Ethics Discussion : Address ALL questions listed below (5 pts.) (Minimum of 200

Question

Ethics Discussion: Address ALL questions listed below (5 pts.)

(Minimum of 200 words, which is approx. ½ page. In MS Word, to count the number of words, highlight your typed paragraph and look on the very bottom of the document – status bar lists number of words.)

Search the Web and find an example of hacktivist activity that has occurred within the past six months (Cite your source(s). Summarize the activity. Do you agree with the hacktivists’ motives? Do you agree with the methods the hacktivists used? What are the ethical considerations of hacktivist activities? Should hacktivists be held criminally responsible for their activities?

Explanation / Answer

In Internet activism, hacktivism or hactivism (a portmanteau of hack and activism) is the subversive use of computers and computer networks to promote a political agenda or a social change. With roots in hacker culture and hacker ethics, its ends are often related to the free speech, human rights, or freedom of information movements.

The term was coined in 1994 by a Cult of the Dead Cow (cDc) member known as "Omega" in an e-mail to the group. Due to the variety of meanings of its root words, hacktivism is sometimes ambiguous and there exists significant disagreement over the kinds of activities and purposes it encompasses. Some definitions include acts of cyberterrorism while others simply reaffirm the use of technological hacking to effect social change.

Hacktivist activities span many political ideals and issues. Freenet, a peer-to-peer platform for censorship-resistant communication, is a prime example of translating political thought (anybody should be able to speak freely) into code. Hacking as a form of activism can be carried out though a network of activists, such as Anonymous and Wikileaks, or through a singular activist, working in collaboration toward a common goals without an overarching authority figure.

"Hacktivism" is a controversial term with several meanings. The word was coined to characterize electronic direct action as working toward social change by combining programming skills with critical thinking. But just as hack can sometimes mean cyber crime, hacktivism can be used to mean activism that is malicious, destructive, and undermining the security of the Internet as a technical, economic, and political platform.

Depending on who is using the term, hacktivism can be a politically motivated technology hack, a constructive form of anarchic civil disobedience, or an undefined anti-systemic gesture. It can signal anticapitalist or political protest; it can denote anti-spam activists, security experts, or open source advocates.

The term “hacktivism,” derived by combining hack and activism, refers to the use of computers and any other IT system and network to debate and sustain a political issue, promote free speech, and support human rights. Hacktivism is mainly interpreted by society as the transposition of the protest and the civil disobedience into cyberspace. Hacktivism is the use of technology to express dissent, but it also represents a dangerous threat that has already crated extensive damage to the IT community with cyber attacks. On the security perspective there are two schools of thought: One considers hacktivists cybercriminals to be prosecuted, the other, despite being conscious of the menace they represent, maintains that they are anyway a voice to listen to.

This post will analyze the origin of the phenomenon, its evolution and incidence in the current social texture, and hacktivism’s concrete impacts on society, internet users’ habits, business security, and governments’ policies.

The term was coined in 1996 by Omega, a member of the popular group of hackers known as Cult of the Dead Cow. Through the years the word “hacktivism” has been used in profoundly different contexts; it has been adopted to describe cybercrimes or the misuse of technology hacking with the specific intent of causing social changes or simply to identify sabotage for political means. Politically motivated cyber attacks were recorded as early as 1989. The main motivations for the hacks were nuclear disarmament, government responses to local political disorders, and court decisions. During recent years, groups of hacktivists such as Anonymous have reached an enormous popularity all over the world and they have been involved some of most clamorous attacks against institutions, organizations, and governments.

Analyzing the 2012 Cyber Attacks Statistics, it easy to recognize hacktivism as one of the primary motivations behind the discovered attacks and the trend has not changed since the first part of 2013, in which the number of offensives attributed to hacktivists increased.

Groups like Anonymous are exploiting the power of modern technology for social protest and to promote political ideology. The behavior was observed for the first time in 1996 by a member of the famous group of hackers, the Cult of the Dead Cow, named Omega.

Trying to frame a wide range of currents of thought with a single term is a limiting approach; in fact, each group is characterized by different ways of hacking, different motivations, and different means used.

Groups of hacktivists are responsible for denial-of-service attacks, information theft, data breaches, web site defacement, typosquatting, and many other acts of digital sabotage. They act in the conviction that through the use of the technical tools it is possible to produce similar results to those produced by regular activism or civil disobedience to promote political ideology.

The availability of the Internet and the numerous social media have enhanced the diffusion the voice of hacktivism on a large scale. From recruiting to organizing the attacks, all is arranged online and the number of followers is virtually unlimited. A hacktivist is hidden in every one: Everyone has his or her personal perception of reality and everyone could feel the need to join in this new form of dissent. Another factor that has increased the consolidation of hacktivist movements is the deep economic crisis that has characterized the last decade.

The discontent with a global policy subservient to the interests of a few classes has fueled the growth of small groups of “web dissidents,” which has given rise to movements that have changed history. Hacktivism must be examined also in the social context in which is growth, because it is an ideology and the ideology cannot be suppressed with arrest or persecution.

Analyzing the groups of hacktivist from the security point of view, it is inconceivable that their action represents a danger for the collectivity exactly as any other cybercrime.

The attacks conducted by groups of hacktivists always seem to be more structured. They have gone from defacing of non-upgraded sites to complex hacks. The offensives have produced the same effects as those perpetrated by cyber criminals or by state-sponsored hackers and the IT security community is aware that any form of cyber protest must be taken into serious consideration.

Be aware that in the past we read about security experts that equated group of hacktivists to cyber terrorists. In my opinion, this is not exact, because they never hack with the intent to hit civil people or to cause serious damage to the collectivity. Hacktivists have never hit critical infrastructures; their “modus operandi” is totally different from others and any reckless classification is harmful and misleading for those who really wish to understand the phenomenon.

The year 2010 is considered by researchers the year of consecration for hacktivism because groups of hacktivists linked to the Anonymous collective conducted an impressive number of attacks with growing frequency during the entire year.

The type of attack most diffused was the distributed denial of service (DDoS) attack; millions of followers of the hacktivists movement joined the offensive using free available tools. With this tactic, the hacktivists attempt to make a website or a web service unavailable to its users due an enormous quantity of requests sent in a short period.

But DDoS tools weren’t the only weapon in the arsenal of hacktivists: Malware and phishing campaigns were conducted to gather precious information on the targets. The objectives were multiple, the disclosure of sensitive information as in the Stratfor case and the information gathering on targets of the attack. In many cases, hacktivists used hacking techniques to perform their operations involving critical masses made by ordinary people.

In the past, Anonymous supporters have used a popular program named LOIC, easily found on the Internet, that allows users to flood victims with unwanted traffic. To increase the volume of the attacks the group of hacktivists released instructions and videos on how to participate in a DDoS attack on the web.

Anonymous also improved that DDoS attack methods by deploying on the network website for massive recruiting. Users simply visiting a web page of those sites and, without any other interaction, have started to flood a target. The collective made it possible by simply hiding in the “malicious” web pages a JavaScript interpreted by the user’s browser; the unique defense against it is to disable JavaScript in the browser.

The method was considered for two reasons:

Increase of volume of the attacks.
From a legal standpoint it is hardly attributable to each user a criminal liability. A user who participated in the attack, unlike what happened before with tools like Loic, could deny any responsibility by maintaining unaware lack of awareness of participation in the offensive. This subtle aspect could be the stimulus for a wide category of undecided who share the subject of the protest but that since that moment was scared by the possibility of committing an illegal act by participating in operations.
Anonymous

Undoubtedly the Anonymous collective is considered the incarnation of the hacktivism philosophy. The group and its operations are at the center of a heated debate. Public opinion and industry experts are divided between those who believe the collective is a group of cyber criminals to suppress and those who take due account of the phenomenon while trying to understand the real motivations behind its campaigns.

Anonymous first announced themselves to the world in 2008 with a video published on YouTube in which the collective declared war on the church of Scientology. Anonymous successfully moved the protest from cyberspace to the street, over 10,000 people assembled in major cities across the globe wearing Guy Fawkes masks manifested against the religious group. It was just the beginning.

In 2010 numerous Indians hired the Aiplex Software firm to launch massive DDoS attacks against websites that did not respond to software takedown notices against piracy. Hacktivists protested, promoting Operation Payback in September 2010. The original target was Aiplex Software but, upon finding some hours before the planned DDoS that other attackers had already taken down the company’s website, the hacktivists launched the attacks against numerous organizations for protection of copyright and law firms.

But one of the most popular offensives of the collective occurred On April 2, 2011, when Anonymous attached Sony in a campaign named #opsony, part of Operation Payback. The hacktivists took down the PlayStation Network and PlayStation Websites. The PlayStation Network subsequently was down for a long period.

In December 2010, the website WikiLeaks was accused by US authorities for the publication of secret United States diplomatic cables. Anonymous, supporting WikiLeaks, focused its Operation Avenge Assange against Amazon, the Swiss bank PostFinance, PayPal, MasterCard, and Visa due their anti-WikiLeaks conduct. Both MasterCard’s and Visa’s websites were brought down on December 8.

During 2011 and 2012, an extraordinary number of attacks were recorded. The group of hacktivist was very active in 2011, in particular during the Arab Spring when it conducted numerous offensives against the governments of Tunisia and Egypt.

The most clamorous attack during 2011 was on HBGary Federal in response to the announcement by its chief security executive of the security, Aaron Barr, that he had had the Anonymous group successfully infiltrated. In retaliation, members of the collective hacked the HBGary Federal website, accessed the company’s e-mail, dumping the content of 68,000 messages, erasing files, and taking down their phone system.

During 2012, the group of hacktivists focused its attention on policies of governments around the world, let’s remember the #opJapan to protest against amendments to the copyright laws in Japan, #opChina to manifest dissent against Chinese censorship, and also #opRussia, #opIsrael, and #opNorthKorea against the respective governments of those countries.

2013 started with a series of attacks just after the Aaron Swartz suicide and in the successive months the U.S., North Korea, and Israel governments were hit by numerous attacks without sensational repercussions. Just in the last few months, the FBI claimed to have neutralized Anonymous thanks to a long series of arrests that hit principal cells of the collective, such as LulzSec, Antisec, and SABU. One of the FBI officials declared:

“All of these guys were major players in the Anonymous movement, and a lot of people looked to them just because of what they did … The movement is still there, and they’re still yacking on Twitter and posting things, but you don’t hear about these guys coming forward with those large breaches,” he said. “It’s just not happening, and that’s because of the dismantlement of the largest players.”

The FBI considers these arrests a “huge deterrent effect,” according to Austin P. Berglas, the assistant special agent in charge of the bureau’s cyber division in New York.

Hacktivism and Policy

Today the contrast between governments and groups of hacktivists has reached the proportions of a cyber war; continuous offensives menace governments’ infrastructures and sensitive data. To respond to the cyber threats, many states are spending a considerable effort on the tracking and the infiltration of groups like Anonymous.

The fight for freedom of expression, the defense of human rights, the total aversion to any form of surveillance and control, and the reporting of abuse by regimes are the main arguments that incite groups of hacktivists to action; however, the boundary between interpreting an operation as a simple act of protest or as a cybercrime is thin.

While most operations are limited to DDoS attacks against a few websites, often the disclosure of information obtained by hacking target systems has exposed sensitive data to the public with serious consequences.

Hacktivism surprised the IT security community, creating serious damage to both the private and public sectors. It was a great error to underestimate its cyber capabilities and the media impact of groups of hacktivists. Emerging collectives are considered as uncontrollable variables in cyberspace, able to undermine the delicate balance.

The strength of hacktivism is its capability to recruit large masses for its operation sharing through the democratic instruments of the Internet and social networks. Groups like Anonymous are able to involve new forces for each operation just by offering them the possibility to be part of a protest, a voice in a chorus that unites cries for vengeance. With the increase in initiatives taken by groups of hacktivists around the globe, governments, law enforcement, and intelligence agencies have understood the offensive potential of the phenomena and have tried to mitigate the threats by trying to infiltrate the collectives and increasing the surveillance on alleged participants in the protests.

Gen. Keith Alexander, current director of the National Security Agency, warned of the possible consequences of the attack organized by hacktivists against the national critical infrastructures such as a power supply.

Power supplies are just one possible target, together with telecommunications systems, gas and oil storage and transportation, banking and finance, transportation, water supply systems, and emergency services. The profile of cyber assaults against U.S. government and corporate targets is increasing, manifesting very complex cyber strategy.

“If forces like those of hacktivists have the technical capacities and critical mass such that they can influence foreign policy, are we sure that among their goals there are critical infrastructures?

Why we intend to define the components of Anonymous cyber-terrorists and cyber criminals?” said Gen. Alexander.

Hacktivism and Cyber Warfare

Is it really useful to decapitate the principal group of hacktivists or it is possible to exploit their operation for other purposes? Is it possible to incited state-sponsored attacks through groups like Anonymous?

Many governments recognized the benefit of infiltrating groups of hacktivists to influence the choice of the final targets for the cyber attacks. An attack could be exploited by a government to cover further offensives or simply to sabotage the enemy structures. Governments, involving a critical mass of people behind the group of hacktivists, could cover their operations and, although many security experts and intelligence analysts consider this approach impractical, the recent revelations of Anonymous members confirmed this practice. Essentially it is possible that governments could corrupt a leader of one of the most influential cells to incite the attacks against their adversary. Another approach is organizing fake cells of hacktivists that recruit ordinary people to organize cyber operations against hostile governments.

Groups like Anonymous have been driven by purely political motivations; a government influencing the strategies of a group of hacktivists could destabilize an opponent by exaggerating the tone of the internal political debate. The Arab Spring has taught the world how dangerous can be a wind of protest fueled through the new social media.

Recently former LulzSec leader Sabu (Hector Xavier Monsegur) was accused by the hacker Jeremy Hammond of having incited state -sponsored attack against the U.S. government.

LulzSec was a popular group of hacktivists that breached many high-profile targets, such as the Sony Pictures hack that occurred in 2011. The list of victims includes also notorious companies and intelligence agencies such as AT&T, Viacom, Disney, EMI, and NBC Universal, The Sun, The Times, and the CIA.

One of the LulzSec leaders, Hector Xavier Monsegur, aka “Sabu,” when he was arrested started collaboration with law enforcement to track down other members of the Anonymous collective. The information provided by Sabu on the organization of his cell allowed law enforcement to arrest other members of Anonymous.

Related Questions

Navigate

• Browse (All)
• Browse E
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.