This article is more than 1 year old

Sorry script kiddies, hacktivism isn't cool anymore: No one cares about stuff that's easy-peasy to defend against

So much for Beto O'Rourke's cow-related capers

The youthful doings of US presidential wannabe Beto O'Rourke are in sharp decline, according to threat intel biz Recorded Future, which reckons folk have fallen out of love with hacktivism.

The company's Insikt Group division said that over the past two decades hacktivism has been associated with everything from the infamous Lulzsec hacking crew to state-sponsored groups providing plausible deniability for their handlers, such as Guccifer 2.0.

One of the earliest hacktivist crews was CDC, the Cult of the Dead Cow, which shot out of the history books and back to modern-day relevance earlier this year when US Democrat senator O'Rourke admitted having been a member of the collective. Yet it appears his is not an example that has resonated with today's politically aware technofolk.

Recorded Future reckoned that it was tracking 28 active hacktivist groups in 2016, a figure that has dropped to just seven today.

"Insikt Group assesses with high confidence that nation-state entities have increasingly used hacktivism in association with strategic campaigns, by coordinating with legitimate hacktivists of like mind, and false-flag operations made to appear as unassociated, independent hacktivist activity," it said in a report titled "Return to Normalcy: False Flags and the Decline of International Hacktivism".

As for the reason behind this sharp drop, the company said it's simple: nobody's talking about hacktivists any more.

"Insikt Group assesses with medium confidence that this is in part due to a decline in amplifying discussions (e.g. news articles and social media shares) around hacktivism-related cyberattacks," it concluded.

Long-time Reg readers will recall groups like the Syrian Electronic Army, whose specialism was hijacking social media accounts and daubing virtual graffiti over anything it could get its hands on. Since the world has become more interested in securing itself than giggling at the misfortunes of others who took less care over their own security arrangements, so the popularity of defacement attacks has fallen off a cliff.

In addition, that same security-mindedness demonstrated by the modern world has also made hacktivism less appealing simply because it's harder to do something eye-catching.

"The number of large enterprises susceptible to SQL injection attacks or DDoS floods have decreased, likely due to more mature website structures and the use of DDoS protection services like Akamai and Cloudflare," said Recorded Future. "Although some hacktivist actors are highly skilled, more often than not, many members of a hacktivist organization are not skilled and are forced to rely upon simple and outdated tools and techniques that are easily defeated by competent network defenders."

Attack methods seen by Insikt Group haven't changed much over the years either. The company lists hoary old techniques such as DDoSing, XSSing, spearphishing, "utilisation of commodity spyware" and brute-forcing of login creds as means of illicitly accessing targets' IT infrastructure. While the crossover with state-backed hacker crews does leave potential for custom-built tools to be caught up in analysis of attack techniques, it's not likely, in Recorded Future's view.

Modern hacktivists haven't been all that great. One who was rescued by a Disney cruise ship after trying and failing to escape justice was banged up for 121 months earlier this year, while a mass murderer's manifesto was being spread in malware-laced format in an apparent attempt by hacktivists to lash out at sympathisers. Even back in 2015, at the height of hacktivism's collective exploits, we at El Reg were bemoaning its loss of innocence.

It's certainly a far cry from the days of green-leaning hacktivsts targeting oil companies in protest at Arctic exploration plans. ®

More about


Send us news

Other stories you might like