protesters, including getting legions of Korean pop music superfans to participate in social media disruptions. 

"BlueLeaks shows that there's still a lot of interest in activist hacking," Coleman says. "In the context of the English-speaking world, DDoSecrets is the hinge between the Wikileaks and Anonymous era and the contemporary movement. They created a platform to keep leaking alive. If it wasn't for them it would be much dimmer. It's still dim because it's such a high-risk behavior."

High-Risk Behavior
While the days of high-risk technical hacks dominating headlines may be gone, the Twitter hijack and BlueLeaks show there are still hackers looking to access secure data — and their reasons remain varied.

One thing that might temper planned hacktivist actions could be "the hammer of the state" in the form of aggressive law enforcement, says Coleman, author of "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous."

DDoSecrets has said they're prepared for the US government to come after them, but Coleman isn't so sure. "The question is whether BlueLeaks will be stamped out in the next few months. But the blocking and censorship makes them more visible," she says.

Organizing groups to participate in social media actions is not prevented under the Computer Fraud and Abuse Act (CFAA), the broad antihacking law that has been amended several times but not dramatically changed since it was passed in 1986. But more technical hacks of networks remain illegal, and prosecutors still have broad leeway in pursuing computer crimes, seven years after the prosecution and subsequent suicide of Internet hacktivist Aaron Swartz under the CFAA. 

Despite the threat of jail time in US federal prison, hacktivists are more willing than ever to risk their freedom for their causes, says Ken Pfeil, a longtime security expert and chief security architect at Tech Democracy, who is moderating an online panel on hacktivism on July 24

"The [Washington Redskins] renaming would've been a ripe target for hacktivism had team sponsors not threatened to take their name off the stadium if the team didn't change [its name]," he says. (The NFL football team decided this month to change its nickname after ignoring 50 years of criticisms that the name was a derogatory term for Native Americans.) However, there are more tools available to hacktivists today than simply taking down or defacing websites, says Pfeil.

"People who don't have the money to influence a company will take other steps. If a hacktivist can take over someone's Twitter account and tie it to Facebook or LinkedIn, the believability takes off from there," he says. "From a disinformation perspective, you can spread severe reputational damage."

Activism as a Disguise?
A report by The New York Times suggests that last week's Twitter breach was perpetrated by a trio of seemingly unconnected individuals, not a group of like-minded hacktivists or a nation-state actor.

However, the attackers wrapped their scam in words chosen to pull at their victims' sense of deserving more, if not justice. The attackers compromised 130 Twitter accounts — including verified users Joe Biden, Barack Obama, Bill Gates, Elon Musk, Kanye West, and others — and sent phony tweets.

"I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled," said one of the scam's tweets. "Due to Covid-19, we are giving back over $10,000,000 in Bitcoin! All payments sent to our address below will be sent back doubled," said another.

The scam netted over $100,000 in Bitcoin. But whether the hackers had a goal in mind aside from making money remains an unanswered question. 

Related Content:

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Seth is editor-in-chief and founder of The Parallax, an online cybersecurity and privacy news magazine. He has worked in online journalism since 1999, including eight years at CNET News, where he led coverage of security, privacy, and Google. Based in San Francisco, he also ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/22/2020 | 10:33:58 AM
White Hat to Black Hat
Good article. I feel that Hacktivists walk a very thin line. Their intentions may be altruistic but their impact could cause monumental downstream detriment. 

It's like the saying goes, "The road to hell is paved with good intentions."
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12777
PUBLISHED: 2020-08-10
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
CVE-2020-12778
PUBLISHED: 2020-08-10
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
CVE-2020-12779
PUBLISHED: 2020-08-10
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
CVE-2020-12780
PUBLISHED: 2020-08-10
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
CVE-2020-12781
PUBLISHED: 2020-08-10
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.