Strategy, Threat intelligence, Threats, Cybercrime

Rebels with a cause?

August 2, 2011
Forget the hacking/cracking element for a moment: think about activism.

You have activists who work within the law to change the law, or popular perception, or gain support for their particular point of view. They might do that through classic commercial public relations techniques and resources, by lobbying and political agitation within the law, including marches, rallies, and demonstrations. (OK, even peaceful protest is not within the law in all countries, but that may be true of any attempt to change the status quo.)

Or you may have borderline stuff, like hunt saboteurs using aniseed to confuse the hounds and disrupt foxhunting, or activities that might conceivably result in some other impairment to legitimate activity, including,in the case of industrial action, the delivery of services or products.

Then there are activists who are using frankly criminal but not necessarily violent activities that largely affect the target, rather than the population as a whole – for example, some of the more extreme shades of animal rights activist. You have activists who are using the threat of some activity to intimidate, but who may or may not be taking real action: “We'll be releasing all your confidential data any day now.”

And you have activists whose methods include violent or non-violent action virtually indistinguishable from terrorism, where the intent is to shock (or worse), and anyone is considered a legitimate target, because hurt to anyone proves the power of the activist.

What does all this have to do with hacktivism? While we may not be seeing physical violence as a component at present – though there are certainly cyberwarfare scenarios where there would be an overlap with physical warfare – we are seeing all those threads in overlapping patterns, even where the only cause anyone is fighting for is teenage testosterone-driven macho display and self-promotion. The difficulty lies in sorting the information from the misinformation, before we even start to attribute intent....

I've just been reminded, when revisiting Bruce Sterling's book Hacker Crackdown, of how some of the earliest high-profile hacking and malware incidents were characterized by a huge disparity between estimates of damage cost, confusion between victim and perpetrator, and an almighty clash of opinion between law enforcement agencies, libertarians and the “information wants to be free” crowd. Perhaps we need an equivalent lengthy critique to sort out the conflicting perceptions of hackerdom in 2011. This time, though, thanks to the ubiquity of the internet, we have to add the perceptions of the media and the public to the mix.
prestitial ad