Hacktivism is derived from “hack” and “activism,” it is an act of hacking that is described as a “combination of grassroots political protest with computer hacking [1]” through the “nonviolent use of illegal or legally ambiguous digital tools [to pursue] political ends [2].” There are many forms of hacktivism are used to access illegal information, steal money and create damage to businesses/ government. Hacktivism can often be anonymous, sometimes gratuitously so, and can operate with a kind of impunity that its technology seems to afford. Hacktivism is sometimes also claimed to serve interests that transcend those of particular states, that is, the interests of the global population generally. But this claim is implausible if hacktivism is not accountable to anyone. WikiLeaks released hundreds of thousands of U.S. military documents is a phenomenon example of hacktivism. A hacker is known as The Jester, launched a denial service (DoS) attack, which overwhelmed WikiLeaks server and ended up making more than 250,000 confidential U.S. military documents public. Besides, hacktivists also target some businesses either to gather their client’s information or make use of financial gain. Because hacktivists like to gain publicity and spread confidential data to express their views, they are very active in debate and protest. They questioned the right of free speech, privacy, and freedom from the Communications Decency Act in 1996. Forms of hacktivism are diverse which includes redirect, site defacement, DoS, DDoS.
There are many people who misunderstand the difference between hacking and hacktivism. As we mentioned above, even though hacktivism is the combination of “hack” and “activism,” the distinction between hacking and hacktivism is unclear. Hacking often refers to the hacker’s self-interest and it is normally described an innovative use of technology to solve a problem like defense the company’s confidential data or security information, whereas hacktivism’s aim is to support for society and politics. Hackers are most likely cybercriminals and their intentions include criminal and fraudulent aims. Government agencies have declared that cybercrime create expensive damage that can go up to trillion of dollars [3]. Hacking can also be motivated by political objectives in which cyber warfare, a use of technology to attack nation so what is the difference between hacking and hacktivism? Hacking in cyberwarfare can be used in the real battlefront, war, whereas hacktivism in cyberwarfare is most likely a form of sit-ins or other forms of nonviolent civil disobedience [4]. A cyberattack in hacking can damage significantly an economy, air traffic, water purification system of a nation [5]. Hacktivism focuses more on politics and protest. It is a way for the mass to stand up for their rights, so it is not destructive.
There are many forms of hacktivism that we mentioned above which are DoS, DDoS, Website Defacements, Site Redirect, Virtual Sits-Ins, and Information Theft [6]. DoS is more well known because of the WikiLeaks incident. A Denial-of-Service (DoS) is used to shut down a machine or network so users cannot access the website. It uses the method which slows down/ stop the traffic by flooding it with information until the target machine/ network crash. Even though DoS is more frequently used than DDos attack because of its low cost and ease to use, DDoS has more destructive consequences than DoS because it is harder to be monitored and also it is used for large-scale targets like commercial companies, and government agencies. For those reasons, DDoS started to be more commonly used.
The most popular form of hacktivism is Website Defacements. Instead of vandalizing the wall with graffiti, website defacement is a virtual version of it on the websites. It is an attack on a website that change the visual appearance of the website by breaking into the web server and alter the website with one of their own. Website defacement is not only capable of replace one website, it can thousands of sites [7]. Its intention is to send the audience the message, it does not damage the target website [8].
Site Redirect can be called a URL redirection attack that tricks the user to click a trusted website then redirects them to a malicious one. To do that trick, it has to access to the web server and then adjust the address setting to redirect traffic to their page by embedding URL in their website code. It often happens but not always that the redirected page is full of criticism of the original page because its purpose is to show new audiences, and supporters the opposing viewpoints of the original page.
The virtual sit-in is another form of hacktivism and according to Wikipedia [9], virtual sit-it is also a form of electronic civil disobedience where “sit-in” was from the civil rights movement in 1960s. During the virtual sit-in, thousands of activists perform distributed DoS attack to unauthorizedly access target website on computers or other devices simultaneously which ends up crashing the target website. The major difference between commanding network of the voluntary botnet and having each protestor to reload the web page. Some virtual sit-in requires a lot of manual work of repeating reload the target page; some make it available for protestors to download program which helps automatically reload the page.
Information theft is the final form of hacktivism which is used to achieve the private data of others by unauthorizedly access their computer/machine. Even though it is clearly illegal to steal others’ information, this form of hacktivism is well-accepted by hacktivists.
In conclusion, government in many nations try very hard to prohibit and limit the act of hacking. For many regimes, the freedom of expression is not protected and most likely to be ignored. For hacktivism as a form of protest, doctrines protective of freedom of expression could be used to protect a subset of hacktivism from the prohibition of hacking.
- Alexandra Whitney Samuel, Hacktivism and the Future of Political Participation, 2 (Sept. 2004) (unpublished Ph.D. dissertation, Harvard University), available at http://www.alexandrasamuel.com/dissertation/pdfs/Samuel-Hacktivism-entire.pdf; accord Robert Vamosi, How Hacktivism Affects Us All, PC WORLD (Sept. 6, 2011, 6:30 PM), http://www.pcworld.com/article/239594/how_hacktivism_affects_us_all.html.
- Samuel, supra note 19, at 6–7 tbl.1.
- See Will Knight, Hacking Will Cost World $1.6 Trillion This Year, ZDNet (U.K.) (July 11, 2000), http://www.zdnet.co.uk/news/security-management/2000/07/11/hacking-willcost-world-16-trillion-this-year-2080075/.
- Compare Mueller, supra note 43, with Samuel, supra note 25, at 6.
- See Mark G. Milone, Hacktivism: Securing the National Infrastructure, 58 Bus. Law. 383, 385 (2002).
- Hacktivism: A New Breed of Protest in a Networked World (2012)
- See Taylor Barnes, Booted from U.S.-Based Domain, WikiLeaks Site Finds Refuge with Swiss Pirate Party, Christian Sci. Monitor (Dec. 3, 2010), available at http://www.csmonitor. com/World/terrorism-security/2010/1203/Booted-from-US-based-domain-WikiLeaks-sitefinds-refuge-with-Swiss-Pirate-Party.
- Charalampos Patrikakis et al., Distributed Denial of Service Attacks, Internet Protocol J., Dec. 2004, at 13, available at http://www.cisco.com/web/about/ac123/ac147/ archived_issues/ipj_7-4/ipj_7-4.pdf.