Anon and on
iSIGHT Partners defines hacktivism as cyber-threat activity that is motivated by ideology or rationale (whether religious, social or political) and has the objective of either directly altering the actions or opinions of an audience, or of enacting justice.
"Hacktivism as threat source is often mistakenly confined to Anonymous-affiliated hackers, or to grass-roots groups that hold to conventional anti-security and anti-establishment ideologies," Gallop explains.
"Although the Anonymous movement during 2010-2012 was a watershed for both the concept of hacktivism in general, and for certain hacktivist methodologies in particular, the security industry must recognise hacktivism’s evolution in the years since the dispersal of the Anonymous collective’s figurehead faction: LulzSec/Antisec."
The antics of the likes of LulzSec may even have encouraged nation states to adopt similar tactics to either stifle dissent or manufacture consent, according to Gallop.
"Hacktivist objectives naturally engender a desire for publicity and unsophisticated hacktivists seek publicity without caring who the audience is," Gallop says. "However, when sophisticated hacktivists have identified a particular audience that is entrenched or influential, this natural desire for publicity leads to a willingness to conduct attacks that are highly impactful and even destructive."
He continues: "The sophisticated LulzSec/AntiSec faction, strengthened in influence by sheer numbers in the broader Anonymous collective, demonstrated to the world how impactful hacktivist activity could be. In the two years that followed AntiSec’s disbandment in March 2012, iSIGHT Partners continually advised that national governments would not ignore the potential of co-opting hacktivist methods to achieve their own political and ideological objectives."
Gallop's observation adds to the more long-standing criticism from white hat hackers that the antics of the likes of LulzSec – particularly attacks against government agencies and law enforcement – might be used by government as a pretext to push for harsher penalties and repressive anti-hacker laws, such as the USA's Computer Misuse Act.
Despite the focus in the news on hacktivist groups such as ISIS and pro-Russia hackers in Ukraine, Anonymous hasn't gone away. The loose-knit hacktivist collective continues to execute one-off campaigns, some of which directly confront online Jihadis, such as OpISIS.
More than 25,000 Twitter accounts have been terminated, 233 websites attacked and 85 websites "destroyed" as part of its ongoing campaign, according to Anonymous.
Other groups, such as pro-Assad hackers of the infamous Syrian Electronic Army, are also active in Middle Eastern theatres of conflict.
For example, FireEye recently detailed the activities of a cyder-espionage group that stole the strategies and battle plans of the Syrian opposition. To pull off the operation, the hacking group ensnared its victims through conversations with seemingly sympathetic and attractive women. As the conversations progressed, the “women” would offer up a personal photo, laden with malware designed to compromise the target’s computer or Android phone.
The ongoing conflict in eastern Ukraine also features a side show of hacking and malware distribution.
Ukrainian prime minister Arseny Yatsenyuk accused Russian intelligence rather than hacktivists of being behind a recent attack on German government sites in January. Hacktivists from CyberBerkut blockaded the websites of the Bundestag and Chancellor Merkel's office, demanding Berlin end support for the Ukrainian government.
CyberBerkut has also been blamed for attacks on NATO websites and US private military companies, but its main target has been Ukrainian government agencies and Kiev politicians.
Several anti-virus firms have noted an upswing in malware activity in the region.