View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 30, 2021updated 11 Oct 2021 3:35pm

The return of the hacktivists

Nearly a decade after Anonymous was crushed by arrests and stiff sentences, politically motivated hackers are back. Will the new wave of hacktivists suffer the same fate?

By Greg Noone

Epik was the ‘Swiss Bank’ of domain registration services, according to its founder Rob Monster. Privacy was an organising principle, he said. Unlike other domain providers, Epik would afford its users a safe haven to freely express themselves on the websites they registered with the company without intervention. This was the responsible thing to do, according to Monster (his real name), amid a “continuing, coordinated and perhaps accelerating theme of censorship” afflicting the domain registration ecosystem.

But all this was a smokescreen, critics argued. The only safe haven Epik provided was for the alt-right, they said, servicing domains from which extremists could freely spout racial hatred and coordinate vicious trolling campaigns.

The scale of the alt-right’s presence on Epik’s domains was revealed earlier this month after Anonymous-affiliated hackers breached its servers and published over 220GB of user data in two tranches. The leaks contained not only the domains belonging to alt-right figures, but their real names, credit card numbers, home addresses, and Epik email chains discussing FBI subpoenas against customers (“DO NOT TELL the registrant,” read one.)

Epik’s fate is especially sweet for Aubrey Cottle, a security researcher and a founding member of Anonymous. While subsequent analysis has shown that much of the exposed data was mundane and unrelated to Epik, the leak has nonetheless been described as a ‘Rosetta stone’ for researchers eager to understand the internal machinations of the far-right. For Cottle – who prefers to be known by his hacker nom de guerre, ‘Kirtaner’ – it’s the first step in dismantling what he calls the “sources of hate” that have afflicted the web over the past decade (he declines to give details about those involved in the hack.) “The last handful of years have been pretty rough as far as the far-right [goes],” he says. “There’s a major pushback, as people are getting sick and tired of it.”

The Epik hack is just the latest manifestation of a new wave of so-called ‘hacktivism’ that’s not only targeting the alt-right. From the breach at video security start-up Verdaka, in which hackers took control of 150,000 cameras in hospitals, police stations and schools, to the ongoing campaign against the dictatorial Lukashenko regime by the Belarus Cyber Partisans and similar efforts among pro-democracy groups in Myanmar, activists are once again using hacking as a form of protest.

This level of hacktivism has not been seen since the glory days of Anonymous and Wikileaks, when hacktivists around the world lent their services to the Arab Spring, undermined the Church of Scientology’s online presence and leaked thousands of US diplomatic cables and war logs.

Kirtaner himself is a thread of continuity between that time and now. Having lain low for several years after a series of arrests ended Anonymous’s first era, the security researcher revealed his role in its creation last year before embarking on his own campaign against conspiracist movement Q-Anon. Aside from his disgust at the movement’s role in inspiring mass shootings and other crimes, Kirtaner is also motivated by a sense of personal regret at the line that can be traced from Anonymous’ early trolling phase to Gamergate, alt-right extremism and the rise of Donald Trump.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

“That is a very long and complicated story,” he says. “By virtue of the butterfly effect, I’ve always felt a ream of responsibility, personal responsibility, for the state of the current world. And I felt I needed to do something about it, if only to [put] my own soul at ease.”

Kirtaner aside, the current wave of hacktivism is propelled by a new generation, politicised by the rise of the alt-right and the Black Lives Matter movement. But while the political environment may have changed, the legal context has not. The cybersecurity laws that enabled the crackdown on Anonymous and enabled those arrests remain in place, and it remains to be seen if the current generation will avoid the same fate.


Anonymous, the best-known group of hacktivists, has re-emerged as hacking as a form of protest reaches new levels of intensity around the globe. (Photo by Ollie Millington/Getty Images)

Old methods for a new generation of hacktivists

Hacktivism comes in many forms. However, “in the strict sense” of the term, says Dr Vasileios Karagiannopoulos of the University of Portsmouth, “hacktivism is using hacking itself…to create simulations of expressive events.”

One is the ‘virtual sit-in.’ Early digital activist groups, like the Electronic Disturbance Theatre and the Electro Hippies, would enlist thousands of supporters to simultaneously press the ‘refresh’ button on a targeted website and make it crash under the volume of resulting information requests. These crude Distributed Denial of Service attacks became exponentially more effective when groups like Anonymous began harnessing botnets. “You could end up having bastardised versions of these virtual sit-ins,” says Karagiannopoulos, where public participation was either low or non-existent.

Other methods include web defacements, where hackers cover web pages with digital graffiti or redirect users to other sites espousing their chosen cause. Arguably the most effective method, however, is doxing. By hacking into a website or company, exfiltrating the private data inside and publishing it – either themselves or via a third party media organisation – hacktivists can generate negative publicity about their targets for weeks, as journalists and academics pick apart the dataset for juicy revelations.

These methods have all been used to great effect by the current wave of hacktivist groups. What has changed, though, is the generational make-up. “There are definitely a lot of new people,” says open source intelligence analyst and hacktivist Libby Shaw. After finding spyware on her computer after chartering buses for protestors at the Women’s March in 2016, Shaw was drawn to the space partly out of outrage at the rise of the alt-right, and partly out of curiosity. Newer recruits are similarly motivated, angered by last year’s Black Lives Matter protests and the Capital Riots.

The pandemic has also played a part, says Dr Luca Follis of Lancaster University. Lockdown, after all, afforded plenty of would-be hacktivists the time to consult “widely available tutorials on how to hack, and to download exploit tools.” For Professor Gabriella Coleman, however, the role of Covid-19 in guiding people away from public demonstrations to online protests has been exaggerated. “If you look at the period of time when there was the most intense lockdowns, there was the least amount of hacktivist activity,” argues the Harvard professor and the author of a history of Anonymous. “By the time you had the social media hacking with Anonymous and K-Pop in the summer of 2020, the lockdowns were mostly over.”

Regardless of the causes, this new era of hacktivism is likely to persist. “We are in a moment of significant crisis, whether you talk about the crisis in criminal justice, crises in terms of the environment, or fiscal crises brought on by the pandemic,” says Follis. “There’s a lot to be angry about.”

Hacktivism’s new context

Nevertheless, the landscape in which hacktivists can express their anger has changed. For one thing, there’s arguably a greater appreciation of the ethics of hacktivism, namely the possibility that the leaking of entire datasets inadvertently exposes the personal details of innocent people – or even endanger their lives. The provenance of leaks has also come under greater scrutiny since the publication of the DNC’s internal emails in 2016. Published by Wikileaks, the data had actually come as the result of a hack by the Russian state, contributing to the hacktivist’s reputation as Moscow’s ‘useful idiot.’

As a result, “we’ve seen a sort of distancing,” says Follis, in the dealings of mainstream media with collectives of hacktivists. Major newspapers now facilitate whistleblowing through the use of encrypted dropboxes, while new organisations like Distributed Denial of Secrets have emerged that deal directly with hacktivists and leaked data. The media’s coverage in hacktivist activities, meanwhile, remains undiminished – and increasingly positive. Kirtaner says the Epik hack was, “as far as I’m aware, the first time in the history of the collective that the mainstream media response to it [is that it is] universally lauded, and shown respect”.

Hacktivism is nevertheless still illegal. Punishments for hacking in the US – even in the name of political protest – remain severe, and extend beyond prison sentences. The extradition process is also part of the punishment, with some hackers spending months or even years in legal limbo. “Think of someone like Julian Assange,” says Follis. “Now he’s in this extradition process, and he’s sitting in prison and basically going through this multi-year process. But at no point has he actually been convicted of anything.”

The reason why hackers are treated so harshly, says Karagiannopoulos, is to deter others. It probably has the opposite effect, he argues. While it may discourage the average member of the public, “you push the more hardcore protestors into more radical, more underground activities, which could potentially have more harmful effects for the organisations that are being targeted.”

Those hackers who were caught at the crest of the last wave are still trying to find their way back into society after lengthy prison sentences, explains Shaw, her voice beginning to catch. “There isn’t really any path to forgiveness for people who were busted,” she says.

There’s no systemic change that has tended to come from these things.
Libby Shaw, Internet Hope Machine

Despite the visibility of hacktivists such as Anonymous, they have few political victories to point to. “There’s no systemic change that has tended to come from these things,” says Shaw. “People get really excited, a lot of stuff happens, a couple of things change,” but nothing happens.

This is because hacktivists lack spaces in which to share knowledge on fomenting change, Shaw believes. “There’s been no sustainability,” she explains. Shaw hopes to fix this with the Internet Hope Machine, a non-profit that seeks to provide the next generation of activists with the training necessary to mount their own online protest campaigns and fight the spread of disinformation, short of teaching people how to hack.

It comes at a pivotal moment in the movement’s history, she says, when so many new people angered by social injustice have been “floating around on the internet until someone finds them”. The Internet Hope Machine will give them a home, Shaw says. “I want it to be a safe space, almost like a co-op,” she explains. “A resource-sharing space, where people are going to be able to come and not get stuck in a bunch of useless internet drama, or sent down rabbit holes, or weaponised against other people.”


The resurgence in hacktivism in the US is attributed, in part, to bubbling discontent among left-leaning activists at longstanding racial and economic disparities in the country. (Photo by Kerem Yucel / AFP)

The future of hacktivism

What does the future hold for hacktivism? For his part, Kirtaner hopes that groups of hacktivists, including Anonymous, will continue to undermine the alt-right in all its forms. Even so, the movement as a whole cannot be described as a left-wing project. The existence of groups of various nationalist hacking collectives across Eastern Europe and Asia, as well as those defending animal rights, paint a picture of a movement that defies easy ideological categorisation.

So far, however, public attention in this latest wave has largely been fixed on hacktivism against the alt-right. They may eventually be joined by the environmentalist movement. “During Covid, there was a lot of discussion as to whether Extinction Rebellion should implement hacktivist tactics,” says Karagiannopoulos.

How soon this will happen remains to be seen. Coleman, who has spent time interviewing both Anonymous members and those in the environmentalist movement, says that while the latter can have a predisposition toward sabotage, it lacks the close-knit community necessary to mount hacktivists operations. “The hardcore hacker who's also a hardcore environmentalist? There's not many of them,” she says.

Any that do choose to step into hacktivism would face the same harsh legal environment faced by their contemporaries in Anonymous. There are signs, however, that state attitudes toward such operations are beginning to soften. In Germany, for example, a group that protested the deportation of illegal immigrants by Lufthansa by organising a virtual sit-in were acquitted of coercion. Even so, says Karagiannopoulos, “the law in Germany is very specific [and] we haven’t seen this legal precedent being formed in other jurisdictions.”

In the meantime, hacktivists of all stripes continue to face harsh legal penalties for their actions. As far as his own activities go, Kirtaner isn’t worried. “It’s a risk everyone takes,” he says. “But there’s a quote that I think of: ‘If not you, who? If not now, when?”

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.