4 signs 'hacktivism' has gone mainstream
The loose-knit group Anonymous and other so-called hacktivists with underground origins have entered mainstream political culture, buoyed by a year of successes and increasing availability of technologies that have made it easier to participate in online activism campaigns.
So far this year, Anonymous and groups linked to the collective recently launched cyberattacks on the Swedish government, hacked into a conference phone call between the FBI and Britain's Scotland Yard, and broken into several law enforcement agencies around the world.
Meanwhile, even Facebook CEO Mark Zuckerberg has felt the sting, after 14 private photos of him were downloaded from the social networking site in December and posted on the photo-sharing site Imgur to expose a flaw in Facebook's security settings.
But the groups have also recently directed their online campaigns against hate groups and child pornography websites, suggesting its ranks believe the internet freedom they are fighting to protect must not be abused.
The latest actions come on the heels of an online protest campaign in January against two U.S. anti-piracy bills — known as SOPA and PIPA — that forced lawmakers in Washington to back down.
Earlier this month, Anonymous leaked the names of dozens of alleged white supremacists in Canada that were unearthed by hackers in Europe intent on exposing hate movements.
Here are a few reasons 2012 could be the year of the hacktivist.
1. They've had a good 2011. From Arab Spring protesters using hidden networks designed by hacktivists to the Occupy movement and U.S. lawmakers hitting the brakes on proposed anti-piracy laws, digital activism was at the forefront of many of last year's major stories — and has reaped the benefit of the attention.
"If things keep going like they did in 2011, then it's going to get ramped up," said Dwayne Winseck, a professor at Carleton University's school of journalism and communications.
The year began with hacktivists targeting the websites of Paypal, MasterCard and Visa, in retaliation for the companies limiting or stopping processing donations to WikiLeaks following the release of thousands of U.S. diplomatic cables in November 2010.
The sites were disabled mostly using what is known as a distributed denial of service, or DDoS, attack, which overwhelms a website's traffic by programming large numbers of computers to simultaneously attempt to access it.
DDoS attacks have been used as a protest tactic since the 1990s, but "no one has been paying attention until now," said Molly Sauter, a researcher at the Center for Civic Media at the Massachusetts Institute of Technology,
"Since all protests are primarily about getting attention, this has been a year of success," Sauter told CBC News. "I certainly don’t think it's going to stop because people have realized this is a very effective way of attracting attention to their cause."
2. They're more selective in their targets. While hackers continue to attack government and law-enforcement websites, they don't appear to be as random as their predecessors in the 1990s.
Today's hacktivists are largely motivated by opposition to laws and proposed laws that curb the freedom of internet users, or organizations whose actions they deem antithetical to internet freedom.
"Their triggers are not always predictable but do tend to revolve around issues of internet freedom," Sauter said.
The term "hacktivist" itself brings up controversy in certain circles, with the older guard dismissing the work of groups like Anonymous as not worthy of the moniker because they aren't creating as much new technology, she said.
"People who are in the old-school hacker culture tend to be really strictly defensive about the use of that term because it represents to them a significant part of their identity — and they don’t want that identity to shift," she said.
Anonymous has been highly successful at outing purveyors of online control technologies created in North America and deployed to countries like Libya or Syria, where authorities used them to suppress internet access and content, or log people’s online communications and use it against them.
"They’re not taking a shotgun approach," Winseck said of the group. "These people need to be seen as highly credible on a couple of levels, including their technical understanding of how the internet works, and also the selectivity of causes they turn into a cause célèbre."
3. They self-police. And like any culture, hacktivist circles hold various moral norms, and members can be sanctioned for running afoul of the group's collective decision-making process, according to Winseck.
"The idea is that the collective wisdom at the end of the day carries the day, but there is always the chance someone could go rogue," he said. "But if they go rogue, then they're going to have a hard time maintaining their membership."
Sometimes, hacktivists' cyber-missions extend to how the tools they themselves have built are being used. In October, Anonymous said it temporarily took down more than 40 child pornography sites on a hidden network and posted a list of more than 1,500 of the sites' usernames online.
The sites were located on a hidden "darknet" called Tor network, which was originally designed for and used by activists in countries with authoritarian governments, such as China and Iran.
While Winseck said he's supportive of the "pushback" against lawmakers and companies in the WikiLeaks and copyright bill cases, he was uncomfortable with vigilante-style hacktivists directly taking down child pornography and hate speech sites.
"There are lots of problems here when you start to work outside the bounds of law, whether you’re the state or Anonymous," he said. "To the extent that it’s a reveal and disclose, I'm a little less troubled. But it's still in murky territory."4. They could change the law. Several people in the United States and Britain were arrested and charged in relation to the WikiLeaks-related DDoS attacks on PayPal and the credit card companies, which could lead to a court challenge of computer laws that many observers, including Sauter, view as overly restrictive.
Sauter noted that demonstrators arrested at a protest in the United States such as the Occupy movement's events are rarely charged or prosecuted, but a politically motivated DDoS attack is deemed a felony on par with the same attack for the purposes of extortion.
Sauter blamed the broad language in the Computer Fraud and Abuse Act, which she said has led to prosecutors "overreaching" in DDoS protest cases.
"You are seeing prosecution of acts of digital activism that are being prosecuted as computer crimes, not as acts of political speech, which is chilling and, in my opinion, incredibly misguided," she said.
Germany has already recognized in its court system that DDoS attacks can be a form of valid political protest, she said.
"We haven’t seen this type of jurisprudence in this country yet," she said. "I have a certain amount of hope that it will happen, but I'm not holding my breath."