Tuesday, February 4, 2014

Threat Agent Profile: Hacktivists

Metac0m, in What is Hacktivism?, defines hacktivism as “the fusion of hacking and activism; politics and technology. More specifically, hacktivism is described as hacking for a political cause.”[1] In this context, hacking refers to the skilled and inventive application of computer systems to solve complex problems, while activism holds its standard definition of vigorous, direct advocacy of a cause.

According to Zone-H.org, a site that tracks website defacements and the associated methods and motives, since January 2008 – April 2010, political motives are the thrust behind 17% of all web site defacements.[2]

Ilmars Polkans, the ‘Robin Hood’ of Latvia
In late 2008 the economy of Latvia plummeted into a deep recession. In response, the Latvian government increased taxes and slashed spending through measures such as cutting the pay of teachers by half and reducing support of hospitals by 40%. The government also committed to equally cut the pay of officials of government and state-owned entities. In 2009, Ilmars Polkans, a citizen of Latvia, happened upon a feature in the web site of the State Revenue Service while filing his income taxes. The feature allowed him to gain access to over 7.4 million documents, including income statements and tax filing of public officials, government, and business employees. Studying the documents, Ilmars discovered that government officials and managers of ‘destitute’ state-owned companies hadn’t taken the pay cuts they promised to take along with those that were forced on the workers. Rather, the data showed bankers and police chiefs and other heads of state-owned companies continuing to bring down large salaries and bonuses.[3]

Outraged at the hypocrisy of the government, Ilmars published his findings online under the alias of ‘Neo’ and urged people to take action. He posted on Twitter, “Rise up and take the power back, it’s time that the fat cats had a heart attack, you know that their time is coming to an end.” In an online interview, Neo, claiming to part of a group, stated, “The purpose of the group is to unmask those who gutted the country”, and “We could show figures that structural reforms have been a bluff.”[4] The people of Latvia responded to Neo’s posts. The Latvian newspaper, Dienas Bizness, reported, “If we were to compile a list of Latvia’s most popular people over the last several weeks, the top spots would probably be taken by our country’s participants in the Olympic Games in Vancouver, as well as by the person known as Neo.”[5]

After being caught, Ilmars explained his motives during an interview with Baltic Reports. “I’m just a person who had courage to stand up and talk and point fingers to something which doesn’t seem to be right. It is hard to stand and say the first words, but after that, it becomes easy. So, I hope that there will be more and more people won’t keep silence and will stand up and say loudly about the wrong things that are going on in Latvia.”[6]

The Jester
One person’s 2010 New Year’s resolution was to actively disrupt sites he deemed to support “terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys.” Operating under the handle ‘The Jester’, he has consistently delivered on his resolution by launching Denial of Service attacks against sites he deems to fit within in his objective.

His first Tweet, under the account ‘th3j35t3r’, he announced,

Since that attack, he has launched numerous attacks against sites he deems to be terrorist-related. A few of these are shown below.

In September, The Jester began to turn his attention to Wikileaks after Wikileaks published the Afghan War Logs on their site.

The Jester launched Denial of Service attacks against Wikileaks in November 2010, after Wikileaks published U.S. State Department cable messages.

Wikileaks’ reply posted on to their Twitter account?

Other Hacktivists
In a case a decade earlier, three members of the hacker group Milw0rm protesting the Indian government’s nuclear weapons test program broke in to several servers of the India Atomic Research Centre and modified the organizations homepage and stole thousands of emails and related research documents.[7] That same year hackers compromised and disabled filtering on a half-dozen firewalls used by China to filter its people’s Internet traffic.[8]

1 http://www.thehacktivist.com/whatishacktivism.pdf
2 http://www.zone-h.org/news/id/4735
3 http://www.irishtimes.com/newspaper/world/2010/0308/1224265794239.html
4 http://news.smh.com.au/breaking-news-technology/group-claims-responsibility-for-giant-latvian-tax-hack-20100218-oe6v.html
5 http://www.irishtimes.com/newspaper/world/2010/0308/1224265794239.html
6 http://balticreports.com/?p=20264
7 http://www.wired.com/science/discoveries/news/1998/06/12717
8 http://www.wired.com/politics/law/news/1998/12/16545