WikiLeaks and Julian Assange have been much in the news lately, but hacktivism -- the nontraditional use of computing technology to advance political causes -- has been around for a long time. Here we offer a primer on 10 of the most significant hacktivist actions of all time.
1. Electronic Disturbance Theater
In 1998, Electronic Disturbance Theater (EDT) developed and utilized a tool called Floodnet to target the Pentagon, the White House, the School of the Americas, the office of Mexico’s president, the Mexican Stock Exchange and the Frankfurt Stock Exchange, all in support of the Zapatista guerrilla movement in Mexico. Floodnet, which has subsequently been released as part of EDT’s “Disturbance Developer Kit,” allowed users to participate in a sit-in attack on these sites by a simple click on an icon on EDT's Web site. The Floodnet software then directed the participating computers to continually attack the target Web sites. It has been estimated that 10,000 people accessed Floodnet in this two-day action resulting in targeted servers being hit at a rate of 600,000 hits per minute.
2. The Internet Black Tigers (Sri Lanka)
An offshoot of the Liberation Tigers of Tamil, the Black Tigers showed that slick tools like Floodnet weren’t necessary to carry out a denial of service attack. The Tigers, protesting the Sri Lankan government, organized email bombings (flooding servers with email) that attacked the Sri Lankan consulates in Seoul and Ottowa, taking them offline. The message flooding the servers was also quite simple: "We are the Internet Black Tigers and we’re doing this to disrupt your communications."
3. Hong Kong Blondes
The Hong Kong Blondes was an underground network of Chinese students spread across at least three continents. It was started by Blondie Wong, who had reportedly witnessed his father being stoned to death during the 1966-'76 Cultural Revolution. Primarily protesting censorship and the violations of human rights that occurred in China, the group launched cyberattacks against the "Great Wall" -- a series of firewalls put in place to block access to Western Internet sites. With members operating inside and outside of China, the group claimed to have found significant security holes within Chinese government computer networks and claimed to have defaced government Web sites, torn down firewalls and even disabled Chinese communication satellites. They worked to forewarn political dissidents of imminent arrests.
4. WANK Worm
According to Julian Assange, the WANK worm is the first instance of hacktivism. On Oct. 16, 1989, during the Cold War when nuclear war was an immediate possibility, hackers hit the NASA computers with the WANK Worm. Two days prior to the launch of the plutonium-fueled Galileo space probe from the Kennedy Space Station, NASA employees logged on to see a humorous yet frightening welcome screen: "Your computer has been officially WANKed. You talk of times of peace for all, and then prepare for war," and "Remember, even if you win the rat race, you're still a rat." The machines of the U.S. Department of Energy and NASA worldwide had been penetrated by the anti-nuclear WANK (WORMS AGAINST NUCLEAR KILLERS) worm.
Once inside NASA’s system, the WANK worm began to travel through the network of interconnected computers, crawling through any holes in the security system. While the worm attack did not stop the shuttle launch, the recovery from the attack did require a massive expenditure of money and effort. Because the worm avoided attacking the computers in Australia and New Zealand and the worm source code showed specific instructions to avoid infecting machines in New Zealand, it is suspected that the attack originated from Australia. Some have credited the Melbourne-based hackers, Electron and Phoenix.
5. Net-strike Attack Devised by the Strano Network
On December 21, 1995, a group called Strano Network conducted what is recognized as the first Internet sit-in. The action targeted the Web sites of various French government agencies to protest French nuclear and social policies. A web sit-in occurs when the attackers generate a sufficient volume of traffic to a Web site, preventing any legitimate traffic from accessing the site. In this case participants from all over the world were instructed to point their browsers toward designated sites and constantly reload the pages. Because of the excessive traffic, the targeted Web sites were made unavailable.
6. UrBaN Ka0s
On June 30th, 1997, the Portuguese hacking group UrBaN Ka0s hacked and defaced the site of the Department of Foreign Affairs of Republic of Indonesia and 25 other military and government sites as part of the global protest against the Indonesian government. The goal was to support and bring attention to the people of Timor, who had been oppressed and violated for decades by the Indonesian government. It is by most accounts the first large-scale hacktivist action.
7. Toy Wars
In 1999 an online toy retailer called eToys filed suit against a group of European artists for their use of the web address etoy.com – despite the fact that the artists had been using that Web site for two years before eToys.com came into existence. Depressingly, but not surprisingly, the court sided with the corporation, granting an injunction against etoy on Nov. 29 of that year. What eToys didn’t count on was a group of hacktivists, incensed by the injustice of the court decision, launching an internet sit-in against eToys.com from Dec. 15-25, effectively clogging the Web site during the Christmas shopping season. What was interesting about the sit-in was that it was structured as an online game in which the goal of players was the devaluation of eToys stock. And indeed, eToy’s stock began to fall immediately after the campaign started, and the company went out of business within a short period of time. Some commentators consider the sit-in to be a significant contributing factor to the corporation’s collapse.
8. The World’s Fantabulous Defacers
In November 2000, one of the most prolific hacktivist goups of all time emerged and operated for about two years, defacing, by some estimates, more than 400 Web sites during its operation. Called the World’s Fantabulous Defacers, its modus operandi was to deface institutional Web sites by inserting flash videos and audio files that highlighted human rights violations against Muslim populations (the goal being to raise “global awareness” – which presumably explains why the defacements were in English). Alexandra Samuel, then a PhD student, interviewed two of the principle actors of WFD (M0r0n and nightman), and learned that they had a fairly large portfolio of causes in the Muslim world:
We have defaced FOR many issues, if you look at our defacements it says “FREE KASHMIR, PALESTINE, LIFT THE SANCTIONS ON IRAQ, FREE CHECHNIA.” So you see we are FOR all those people suffering in the world against atrocities!
The WFD appeared to be based in Pakistan (that is certainly consistent with their targets), and they ranged from an interuniversity library network in India to the Web site of the Newspaper Association of America, a Chinese computer company, and a commercial Web site advertising the “Midwest Source for Hip-Hop Info and Gear.” The group itself took its most important defacements to be of the Bollywood Stock Exchange and Cricketbulls.com (a site that trades imaginary shares in leading Indian cricket players). The group supposedly ceased to be active in 2002, and there is some speculation that it was absorbed into some of the larger Muslim hacktivist groups that continue to exist today.
9. PROJECT CHANOLOGY
Project Chanology (also called Operation Chanology) was a protest movement against the practices of the Church of Scientology by Anonymous, a loosely unorganized Internet-based group that emerged from the 4chan message boards. The project was started as a “mental warfare” response to the Church of Scientology's attempts to prevent the online sharing of a video interview with actor/Scientologist Tom Cruise.
The project was publicly launched with a video posted to YouTube, "Message to Scientology," on January 21, 2008. The project's goals were to "take down all Scientology Web sites as an immediate act of retaliatory censorship, counteract Scientology's attempts to suppress the videos (and other cult materials) by constantly reposting them, and publicize the cult's well-documented history of employing suppressive and violent tactics to mask its illegal or immoral activities." The initial cyber attack, which came in the form of a distributed denial of service attack, was followed by black faxes, prank calls, and other activities intended to disrupt the Church of Scientology's operations.
10. Operation Payback Is a Bitch
Anonymous has been back in action in recent weeks, with the launch of Operation Payback Is a Bitch. Operation Payback started because the RIAA (Recording Industry Association of America) and MPAA (Motion Picture Association of America) have been hiring law firms and programming companies to take down Torrent sites (peer-to-peer computer networks used to share movies and music and other digital media). The stated goal of Operation Payback is to put an end to what Anonymous perceives to be lobbyist-driven infringements of personal freedom online. To counter these actions, Anonymous has launched an elaborate cyberwar campaign against the entertainment companies and the firms that were hired to hunt down and sue the alleged infringers. In recent weeks, Anonymous has launched DDoS attacks against the Web sites of RIAA, Aiplex, and ACS:Law, as well as Gallant MacMillan and its client the Ministry of Sound. All these sites have been taken down for several hours.
The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, ACS:Law exposed the backup of their confidential files containing confidential information. The emails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by Internet Service Providers (including Sky, BT and Plusnet) in their hunt for alleged infringers appeared on the Web site, unencrypted. This in turn exposed the crass and humiliating tactics the company used to extract money from alleged infringers through out-of-court settlements. The leaked documents also revealed that only one-fifth of the money collected from damages paid was given to the rights holders, meaning the law firm kept 80 percent of the money before paying ISPs and IP tracking companies.
Over the past two decades hacktivism has expanded its set of methods and also has been successfully used to target all centers of power, ranging from governments and corporations, to religious institutions and well-funded lobbying groups. As a consequence, hacktivist methods and tools are now used fluently by tens of thousands of people around the world. Current government obsession with WikiLeaks is pointless; the jinni is out of the bottle.