What is Hacktivism?

Hacktivism is a combination of the words “hack” and “activism.” Hacktivists engage in disruptive or damaging activity on behalf of a cause, be it political, social or religious in nature. These individuals or groups often see themselves as “virtual vigilantes,” working to expose fraud, wrongdoing or corporate greed, draw attention to human rights violations, protest censorship or highlight other social injustices.

Hacktivism attacks have increased exponentially in recent years. The rise in this activity is due in part to our collective reliance on the internet, social media and other forms of digital communication, as well as an emotionally-charged global political landscape.

Though many hacktivists claim to have noble intentions and often work in pursuit of equality, justice or improved human rights, it is important to remember that hacktivism falls into the category of cybercrime. It is illegal regardless of the hacker’s motivations or the attack’s outcomes.

crowdstrike-falconx-recon-infographic-cover

EXPOSING THE CRIMINAL UNDERGROUND

Adversaries are out to steal your data, exploit your brand and scam your customers. See how CrowdStrike can help.

Download Now

Who Do Hacktivists Target?

Hacktivists target entities that they believe violate their values or stand in the way of their agenda. Common targets may include:

  • Nation states
  • Government agencies
  • Corporations
  • Religious institutions
  • Terrorist organizations

Common Forms Of Hacktivism

Hacktivists rely on a variety of both legal and illegal activities to carry out their agenda. Common techniques include:

Denial of Service (DoS) Attacks:

Malicious, targeted attacks that flood a network with false requests in order to disrupt business operations. In a DoS attack, users are unable to perform routine and necessary tasks, such as accessing email, websites, online accounts or other resources that are operated by a compromised computer or network. While most DoS attacks do not result in lost data and are typically resolved without paying a ransom, they cost the organization time, money and other resources in order to restore critical business operations.

Doxing:

Exposing personal identifiable information, or incriminating evidence, usually with the intention of having others use that information to harass, intimidate or scare the subject.

Data theft:

Stealing data, intellectual property (IP) or other proprietary information, typically with the intention of carrying out a ransomware attack or selling the data on the dark web.