Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Individuals who perform hacktivism are known as hacktivists.

Hacktivism is meant to call the public's attention to something the hacktivist believes is an important issue or cause, such as freedom of information or human rights. It can also be a way for the hacktivists to express their opposition to something by, for instance, displaying messages or images on the website of an organization they believe is doing something wrong.

Hacktivists are typically individuals, but there are also groups of hacktivists that operate in coordinated efforts, such as Anonymous or LulzSec. The majority of hacktivists work anonymously.

A hacktivist uses the same tools and techniques as a hacker, but does so in order to disrupt services and bring attention to a political or social cause. For example, hacktivists might leave a highly visible message on the homepage of a website that gets a lot of traffic or embodies a point-of-view that is being opposed. Hacktivists also often use denial-of-service (DoS) attacks to disrupt traffic to a particular site.

The legality of hacktivism is a point of debate. While peaceful protest is legal in many countries, distributed denial-of-service (DDoS) attacks may be considered a federal crime in the United States and those attacks are illegal in many other places including the European Union, the United Kingdom and Australia. Opponents argue that hacktivism causes damage in a forum where there is already ample opportunity for nondisruptive free speech. Others insist that such an act is the equivalent of a protest and is therefore protected as a form of free speech. Hacktivists often consider their activities a form of civil disobedience, meaning they are willfully breaking a law to further their protest.

Types of hacktivism

Hacktivists use a variety of techniques to get their message across. Some tactics include the following:

  • Changing the code for websites -- such as government websites -- or software is done to display errors or specific messages to anyone who visits the site or uses the software.
  • Website mirroring is when hacktivists replicate a legitimate website's content, but with a slightly different URL. This technique is often used to get around censorship that blocks a particular site. If a website has been censored, the hacktivist will duplicate the content and attach it to a different URL on a mirror site so the content is still accessible.
  • Geo-bombing, in which internet users add a geo-tag to YouTube videos to enable display of the location of the video on Google Earth and Google Maps, has been used by hacktivists to display the location of videos posted by political prisoners and human rights activists.
  • Blogging anonymously is a tactic used by activists, whistleblowers and journalists. This protects the blogger while providing a platform to speak out about an issue, such as human rights violations and oppressive government regimes.
  • The use of the software RECAP lets users search for free copies of documents that are otherwise only accessible by paying a fee to the United States federal court database known as PACER (Public Access to Court Electronic Records).
  • Leaking information is a popular tactic with activists. Typically an insider source will access sensitive or classified information -- which implicates an individual, organization or government agency in some kind of malicious activity -- and make it publicly available. WikiLeaks has become a popular site for publishing leaked data.
  • Doxing is the gathering of information -- through hacking or social engineering -- about a specific person or organization and making it public. The information is typically sensitive and is sometimes used in extortion schemes.
  • Denial-of-service attacks and distributed denial-of-service attacks have become popular with hacktivists who use them to prevent users from accessing targeted computer systems, devices or networks. DoS and DDoS attacks flood systems with traffic and overwhelm resources and make them difficult to access.

There has been some debate over whether DoS attacks are hacktivism and, if they are, whether or not they are illegal.

Examples of hacktivist groups

Anonymous is a decentralized, international group that has become one of the most well-known hacktivist groups due to several high-profile attacks. Anonymous first appeared in 2003 on the 4chan forums and came into the spotlight in 2008 when it attacked the Church of Scientology. The group has adopted the Guy Fawkes mask from the graphic novel and film V for Vendetta as its symbol and often uses the tagline "We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us." Despite its members not identifying themselves, several individuals have been arrested in association with the group, which often uses controversial techniques. The group has been known to "declare war" on politicians, including Donald Trump and Hillary Clinton, and has supported the Occupy movements.

WikiLeaks is a website that was started in 2006 by Julian Assange and hosts leaked documents. WikiLeaks claims to be an independent, nonprofit online media organization. The first notable documents published on WikiLeaks were nearly 80,000 documents about the U.S. war in Afghanistan, followed by 400,000 documents about the war in Iraq. WikiLeaks is also known for leaking over 20,000 emails and 8,000 email attachments from the Democratic National Committee that were sent during the 2016 U.S. presidential campaign.

LulzSec, or Lulz Security, is a spinoff group of Anonymous. Five members of Anonymous started LulzSec in 2011 and use handles but not any other identifying information. The most significant attack by LulzSec was when the group took down the FBI's website in 2011, though the attack precipitated the arrest of several members.

Examples of hacktivism events

There have been many instances of hacktivism over the years, including the following:

  • During the 2009 Iranian elections, Anonymous set up a website to disseminate information to and from Iran.
  • During the 2011 Arab Spring, multiple hacktivist groups were involved in supporting protests. The group Telecomix provided technical support to protesters including setting up dial-up internet connections after the Egyptian government shut down internet access to the country; Google, Twitter and SayNow started the #Speak2Tweet movement, which provided communications for Egyptians.
  • The first Million Mask March took place in 2013 and is now an annual event. Anonymous and its supporters march on Nov. 5 -- Guy Fawkes Day -- wearing their signature masks. The marches usually happen in Washington D.C. and London.
  • In the 2014 Sony Pictures Entertainment hack by the group known as Guardians of Peace, or GOP, the group collected over 100 TB of information from the company, including unreleased movies and the personal data of employees.
  • The 2016 DYN cyberattack affected major websites including Amazon, The New York Times, The Wall Street Journal, Twitter and Reddit. Both Anonymous and a group known as the New World Hackers claimed responsibility for the attack and said it was in retaliation to Ecuador's London embassy shutting down internet access for WikiLeaks founder Julian Assange, who was being held there.
This was last updated in July 2018

Continue Reading About hacktivism

Dig Deeper on Hacker tools and techniques: Underground hacking sites