S2 Grupo: Empresa Española Especializada en Ciberseguridad

|
en arrow down
© 2024 S2 Grupo
Current events

Hacktivism: what is it and what are its motivations?

25 Sep 2024

Hacktivism is emerging as one of the trends shaping today's digital world. A basic definition allows us to understand hacktivism as a new form of activism, taken to the digital world.

However, as we will see, the nuances and consequences of this type of activity are highly complex due to the technological and global environment in which they are framed.

Although the first cases of hacktivism can be traced back to the 90s, the war in Ukraine marks a before and after in this type of actions. Moreover, from the intelligence team of S2 Grupo, we have already warned how DDoS cyber-attacks linked to hacktivism increased exponentially since that moment, with Spain as a particularly vulnerable point due to its support to Ukraine.

Hacktivism and cybercrime come together to create an increasingly hostile digital context, but what exactly is hacktivism, what motivates it, and what mechanisms of action does it set in motion? We tell you.

What is hacktivism?

Hacktivism is any type of cyberattack perpetrated for political, social, or ideological reasons.

Thus, hacktivism and cybercrime use technologies to generate disruptions in communication systems through various types of attack. However, in the specific case of hacktivism, there is a clear motivation to support a specific political or ideological agenda. This differentiates it from other types of cyberattacks, where the main motivation is financial, although economic motivations can also play a role in hacktivist activities.

However, there are many nuances surrounding this definition, and a wide variety of interpretations of what hacktivism entails, both in its motivations and in its modes of action and targets. While some actions may be considered mere challenges or have a minor disruptive component, others may challenge large corporations or national interests and result in serious legal consequences for their perpetrators.

The term hacktivism was coined in an article by Jason Sack in 1995. In turn, Julian Assange traced the first instance of what is considered hacktivism to 1989: an attack in which the systems of NASA and the U.S. Department of Energy were compromised by the WANK worm to protest nuclear power.

How hacktivist groups operate

In general, hacktivism seeks to cause disruption, often by targeting the operations of specific organizations. The modus operandi can vary greatly within this general goal.

Denial-of-service attacks (DoS and DDoS) and website disruption are among the most prominent actions in hacktivism. To execute these attacks, hacktivists look for cybersecurity vulnerabilities in websites, networks, and systems.

Hacktivism also often involves the exposure of information and data leaks. Within this category, there are at least two important variants:

  • Doxing: exposing personal information about a specific person or group for the purpose of harassment. This information can be obtained in a variety of ways, from phishing attacks to gathering information that is publicly available.

  • Leaks: publication of confidential, private, or sensitive information, either by insiders or external sources.

Most prominent groups

Máscara Guy Fawkes vinculada a Anonymous

  • Anonymous is perhaps the best-known hacktivist group globally, often represented by the iconic Guy Fawkes mask. Known for lacking a formal structure, its attacks occur independently rather than cohesively. In general, Anonymous has shown interest in protesting against censorship or defending privacy on the Internet.

  • WikiLeaks is another globally impactful hacktivist entity. Dedicated to exposing confidential information, WikiLeaks seeks transparency and accountability from companies and governments alike. One of its most notable actions was in 2016 with Cablegate, which involved the release of U.S. diplomatic cables and documents on the War in Afghanistan and Iraq.

  • LulzSec, originally linked to Anonymous, was particularly active in 2011, although some users considered its “disciples” remain active today. This group brought a new angle to hacktivism, often motivated by challenging systems to expose cybersecurity flaws for entertainment or satire. They successfully targeted organizations such as Fox.com, Sony, and the CIA.

  • Chaos Computer Group, founded in Germany in 1981, is one of the oldest and most active hacktivist groups in Europe, known for its work on computer security, privacy, and transparency.

Hacktivism linked to conflicts

The Russian-Ukrainian conflict illustrates how hacktivism has moved war into the digital realm. Some examples include:

  • Attacks by hacktivist groups and individuals against Russian targets, including military and government entities.

  • Cyberattacks by pro-Russian groups such as Xaknet, Killnet, and others against entities perceived as sympathetic to Ukraine.

Anonymous operations

Anonymous' decentralized nature has made it central to many notable hacktivist incidents:

  • In the Arab Spring, Anonymous is believed to have conducted cyberattacks on government entities in Tunisia, Egypt, and Syria through DDoS attacks. They also facilitated alternative telecommunications during outages.

  • Their focus on the Church of Scientology included doxxing and DDoS attacks targeting the organization's resources.

WikiLeaks

WikiLeaks is behind some of the most infamous hacktivism incidents, mainly focused on U.S. domestic and foreign policy. Notable leaks include confidential U.S. military documents about the Iraq and Afghanistan wars, and emails from the 2016 U.S. Democratic Party campaign.

Main causes and motivations of hacktivism

The motivations of hacktivists are deeply rooted in their personal convictions, often targeting entities they perceive as opposing their values. Political convictions and ideologies vary widely, which opens the door to a broad range of activities.

In some cases, hacktivist actions have a specific political goal, such as advocating for freedom of expression or exposing government or corporate corruption. Other actions may reflect more general anti-system sentiments.

Additionally, some hacktivist groups focus specifically on digital issues, such as anti-spam activism, vulnerability reporting, and promoting privacy on the Internet, aligning with their views on freedom and transparency in technology.

Protection against hacktivism

The phenomenon of hacktivism is highly complex and can involve a variety of fronts, meaning that all Internet users may be affected.

Government institutions, corporations, non-profit organizations, and individuals alike must recognize the depth and impact of these threats. Government agencies, for instance, are often targeted with the aim of compromising national security or public administration. For corporations, hacktivism can focus on exposing practices considered unethical, such as privacy issues, corruption, or environmental harm.

To mitigate the risks, organizations across sectors, especially those handling sensitive information or with high visibility, should implement a robust cybersecurity strategy. This approach should foster a genuine cybersecurity culture and include technical measures for threat detection, encryption, and incident response plans.

In this context, S2 Grupo offers cybersecurity solutions that provide comprehensive protection against threats, including those linked to hacktivism.

Contact us to learn how we can help you mitigate digital risks.

Related Articles
Show all →
Current events
S2 Grupo opens new headquarters in Rotterdam
Read more →
Current events
Five cyber dangers of using company email to register on Tinder
Read more →
Current events
Cybersecurity regulations: which ones must your company comply with?
Read more →

Follow us in our newsletter

Subscribe through your email to stay up to date