Hacktivism: Shades of Gray

Written by

Allow me to let you in on a little secret. More often than not, I see the world in black and white. Very rarely do I see shades of gray. I tend to categorize things into boxes according to right, wrong, love, hate, agree, disagree. I am very aware that this isn’t necessarily a good quality to have. I blame my mum.

When once in a blue moon, something or someone comes along that I struggle to instantly categorize, I take a back seat and say nothing. It is for this reason alone that, until now, I’ve avoided writing about hacktivism in my editorials.

Hacktivism is most certainly gray. What I’m going to try and do is pick out aspects that are black and white. Few information security professionals can even agree on what hacktivism is. Wikipedia says: “Hacktivism is the use of legal and/or illegal digital tools in pursuit of political ends.” Sounds about right. Legal – OK; illegal – not OK. So far, this is easy.

Wikipedia goes on: “These tools include website defacements, redirects, DDoS attacks, information theft, virtual sit-ins and virtual sabotage.” Again, this one isn’t too taxing. This sits firmly in the ‘wrong’ box.
On the very next line of the Wikipedia entry, a sea-change happens: “Hacktivism could be understood as the writing of code to promote political ideology: promoting expressive politics, free speech, human rights, and information ethics through software development.” As clearly as the former sentence belongs in the ‘wrong’ box, this sits happily in the ‘right’ category.

There are two ways to look at hacktivism. The first: as malicious, destructive acts that undermine the security of the internet as a technical, economic, and political platform. The fiercest proponents of this mindset construe the act as cyberterrorism.

In the other corner, we have those who believe hacktivism is electronic direct action that might work toward social change by combining programming skills with critical thinking.

In theory, hacktivism marries technology and programming with political protest – two of the important and wonderful characteristics of our generation. In reality, though, it’s rare that the fallout from such attacks is solely political, instead causing data loss and theft.

The year 2011 is renowned for being the year that hacktivists out-stole cybercriminals to take top honors according to the Verizon data breach report. Of the 174 million stolen records it tracked in 2011, 100 million were taken by hacktivist groups.

Suddenly, things are looking black and white again. Regardless of political motivation or intent, if there are victims of the attacks they perpetrate, then hacktivism has crossed the line. Not OK.

What I don’t understand about hacktivists, and perhaps the most telling thing of all, is how they choose to protest. Personally speaking, if I feel strongly enough about something to protest, then I’m willing to put my face and name to it.

Protest is a healthy, legal and important human right. Method of protest is often where things get messy. In the physical world, if the actions of political protest result in damage, theft, or injury, then this is not tolerated. When the same is true online, why are we more tolerant?

Perhaps it has something to do with the ability to make the protesters accountable? In the winter of 2010, up to 50,000 students took to the streets of London in opposition of increasing the cap on tuition fees. Protesters smashed windows and waved anarchist flags from the rooftops. Over the course of these protests, 135 people were arrested.

While I’m certainly not condoning violence in protest, what I do respect is this: Those 50,000 students felt strongly enough to embark on political protest, and were happy to do it openly on national TV.

The same cannot be said of Anonymous, LulzSec, or other hacktivist groups. Their mission is the same, the stakes are just as high, yet their identities remain masked and protected. Their commitment to their political protest is limited to what they can get away with – as a result, I would argue them to be ineffective agents of revolution or change.

As far as I know, the greatest, most respected political protests in history have been by activists who have been willing to put their neck on the line for what they believe in. I can’t imagine Emmeline Pankhurst protesting through anonymous mail – be it electronic or postal – nor can I imagine Martin Luther King hiding behind a pseudonym.
Protest over time will evolve – and technology will be used to aid protest. The issue is not with the electronic means of protest, but with accountability. As long as hacktivists continue to operate in a cloak-and-dagger fashion, their cause cannot be taken seriously.

So to return to my black and white philosophy, here is how I see hacktivism: Protest – Good; malice and crime – bad; activism – OK; anonymity – not OK. I guess I managed to cut out most of those shades of gray after all.

What’s hot on Infosecurity Magazine?