IT'S WAR: Hacktivists throw in their lot with spies and the military

Code develops into a major weapon


State-sponsored hackers

The phenomenon of state-sponsored hackers, which arguably started in China in the late 90s with so-called red hacker groups such as the Honker Union, is spreading across the world.

Nationalistic hacker groups worldwide are operating globally in countries including Syria and Ukraine. In some cases, these groups operate alongside official military and intelligence agencies, while in others they square off against local governments.

Joseph Gallop, head of the activism practice at iSIGHT Partners, who is presenting on the topic at next week's RSA Conference, argues that hacktivism has developed a more crystallised purpose as a component of geo-political conflicts.

Hacktivists now align with warring factions, rallying to either support nations or those forces opposing them. Gallop offers a comparison of hacktivism in Syria and the Ukraine.

"Syria pioneered the public adoption of hacktivism for government interests," Gallop explains. "While there is some confusion as to whether the hacktivist group 'Syrian Electronic Army' (SEA) existed and was active before being sponsored by the state, there is no question that some level of support has been given by the state, and the SEA has openly admitted to cooperating with officials in the Assad regime."

"This openness is one of the main differentiators between hacktivism serving Syrian government interests and hacktivism serving Russian government interests in the Ukraine conflict. The primary pro-Russian hacktivist group, CyberBerkut, is almost certainly supported by Russian authorities, but labels itself as a Ukrainian resistance group," he adds.

Broadly speaking, hacktivists in Syria operate overtly, making little secret of their allegiances, while those in Ukraine are more covert, especially when it comes to acknowledging links with governments.

"This difference in openness illuminates the tipping points and drivers for each of these nations to sponsor hacktivist activity," Gallop tells El Reg.

"Simplistically put, the Syrian regime is driven by the recognition that it is in an existential dilemma, and therefore the regime has no aversion seeking the most direct route toward survival. On the other hand, the Russian authorities are driven by a much more nuanced desire for resource dominance and hegemony, resulting in efforts which subvert foreign governments and influence public opinion in surrounding nations, while maintaining plausible deniability."

Gallop says that elements of the military in Iran and North Korea are more than capable of mounting CyberBerkut-style operations, particularly in support of strategic objectives – or for North Korea, a perceived slight to national honour.

Both Iran and North Korea reportedly maintain squads of sock-puppet trolls to spread their message, as El Reg has previously reported.

Next page: Anon and on

Other stories you might like

Biting the hand that feeds IT © 1998–2021