Hacktivism is alive and well, if a bit weird, in 2020, says Gabriella Coleman, a cultural anthropologist specializing in hacker culture at McGill University.
At the end of June, Twitter banned the account of the hacker collective Distributed Denial of Secrets (DDoSecrets) and blocked links to "BlueLeaks," the group's data trove of 270 GB of data containing internal records from more than 200 police departments.
The hacktivist collective Anonymous also returned to prominence as its members took actions to support Black Lives Matter protesters, including getting legions of Korean pop music superfans to participate in social media disruptions.
"BlueLeaks shows that there's still a lot of interest in activist hacking," Coleman says. "In the context of the English-speaking world, DDoSecrets is the hinge between the Wikileaks and Anonymous era and the contemporary movement. They created a platform to keep leaking alive. If it wasn't for them it would be much dimmer. It's still dim because it's such a high-risk behavior."
While the days of high-risk technical hacks dominating headlines may be gone, the Twitter hijack and BlueLeaks show there are still hackers looking to access secure data — and their reasons remain varied.
One thing that might temper planned hacktivist actions could be "the hammer of the state" in the form of aggressive law enforcement, says Coleman, author of "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous."
DDoSecrets has said they're prepared for the US government to come after them, but Coleman isn't so sure. "The question is whether BlueLeaks will be stamped out in the next few months. But the blocking and censorship makes them more visible," she says.
Organizing groups to participate in social media actions is not prevented under the Computer Fraud and Abuse Act (CFAA), the broad antihacking law that has been amended several times but not dramatically changed since it was passed in 1986. But more technical hacks of networks remain illegal, and prosecutors still have broad leeway in pursuing computer crimes, seven years after the prosecution and subsequent suicide of Internet hacktivist Aaron Swartz under the CFAA.
Despite the threat of jail time in US federal prison, hacktivists are more willing than ever to risk their freedom for their causes, says Ken Pfeil, a longtime security expert and chief security architect at Tech Democracy, who is moderating an online panel on hacktivism on July 24.
"The [Washington Redskins] renaming would've been a ripe target for hacktivism had team sponsors not threatened to take their name off the stadium if the team didn't change [its name]," he says. (The NFL football team decided this month to change its nickname after ignoring 50 years of criticisms that the name was a derogatory term for Native Americans.) However, there are more tools available to hacktivists today than simply taking down or defacing websites, says Pfeil.
"People who don't have the money to influence a company will take other steps. If a hacktivist can take over someone's Twitter account and tie it to Facebook or LinkedIn, the believability takes off from there," he says. "From a disinformation perspective, you can spread severe reputational damage."
Activism as a Disguise?
A report by The New York Times suggests that last week's Twitter breach was perpetrated by a trio of seemingly unconnected individuals, not a group of like-minded hacktivists or a nation-state actor.
However, the attackers wrapped their scam in words chosen to pull at their victims' sense of deserving more, if not justice. The attackers compromised 130 Twitter accounts — including verified users Joe Biden, Barack Obama, Bill Gates, Elon Musk, Kanye West, and others — and sent phony tweets.
"I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled," said one of the scam's tweets. "Due to Covid-19, we are giving back over $10,000,000 in Bitcoin! All payments sent to our address below will be sent back doubled," said another.
The scam netted over $100,000 in Bitcoin. But whether the hackers had a goal in mind aside from making money remains an unanswered question.
Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.