- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
CIO - Last July, the FBI executed what is arguably its most public campaign against hacktivists--individuals who breach computer systems to make a political or ideological statement. On Tuesday, July 19, the G-men cuffed 12 men and two women allegedly associated with hacktivist group Anonymous for their supposed involvement in a dedicated denial of service (DDoS) attack against PayPal's website in December 2010.
The July raid appeared to be the largest public indication that the FBI was finally making headway in its investigation of hacktivist activity during a year when groups including Anonymous and LulzSec made a mockery of public- and private-sector computer systems. Between December 2010 and August 2011 alone, they broke into dozens of corporate and government networks with outrage, defiance and glee.
In fact, hacktivist activity had long been on the FBI's radar, according to Shawn Henry, executive assistant director of the FBI's Criminal, Cyber, Response and Services Branch. He first noticed it in the late 1990s, when he was working as a supervisory special agent at FBI headquarters on computer intrusion cases. At the time, hacktivism consisted mostly of website defacements, he says. Today, it's more menacing. Consider the outcomes of just three data breaches launched in the name of hacktivism:
Henry maintains that the FBI isn't motivated by hacktivist groups' ideological agendas. What matters most to the FBI, he says, is that these groups are breaking the law.
"When anybody breaches a network and steals data and then publicizes it--whether they're from a foreign country and they're using the data to help their country's industry, they sell it as an organized crime group, or they just display it because they think the company they stole it from is acting inappropriately--the fact that the data is stolen is a violation of federal law," he says, his voice rising with conviction. "Hacktivism is no different from organized crime groups or foreign governments. It's the exact same activity, perhaps done for a different reason or purpose, and it's all still illegal."
In this exclusive interview with CIO.com, Henry speaks for the first time with the media specifically about hacktivism. Though Department of Justice guidelines prevented him from discussing specific hacktivist groups and open cases, he describes the threat hacktivists pose, the challenges associated with investigating them, and the FBI's success disrupting these groups. He also has a special message for hacktivists.