1

Introduction to HacktivismMay 2013Phil Huggins

Digital Activism

3

Activism

The policy or action of using vigorous campaigning to bring about political or social change.

4

Digital or Internet Activism

“Use of Technology over large distances to effect change.”

“Grassroots activists using networked technologies for social and political change campaigns.”

“Goal of Political or Social Change + Digital Technology.”

5

Digital Activism - New Actions Maps & Maptivism QR Codes File-Sharing Media Hijacking Trend a hashtag

Search Engine Optimisation

Livestreaming Check-Ins Self-Surveillance Flash Mobs

6

Sources of advice, services and tools for digital activists

Hacktivism

8

Activism vs Hacktivism vs CyberTerrorism

Digital Activism is separated from Hacktivism by Computer Crime Computer Crime is well defined:▪ Unauthorised Access to computer material▪ Unauthorised access with intent to commit further offences▪ Unauthorised acts with intent to impair the operation of a computer▪ Making, supplying or obtaining article for use in computer misuse

offences

Hactkivism is separated from CyberTerrorism by Terrorism Terrorism in this context is well defined▪ Anything designed to interfere with or seriously disrupt an electronic

system and▪ Use or threat to influence government or intimidate the public and▪ Use or threat is made for the purpose of advancing a political or

ideological cause

9

Hacktivism - Actions

Software distribution Website mirroring Defacements Typosquatting Redirects Denial of Service Attacks (DOS)

Web Sit-ins Email Bombs

Distributed Denial of Service Attacks (DDOS) Opt-In Botnets Malware Botnets

Doxing SWATting

Denial of Service

11

DoS

Denial of Service An attempt by an attacker to deny a

victims services to it’s users.1.Exploit that causes victim to fail2.Resource exhaustion:▪ Network Bandwidth▪ Computing Power▪ Memory

12

DDoS

Distributed Denial of Service A Dos launched simultaneously from multiple points Usually a resource exhaustion attack Attackers now build networks (Botnets) of compromised

computers (zombies or loads) from which to launch their attacks Large Botnets are now available for hire or to buy for pocket

money.

1000 Loads 5000 Loads 10,000 Loads

World Mix $25 $110 $200

EU Mix $50 $225 $400

DE, CA, GB $80 $350 $600

USA $120 $550 $1000

13

Online Botnet marketplaces

14

Chimera Botnet

15

Typical DDoS

16

Reflector DDoS

Examples of Hacktivism

18

History

First known Hacktivism recorded in 1989 Worms Against Nuclear Killers Australian Hacktivists Infected VMS DECNet systems

19

Anonymous

Formed in 2003 from the 4chan /b/ message board

Since 2004 4chan is a forced anonymous community

The Btards Initially focused on pranks, trolling and griefing

20

Project Chanology

Anonymous were ‘politicised’ in 2008 following a series of actions involving the Church of Scientology.

Actions inlcuded: Physical protests ▪ Guy Fawkes masks

Prank calls Black faxes DDoS attacks ▪ Low Orbit Ion Cannon (LOIC)

IRC channels used to coordinate attacks.

21

Other major campaigns

Operation Payback (2010) DDoS attacks on the Pirate Bay by

MPAA & RIAA Expands to include other copyright-

related targets Attacks on Paypal, Matercard and Visa

related to Wikileaks

Operation Darknet (2011) Targeted child pornography sites on

the Tor network Release usernames from the site

“Lolita City”

22

What are Anonymous?

Angry Chaotic Constantly changing International Broad themes not specific goals Uncoordinated Unfinanced Differences in philosophy and

undefined subgroups No long term vision

23

Lulzsec

A splinter group formed in 2011 as a result of Operation Darknet known as Lulzsec

50 day rampage Anti-Sec Movement “Demonstrating insecurity to

improve security”

24

Syrian Electronic Army (SEA)

Pro-Syrian Regime Hacktivists First seen May 2011 Targeting major news organisations

BBC Associated Press Guardian CBS News NPR

Also activists Columbia University Human Rights Watch

And oddly … FIFA Sepp Blatter 2014 World Cup

25

BBC hack example

Opsec for Hackers

27

Operational Security

The underground community has learnt lessons from Lulzsec

They have reviewed the evidence presented in court

Developing guidance: Create a cover Work on the legend Create sub-aliases Never contaminate

Produced the “10 Hack Commandments”

blog.blackswansecurity.com