A decade since ‘the year of the hacktivist’, online protests look set to returnVasileios Karagiannopoulos, University of Portsmouth
Many of us vaguely remember the word “hacktivism” from a decade ago. This was a time before serious ransomware attacks dominated current cybersecurity concerns, when certain hacking techniques were being used to send political messages to governmental and corporate entities.
Hacktivism has since retreated as a form of protest, in part due to the prosecution of prominent hacktivists, sometimes with what appear to be disproportionately severe sentences. But with the ongoing pandemic restricting physical protests globally, and new bills being drawn up to curb offline protest, it looks as if hacktivism may be set for a return.
My research into hacktivism and cybercrime helps place hacktivism in its historical context – from which we can understand how, where and why hackers may soon resort once again to digital protest across the world.
Hacktivism may have reached its peak a decade ago, but it’s been a feature of online activism since the early popularisation of the internet. Major hacktivist groups, such as the Electronic Disturbance Theater, the Electrohippies and Hacktivismo, were already active in the late 1990s. At the time, they supported the Zapatista movement in Mexico, protested global wealth inequality and flagged security issues in popular software.
Even traditional activist groups – such as Greenpeace and the German anti-racist collective Kein Mensch ist illegal – were known to use hacktivist protest tactics long before its rise to global prominence.
In fact, Kein Mensch ist illegal led a “collective blockade” of Lufthansa’s website in 2001 to protest the airline’s cooperation with the German government’s deportation policies. A Frankfurt Appeals court would eventually rule that this hacktivist activity amounted to freedom of expression – not criminal activity – but this legal precedent was not followed by courts elsewhere.
Hacktivism began attracting global attention when Anonymous – a loose collective of hackers, politicised internet users, trolls and pranksters – decided to focus on political issues. The collective targeted the Church of Scientology for censoring online content in 2008, and mobilised to protect whistleblower websites such as WikiLeaks in 2010, among various other actions with national and international implications. The activities of Anonymous would eventually lead major cybersecurity companies to characterise 2011 as the “year of the hacktivist”.
Soon, hacktivist groups were springing up across the world. Anonymous itself sported many national branches, and these groups contributed to common political struggles at the same time as weighing in during local uprisings. For instance, Anonymous took down dozens of the Egyptian government’s websites in 2012 during the Arab Spring protests.
This explosion in hacktivist activity did not go unpunished, despite the hacktivist claim that online protest is as valid as offline protest. Some hacktivists were found to violate cybercrime laws, such as the UK’s Computer Misuse Act 1990, and various protesters were prosecuted and convicted in the UK and the US.
Perhaps the most high-profile prosecution was that of the American internet wonder-kid Aaron Swartz, who’d bypassed university cybersecurity safeguards in an attempt to download and make public an entire database of academic papers. Swartz died by suicide in the lead up to his trial, bringing US cybercrime laws and their aggressive enforcement into question.
Nevertheless, cybercrime laws have only intensified in the years since, forcing hacktivists into a retreat. But their tactics remain effective and, given that the pandemic has restricted our capability to conduct physical protests worldwide, hacktivism could soon be redeployed as an alternative way of expressing dissent in the post-COVID era.
Traditionally, hacktivists have tried to mimic offline forms of protest and civil disobedience, but in the online space. They’ve used website defacements, often called “internet graffiti”, to scrawl political messages on targeted websites. And denial of service (DoS) attacks, which are designed to overwhelm a website with traffic in order to make it crash, are also common. Hacktivists often call these virtual sit-ins.
In contrast to internet graffiti, which can be facilitated by a single skilled hacker, virtual sit-ins require mass participation. That makes these protests far more democratically legitimate and impactful – as well as sharing the criminal liability among the virtual protesters.
I’ve highlighted the positive aspects of these tactics in my research, praising how they bring citizen dissent into the online environment while globalising important political causes. But virtual sit-ins also have financial implications for the attacked organisations and systems. Meanwhile, some commentators have criticised hacktivism as a form of empty “slacktivism” which they say isn’t comparable to the political conscientiousness and resolution of street protests.
Although hacktivism in principle is all about promoting socially beneficial causes while minimising harms, it can also become muddled with a less justifiable vigilantist rationale. For example, Anonymous members have in the past exposed the personal details of individuals such as police officers, which puts them and their families at risk. Meanwhile, the hacktivist group Lulzsec has been known to target big organisations for the sake of the challenge, rather than for a political purpose. Finally, nationalist hacktivists have historically been involved in cross-border hacker wars which has, in some cases, escalated into real-world violence.
Irrespective of these criticisms, one can’t help but think that in the new post-pandemic era, with all of us spending much more time online, these political tactics could become popular again across the political spectrum. In fact, there have already been activities that indicate hacktivism may be becoming a side-tactic for groups such as Extinction Rebellion, which has been reconsidering its future tactics in light of restrictions and preemptive arrests.
Hacktivism never went away entirely. Anonymous did in fact reemerge during the summer 2020 Black Lives Matter protests, targeting police forces’ websites with hacks. But we’re still in a transitional period, with organised hacktivist efforts far less common than they were a decade ago.
Yet the stage seems set for a third wave of hacktivism. New protest movements are gradually gaining traction with the public, and hacktivist activity could make for a popular alternative to in-person civil disobedience in a period when many of us are still concerned about COVID-19 transmission.
As environmental and anti-discrimination movements grow internationally, and their underlying goals unite citizens on a global scale, it’ll be fascinating to see whether hacktivist tactics can seriously contribute to galvanising change in an increasingly politicised world.