Hacktivism in the Cyberstreets
In early May an activist calling himself "Reverend Billy" called for thousands of computer owners to fire up their modems for an assault on Starbucks. From unseen corners of the globe, they'd converge on the company's Web site -- hoping to overload it.
Though the media portrays hackers as secretive, destructive intruders, some individuals and groups are openly committing online attacks in the name of furthering specific causes. It can be a symbolic massing on a Web page which, with enough participants, makes it inaccessible to others -- or more invasive "monkey-wrenching" to disable a site's equipment. Others just want to bypass government restrictions they see as unfair. But they're all trying to fuse their passions to their technology, using the power of the Internet to discover new forms of social protest.
In December a group called the Electrohippies (www.gn.apc.org/pmhp/ehippies) organized a "WTO virtual sit-in" that overloaded the machines keeping the World Trade Organization's Web pages on the Internet. The five U.K. activists estimate that over 452,000 people swamped the site. (During the action the group says participants sent them up to 900 e-mails each day.) Paul Mobbs, the group's co-founder and media liaison, says they accomplished their goal -- disrupting the World Trade Organization's online presence for four- to five-hour stretches -- and reduced that site's overall speed by half.
In April the group launched an even more ambitious series of events protesting genetically modified crops. If you had a computer equipped with a modem, you were already a potential co-activist in their radical action. A surprise "special action" began April Fool's Day with the media-friendly name "Resistance is Fertile." The Electrohippies called for an e-mail campaign from the 3rd to the 7th targeting 78 officials listed on the Hippies' Web site, including U.S. Department of Agriculture communications official Vic Powell -- to build public pressure against genetically modified foods. But the tactics remain so controversial that they called off their main event that had been scheduled for the next week -- "an email and client-side denial of service extravaganza" -- after an online vote for the action failed to muster a simple majority.
Symbolism vs. Damage
It's a new breed of activism -- wired and confrontational. Some question whether it's really a desirable form of protest, but the Electrohippies are hoping to defuse criticism by popularizing not just their tools, but a code of ethics. They publicized their intentions before the attack -- and also issued a lengthy paper on the philosophy of it. "These type of actions are directly analogous to the type of demonstrations that take place across the world," read "Occasional Paper No. 1." The group has always argued that the large numbers needed to have an impact mean a "democratic guarantee" is inherent in the technique. "One or two people do not make a valid demonstration," their Web site argues. "100,000 people do ... If there are not enough people supporting then the action it doesn't work."
They're seeking nothing less than a world where e-commerce is balanced by e-protest -- or at least, where cyberspace isn't immune from public pressure. Henry David Thoreau's "On the Duty of Civil Disobedience" is displayed prominently on the group's Web site -- surviving 152 years only to be taken up by Internet activists. But Mobbs acknowledges that much of the practical theory began with various U.S. groups like the Electronic Disturbance Theatre who were supporting the Zapatista National Liberation Army in 1998. Using tactics hardly more complicated than repeatedly hitting the button on a Web browser to reload a Web page, the group created a form of activism that was also part poetry. It was often, as one Web site described it, "a symbolic gesture created to increase awareness about the low intensity war in Chiapas, Mexico." Together four activists, calling themselves an internet performance art group, had created a Web interface that would access the page for Mexico's President Zedillo seeking bogus addresses, so the browser would return messages like "human_rights not found on this server." The project -- which they dubbed "FloodNet" (www.thing.net/~rdom/ecd/ZapTact.html) -- also filled the page's access log with the names of people killed by government troops. "In an artistic sense, this is a way of remembering and honoring those who gave their lives in defense of their freedom," Ricardo Dominguez wrote in an online remembrance. There were nine actions between April and December of 1998, adds Boston-based hactivist Carmin Karasic, culminating with a mass action on the Web site for the Mexican Stock Exchange.
But were the actions effective? Yes, Dominguez argued -- measured not by their technical effect on the targeted sites, but by the attention they brought to the Zapatistas. The Web site for their Electronic Disturbance Theatre points out that their activism tool -- which the group released in early 1999 to sow more online activism -- "emerged from and serves a community which genuinely requires the development of such attention weapons as a matter survival." Other online documents describe their actions as a show of presence that sends the Mexican government a message: "We are numerous, alert, and watching carefully."
The technique is now becoming more common. Attackers used a variation in February for overwhelming assaults on several high-profile sites including Yahoo and CNN, and in mid-March, a similar attack temporarily disabled the Web site for the FBI. But like the protests of the Electrohippies, Karasic argues that FloodNet's action only drew its validity from the number of people showing support. "It was only actualized through thousands and thousands of participants," she remembers. "It was meaningless without the masses." Popular support transforms a random act of vandalism into a show of presence, Karasic argues. "This is an important difference between the single hacker/hacktivist who takes down a server with a single script."
For hacktivists, damage is often less important than symbolism. Reverend Billy's early May action against the Starbucks site had almost no noticeable affect, according to some observers. "Whenever ... I, myself, went to visit starbucks.com -- I did not have any trouble accessing them," concedes Ricardo Dominguez, whose group supported the action. But that's almost beside the point. "The true goal of the action is to generate focus on the issue of [Starbucks] policy to take over neighborhoods with its loss leader branding." Announcements for the action even included information about Zapatista settlements in Mexico facing an ominous military presence. "The Zapatista communities now have as many military camps around as we have StarBucks in Manhattan," says Dominguez, who feels the action helped their effort "to spread to levels of information about our world under the signs of Neo-liberalism."
A Bad Idea?
The Electrohippies' Paul Mobbs agrees, cautioning that groups overloading e-commerce sites shouldn't be over-malicious. "If you want to be effective, it's more justifiable to disrupt a server for one day and make your point, rather than drag the action on for a few days and cause more generalized disruption."
The tactics aren't universally supported. "The Electrohippies are trying to rationalize Denial of Service attacks and violate the First Amendment privileges of their opponents," wrote a hacker named Oxblood Ruffin, in an essay which the Electrohippies agreed to display on their Web site (www.gn.apc.org/pmhp/ehippies/files/op1-cdc.htm). And the discussion continues elsewhere on the Internet. The Hacktivism mailing list (hacktivism.tao.ca) -- an e-mail discussion list started last summer to grapple with this combination of hacking and activism -- has carried debate about whether such attacks are nothing more than glorified censorship, with activists simply hampering the opposing side's right to speak. But there's not a clear consensus. "It depends on the target," one message countered during the list's first weeks last summer. "In many cases there is not a level playing field, especially when the opponent is a large corporation or government." Some even argue that this evolution may have been inevitable. "For us the idea of hackers as activists seemed obvious," says a spokesman for RTMark, an online collective distributing funds globally for anti-corporate activities. "Too many were becoming experts in defending corporate privacy rights rather than using their skills to fight those rights and others."
By the fall of 1998, Wired News reported that a group called X-Pilot had even re-written text on the Mexican government's Web site. Such incidents offer evidence that groups and individuals sometimes move beyond overloading the machines hosting Web pages. Attacks can be more technical -- more hack than activism -- raising again the issue of just how far an online protest should go.
Oxblood Ruffin -- whom some credit for coining the word "hacktivism" -- notes one Hong Kong group of hacktivists called the Hong Kong Blondes now number over 100 members, many with positions within China's communist party. Reached recently for a comment, he added that he now distinguishes between hacktivism and simple "[h]activism". "The former seeks to remedy the net of bad code, restriction, lack of access, etc.; the latter seeks to use the net as an agent for social justice on the ground through various protest actions, or as a publicity medium." He says the distinction is important for assessing groups online. "There is more [h]activism than hacktivism," he writes. "The Electrohippies are starting to get into electronic civil disobedience, although I very much disagree with their methodology." In contrast, he points out that his own group is currently working on a way to e-mail Chinese Internet users Web pages that are officially banned by their government.
Meanwhile, Hacker Web sites like 2600.com and AntiOnline preserve screenshots of dozens of Web sites that they've learned were compromised and re-written. Attackers sometimes leave only vain blustering with a pastiche of names -- a kind of online graffiti. But in other instances, there's an unmistakable message. Earlier in 1998 a hacker broke into the system of the Bhabha Atomic Research Centre in Bombay, India, changing their Web page into a protest of India's nuclear weapons tests, as well as stealing their e-mail. The Electronic Disturbance Theatre issued a statement of support for the hacker's actions, and despite the hands-on approach, even the leader of the Hong Kong Blondes applauded the action in an online interview conducted by Oxblood Ruffin. "I view the BARC intrusion as something positive," he told Ruffin, "because it will draw attention to the situation and cause more discussion about a serious issue."
A New Approach?
Maybe the new technology is just amplifying the impulses of the people who use it now. "The Acteal Massacre in December 1997 moved me to tears," remembers Carmin Karasic -- and her work on the Electronic Disturbance Theatre was the ultimate result. But her preparations for the demonstrations also harnessed the net in another way. While the guerilla army was using the Internet to deliver news of their struggle to an online audience, Karasic's own contingent was using the net to develop forms of support. "Our collaboration was 100 percent Internet linked," Karasic remembers -- "all e-mail exchanges." To this day, Karasic notes, "I think I'm still the only Electronic Disturbance Theatre member who has met all of us face-to-face."
Though it's hard to measure, it's possible that cyber-causes may also reach those with the same passions more quickly -- allowing political sentiments to be better focussed. Online networking has been cited as a factor in the large turnout for the WTO protests in Seattle. And though it's hard to quantify, the concept of hacktivism itself may be spreading, possibly even evolving. On the hacktivism mailing list, Bronc Buster announced he was working with human rights groups and hackers groups on a suite of applications, to be released at the hacker convention "DefCon" this summer. "It will show that hacktivism is a real way to use the net to blend activism and technology in a positive way," he argued, "while helping people at the same time." And elsewhere, an activist who goes by the name RE:no says he's developed a "Mail-O-Matic" for use in online actions -- "a mail washer, to send extracts from books explaining our state of mind."
Almost by definition, any pursuit of hacktivism will require a constantly-updated set of tools. (The Electronic Disturbance Theatre's Web site notes that the Department of Defense wrote a counter-program to try to thwart one of their actions.) "We must be inventive with each problem which we encounter," RE:no argues. But even when those tools lie dormant, their potential is felt. RE:no believes activists should keep them in reserve -- "as an armed peace tool" -- the way the Zapatistas remain armed "as a symbolic gesture of voice."
And the hacktivism continues. After funding FloodNet, RTMark moved on to other forms of online activism, creating a doppelganger to the official Web site for GATT and championing European art group eToy in their fight with toy retailer eToys. Pigdog.org called on network administrators to block Doubleclick ads from reaching their users. Last summer on the Hacktivism list, Ricardo Dominguez even announced new online actions in August of 1999 to commemorate the birthday of Emiliano Zapata. Whether or not hacktivists can stay in the code race, escalating tactics in response to counter-measures, remains to be seen. But their actions have at least raised that possibility -- along with thorny issues that accompany it. While it may be unclear whether online masses can make a lasting impact on social policy, there are individuals who believe it's possible and are working to find a way to make it happen -- which is, in itself, a kind of first step. As Thoreau himself once said -- "In the long run men hit only what they aim at."