From P2P Foundation
Jump to navigation Jump to search

= hacktivism is a policy of hacking, phreaking or creating technology to achieve a political or social goal [1]



" There are various definitions of the term 'hacktivism'. For those whose interests rest primarily with computers hacktivism is the promotion of computer hacking (hacker + activism). For those who approach computing from the social perspective it actually has more relevance as the use of computers and technology for hi-tech campaigning for social change (hi-tech + activism). The argument between hacker groups who have different opinions on the use of computers for political or social objectives has become key to the re-interpretation of the role of modern technology within the emerging 'information society'." (http://www.internetrights.org.uk/glossary.shtml)


"Hacktivism is the fusion of hacking and activism; politics and technology. More specifically, hacktivism is described as hacking for a political cause. In this context, the term hacker is used in reference to its original meaning. As defined in the New Hacker's Dictionary, a hacker is "a person who enjoys exploring the details of programmable systems and how to stretch their capabilities" and one who is capable of "creatively overcoming or circumventing limitations". (http://www.thehacktivist.com/hacktivism.php)


Typology of Strategies

Jarkko Moilanen:

"I have selected two authors whose definitions are at least to some extent considered to be basic definitions; Jordan’s and Samuel’s. Both have three-tier model of hacktivism. Jordan is often cited scholar concerning issues related to hacktivism. Jordan describes hacktivism to be: “ a combination of grassroots political protest with computer hacking” (Jordan and Taylor 2004).

In previous writings Jordan defines hacktivism as “politically motivated hacking” (Jordan 2002).

Jordan has defined three different types of virtual forms of political activity which are often labelled as hacktivism (Jordan 2008). These forms are:

  • mass embodied online protest,
  • internet infrastructure and information politics and
  • communicative practices and activity organising

Samuel has written a dissertation about “Hacktivism and the Future of Political Participation”.

'Samuel's definition of hacktivism is a bit less broad:

“hacktivism is the non-violent use of illegal or legally ambiguous digital tools in pursuit of political ends” (Samuel 2004, 2.)

In her dissertation research Samuel has interviewed over fifty (51) hacktivists. On the basis of the interviews and other material, Samuel has constructed a taxonomy of hacktivism.

In her study, Samuel also (like Jordan) divides hacktivism to three subcategories:

  • political cracking,
  • political coding and
  • performative hacktivism.

Political Cracking

Political cracking is hacker-programmer hacktivist activity which is according to Samuel

“consistent with what I call an “outlaw” orientation. These are the most illegal forms of hacktivism such as defacements, redirects, denial of service attacks, sabotage, and information theft.“(Samuel 2004, 15)

It must be noted that all the above activities are not necessarily hacktivism, but some of them can be pure hacking. What separates pure hacking and hacktivism is the hacktivists’ intention to have political consequences. In other words hacking can be both political and apolitical. To put it briefly, these are the ‘bad’ guys. In my opinion, political cracking activities might in some situations lean towards cyberterrorism or criminality.

Political Coding

Political coding and political cracking are separated by a thin and arguably sometimes vague line. Compared to political cracking discussed above, political coding hacktivists operate inside the legal boundaries. Their actions might be transgressive but not illegal. Typical activities include political software development. (Samuel 2004, 15)

The software development issue is not so simple as Samuel it so neatly puts. She gives an example of this type software. One hacktivist software development (Six/Four) is intended to address the problems of internet censorship (Samuel 2004, 14). Product of this software development is used to circumvent firewalls anywhere where authoritarian (or other repressive type) regimes deny free access to internet from the citizens. I agree with Samuel that this type of software development can easily be labelled as political coding.

However, there is a lot of quite similar software development which in my opinion can not so clearly be included under the umbrella of political coding. Let’s take for example Tor. Tor is a software to hide true identity of computer user in the internet. Tor uses multiple nodes(servers) to hide users traces while in the net. Tor also crypts messages and content. It can really easily be integrated to other software (for example with web browsers and IRC clients). Tor can be used to serve political activities but it is not clear what were the intentions of the coders. Can Tor be labelled as product of political coding? On the other hand, some people use Tor just to defend their right to privacy about what they do in internet, where they have visited or what they have discussed and with who. Even in the latter, politics is involved, since it is about privacy in the age in information. In my opinion the political or hacktivist aspect of the software depends also on how or who it is used by, not only who coded and developed it.

Performative Hacktivism

Samuel defines the third form of hacktivism to be performative hacktivism:

“which is practised by hacktivists from artist-activist backgrounds who have a transgressive orientation. Its forms are web site parodies and virtual sit-ins, most often as part of anti-corporate, anti-globalization, or pro-independence protests.”(Samuel 2004, 15)

An example of this type of activity is Electrohippies actions during WTO conference in Seattle 1999. During the conference they used DDoS attacks. Instead of using totally automated network of bots, supporters needed to download a Java-based software which enabled attacks if the user choose to use it. Result was that, according to organizers, 450 000 protesters took part to this net-based event and WTO servers slowed down and eventually were blocked (Jordan 2008, 23; Samuel 2004, 16). The net-based activity was not separated from the real world protest which took place at the same time.

According to Jordan the virtual world and so called real world are falsely for some reason thought to be separate issues. In hacktivism these two realms are different in some manner, but they are not mutually exclusive or antagonist." (http://extreme.ajatukseni.net/2010/04/13/hacktivism-as-3-tier-model/)

Typology of tactics (operation modes)

Jarkko Moilanen:

"Hacktivists can use four different operation modes: 1)virtual blockades, 2)e-mail attacks, 3)hacking and computer break-ins and 4)computer viruses and worms.

A virtual blockade is the virtual version of a physical sit-in or blockade. Hacktivists visit a website and attempt to generate so much traffic toward the site that other users cannot reach it or other services in the server (a classical form of denial-of-service attack), while attempting to win publicity (via media reports) for the protesters’ cause. Manually this would require large amount of people, but the same effect can rather easily be reached with simple scripts. Another option is to use worms or viruses to access other computers and use them as part of blockade. After virus or worm has infected a computer it might wait as a sleeping cell, waiting for a trigger, which can be anything. “Swarming” occurs when a large number of individuals simultaneously access a website, causing its collapse. The electrohippies prefer to use client-side distributed denial-of-service attacks. They claim that compared to server-side DoS attacks, it arises from the mandate of the masses. Furthermore they dislike server-side attacks because such operations are (according to them) a result of small number of anonymous persons. Although another perhaps a little more sophisticated model of sit-in or blockade would be somehow similar arrangement used by SETI. Anyone can offer personal computer processor time to SETI to calculate astronomical phenomenons. In this case a person would support some goals of selected organisation. Then he or she would offer this organisation to open a website automatically from his/her computer at predefined conditions. In this mode of blockade anyone with computer could participate and physical presens would not be required. Negative side is that this kind of activity would probably cause legal actions in some countries against the participants.

Swarming can also amplify the effects of the hacktivists’ second weapon: e-mail bombing campaigns. This is normally conducted with automated scripts with various triggers. The scripts can be quite complex. They might vary in message content, the time gap between messages, use fake IP addresses and other identification data, sleep until triggered manually or automatically, send email as part of any normal data transfers. They might even use auto destruct after accomplishing tasks. E-mail bombing means sending thousands of messages at once to email servers or services. Examples about usage of these two tools can easily be found. In Kosovo crisis; Yugoslavian sites were altered to be more pro-NATO by dutch hackers, both sides also defaced others governmental and private websites, Serb hackers altered NATO websites (Brewin, 1999.). In the Middle-East; Palestinian and Israeli hackers are known to attack each others websites, Israeli hackers used email-bombings when they attacked Hizbollah Party’s webserver(Salem & Jarrah 2000.).

Many cyberprotesters use the third weapon in the hacktivists’ arsenal: web hacking and computer break-ins. This arsenal consists of hacker tools which use many technologies, the major ones being: packet sniffing, tempest attack, password cracking and buffer overflow. This type of activity is growing vastly. Denning notes that the Computer Emergency Response Team Coordination Center (CERT/CC) reported 2,134 cases of computer break-ins and hacks in 1997. The number of incidents rose to 21,756 in 2000 and to almost 35,000 during the first three quarters of 2001 alone.(Denning 2001.) It must be noted that these numbers include both hacktivist and other hacking – non-politically motivated such as cyber crime - incidents. It is also probable that all incidents are not reported to any organisation or center for various reasons. Hackers and hacker groups assist hactivists. For example a hacker called ‘Zyklon’ member of hacker group gLobaLheLL hacked the firewall system in China and offered unrestricted access to internet users in China for brief time (Farley 1999.). It is though not clear whether he did it because of personal interest or was he requested by some hacktivist group.

The fourth category of hacktivist weaponry comprises viruses and worms, both of which are forms of malicious code that can infect computers and are normally designed to propagate over computer networks. The number of known viruses and worms is astronomical and no one knows the exact amount. Estimate (year 2000) was about 53 000 worms and viruses in the world (http://www.securitystats.com/virusstats.html). Partly because of the great amount their impact can be enormous. The huge amount of viruses leads to inevitable situation when a single worm finds the weak spot(s) of millions of computers. In the year 2001 The Code Red worm infected about a million servers and caused $2.6 billion in damage to computer hardware, software, and networks (Moore, Shannon & Brown 2002). Another example of wide spread viruses is the I LOVE YOU virus which affected more than twenty million Internet users and caused billions of dollars in damage in the beginning of this millennium. In these two cases virus was spread without any political goals. This might indicate that virus launchers were malicious hackers and not hacktivists. Some computer viruses, worms and trojans have been used to propagate political messages and cause serious damage. During the NATO operation to evict Serbian forces from Kosovo, businesses, public entities, and academic institutes in NATO member-states received virus containing e-mails from a range of Eastern European countries. The e-mail messages, which had been poorly translated into English, consisted of statements against NATO and NATO presence in Kosovo. But the real threat was from the viruses, which were attached to the emails. This was an instance of cyberwarfare – not hacktivism - launched by Serbian hacktivists against the economic infrastructure of NATO countries. This incident also demonstrates the thin line between hacktivism and cyberwar." (http://extreme.ajatukseni.net/2009/11/12/political-activism-hacktivism/)


What is Hacktivism?

From What is Hacktivism, a paper by Metac0m, 2003:

"Hacktivism is the fusion of hacking and activism; politics and technology. More specifically, hacktivism is described as hacking for a political cause. In this context, the term hacker is used in reference to its original meaning. As defined in the New Hacker's Dictionary, a hacker is "a person who enjoys exploring the details of programmable systems and how to stretch their capabilities" and one who is capable of "creatively overcoming or circumventing limitations".

(1) Activism is defined as "a policy of taking direct and militant action to achieve a political or social goal".

(2) Therefore, a clinical definition of hacktivism is: Hacktivism: a policy of hacking, phreaking or creating technology to achieve a political or social goal.

However, both hacking and activism, and thus hacktivism, are loaded words ripe for a variety of interpretation.

Therefore it is preferable not to clinically define hacktivism but rather to describe the spirit of hacktivism.

Hacktivism is root. It is the use of one's collective or individual ingenuity to circumvent limitations, to hack clever solutions to complex problems using computer and Internet technology. Hacktivism is a continually evolving and open process; its tactics and methodology are not static. In this sense no one owns hacktivism - it has no prophet, no gospel and no canonized literature." (http://www.thehacktivist.com/whatishacktivism.pdf)

Details on Political Hacking Groups

Jarkko Moilanen:

"Hacker groups also use cell-like temporarily formed coalitions. Furthermore single hacker groups are normally small and tight-knit. Compared to conventional terrorist groups the difference is that hacker cells are not ’sleeping cells’ waiting for an order from the top. Hacker cells might be inactive for quite long time but they don’t have a shared ideology under which they fight. Reason for hacker groups to join with each other is often a single event in world politics for example human rights violations or environmental issues, which fits their own personal or group’s agenda. A well-known cracker Herbless describes his personal motivations and actions to be “[...]a form of non-violent yet public protest about things that I feel are wrong[...]”(Knight 2000). Commonly hackers are associated to computers and networks of computers, but this might be too narrow view. Hacker who uses alias (or handle) Pork-Chop defined hacker to be “[...]someone who finds a system - not a computer system, necessarily, any system, maybe a social system or a political system - and figures it out to maybe change it for the better.”(Evans 2004) The interesting point of view in this statement is the reference to political systems as well as computer systems. In the following I will describe some examples of different political hacker groups and their activity.

An example of politically motivated single issue hacker groups is Ethical Hackers Against Pedophilia (EHAP). EHAP targets attacks against people or organisations who distribute child related porn pictures or movies. They are claimed to track childporn distributors and gather information about them. They do not reject using illegal methods to achieve their aims. All information is then given to different authorities around the globe for further investigations and to press charges. This kind of hacking is often referred as white-hat hacking. (Macavinta 1998.)

Another example of political activity of hacker groups relates to hacker ethic. Hacker ethic includes an idea about non-discrimination. Everyone should be valued be achievements and skills instead of ethic background, sex or age. An example of anti-racist activity some hackers defaced racist whitepower.org website and replaced content to anti-racist.

Politically oriented hacker groups have also selected political parties as targets. A group called Circle of Deception hacked the websites of both labour and conservative parties in UK. After the defacement of conservative party, John Major’s picture was attached to Nazi symbol and most of the texts in the pages were altered to express the group’s anti-EU opinions.

The above examples describe single issue hacker groups, which conduct attacks against computer systems, organisations or people using computers. Some evidence about hacker groups to combine their forces to act as single unite can be found. These groups can be labelled as Macro-Hacking groups. Macro-hacking groups form when individual hacking groups coalesce and become interconnected through common agendas. The individual hacking groups from which a macro-group is constructed will carry out digital attacks under a common banner. When the tension between Pakistan and India over Kashmir was at it’s peak, some Pro-Islamic hacker groups, Unix Security Guards and World Fantabulous Defacers, carried out joined attacks against Indian governmental institutions. Some experts share the view that political and ideological motives are more and more behind hacker activity.(BBC News World Edition 2002, Luening 2000.)

Nuclear power related issues have gained the attention of some hacker groups. In the year 1998 hackers, who were part of groups called Milw0rm and Ashtray Lumberjacks attacked over 300 websites to make a anti-nuclear protest. This incident was another website defacement operation.

This was not the first time Milw0rm tampered with nuclear related material. Before this protest, the group intruded to Bhabha Atomic Research Center and Turkish nuclear facility to steal internal memos and emails. The above intrusions were conducted to protest India’s nuclear testing.(Hu 1998.)

In the above examples website defacement is often the only visible factor. It is commonly used by different hackers and hacker groups. The defacement as an operation includes variable amount of hacking depending on the target system security. In some cases only minutes is needed to penetrate the system. The defaced appearance of website is the visible result of hacking. Defacement is method to deliver the desired message to the audience. Though the audience is as wide as the rest of the world which is connected to the net and visits the defaced website. This need to use publicity is similar to conventional terrorists. The online media acts similarly both in conventional terrorist events and attacks and in hacktivist events. They spread the knowledge about the incident and the message of the incident as they release news feeds about them.

Hacker groups can use cyberspace to form instant more or less temporary transnational cyberterrorism or hacktivist organisations and operate instantly all over the world. Furthermore they can dissolve without leaving easily traceable evidence." (http://extreme.ajatukseni.net/2009/11/13/politically-motivated-hacker-groups-and-coalitions/)


Wikileaks as Hacktivism

"Wikileaks-enabled activism is quite different from the types of cyber activism and hacktivism that were prominent in the last decade. The latter, let’s call it hacktivism 1.0, “breaks down into two broad streams of actions: 1. Mass virtual direct actions, which use cyberspatial technologies of limited potential in order to re-embody virtual actions, [and 2.] digitally correct actions, which defend and extend the peculiar powers cyberspace creates. […]Whereas mass action hacktivists look to networks to do things for them, to be a place in which protest can occur just as roads are places in which demonstrations can occur, digitally correct hacktivists attempt to form the nature of the roads and passages of cyberspace. In doing this they generate actions directly focused on the codes that make cyberspace the place it is” (Jordan and Taylor 2004). Hacktivism 1.0 offers few opportunities for political action. They can be complex technological stunts, committed by highly skilled computer programmers. The results of this type of activism are either the disruption of the infostructure of the target organization or some specialized software tool to aid activists. Such actions are costly and time consuming, therefore relatively rare. On the other hand, hacktivism offers individuals the chance to participate in electronic civil disobedience, like virtual sit-ins, where, along with thousands of others one can try to overload the public web services of the target organizations. In this sense electronic disobedience is closely related to the earlier, non-electronic civil disobedience movements. These attacks – Distributed Denial of Service (DDoS) attacks as they are called now – require no technical skills, and beyond making a website inaccessible for the time of the attack, they yield little more than the attention generated by the news of the attack. Hacktivism 1.0 is torn between highly effective but rare instances of hacking, and relatively frequent cyber-protests with little more than symbolical value.

Wikileaks marks the beginning of Hacktivism 2.0. Wikileaks is first and foremost an infostructure provider, with the immense potential to empower mass-scale cyber-activism. Wikileaks offers three crucial factors through which the effectiveness of hacker attack can be merged with the ease and openness of mass actions. First, it offers a highly resistant, autonomous content distribution network, which so far has been able to survive even the most aggressive attacks against its infrastructure.[2] Second, it has all the attention of the world, including key media organizations which participate in the verification[3] and publication of the disclosed information. [4] And what is the most important: it promises anonymity.

Hacktivism 1.0 was the activism of outsiders. Its organizing principle was to get outsiders into the territory of the other. Wikileaks, on the other hand, is an infostructure developed to be used by insiders. Its sole purpose is to help people get information out from an organization. Wikileaks shifts the source of potential threat from a few, dangerous hackers and a larger group of mostly harmless activists — both outsiders to an organization — to those who are on the inside. For mass protesters and cyber activists anonymity is a nice, but certainly not an essential feature. For insiders trying to smuggle information out, anonymity is a necessary condition for participation. Wikileaks has demonstrated that the access to such features can be democratized, made simple and user friendly. Easy anonymity also radically transforms who the activist may be. It turns a monolithic, crystal clear identity defined solely through opposition, into something more complex, multilayered, and hybrid by allowing the cultivation of multiple identities, multiple loyalties. It allows those to enter the activist scene who do not want to define themselves – at least not publicly – as activist, radical or oppositional. The promise – or rather, the condition — of Wikileaks is that one can be on the inside and on the outside at the same time. Through anonymity the mutually exclusive categories of inside/outside, cooption/resistance, activism/passivity, power/subjection can be overridden and collapsed." (http://www.warsystems.hu/fokuszban/wikileaks-and-freedom-autonomy-and-sovereignty-in-the-cloud/)

More Information

  1. This article is an extensive examination of 'Hacktivism', at http://www.thehacktivist.com/hacktivism.php
  2. The Wikipedia entry, at http://en.wikipedia.org/wiki/Hacktivism describes the controversies surrounding the term and its associated practices.
  3. What is Hacktivism?, http://www.thehacktivist.com/whatishacktivism.pdf
  4. McKay, N. (1998). The golden age of hacktivism. Retrieved June 5, 2010 from http://www.wired.com/politics/law/news/1998/09/15129.
  5. Ruffin, O. (2004). Hacktivism, from here to there. Retrieved Oct 1, 2010 from http://www.cultdeadcow.com/cDc.files/cDc-0384.html.
  6. TheHacktivist. (2003). What is hacktivism? 2.0. Retrieved June 5, 2010 from http://thehacktivist.com/whatishacktivism.pdf.

Literature related to topic [2]:

Chamberlain, Kristen (2004) REDEFINING CYBERACTIVISM: THE FUTURE OF ONLINE PROJECT. Review of Communication Jul-Oct 2004, Vol. 4 Issue 3/4, pp 139-146

Illia, Laura (2003) PASSAGE TO CYBERACTIVISM: HOW DYNAMICS OF ACTIVISM CHANGE. Journal of Public Affairs, Volume 3, Number 4, November 2003 , pp. 326-337(12)

Jordan, Tim (2008) THREE TYPES OF “HACKTIVISM”: POLITICS OF INTERNET TECHNOLOGIES. In Net working / Networking – Citizen Initiated Internet Politics, pp. 254 - 280. Häyhtiö & Rinne (eds.), Tampere University Press. TUP.



Manion, M. and A. Goodrum (2000) TERRORISM OR CIVIL DISOBEDIENCE: TOWARD A HACKTIVIST ETHIC. ACM SIGCAS Computers and Society 30(2): 14-19.

Samuel, Alexandra (2004) HACKTIVISM AND THE FUTURE OF POLITICAL PARTICIPATION. Harvard University, Cambridge, Massachusetts

Werbin, Kenneth C. (2005) CYBERACTIVISM: ONLINE ACTIVISM IN THEORY AND PRACTICE. Canadian journal of communication 30.1 (2005): 156-158.

See also:

  1. Anonymous
  2. Hackerspaces
  3. Cyberterrorism
  4. Hacktivism 2.0