Skip Links

Hacktivism gets attention, but not much long-term change

By Taylor Armerding, CSO
November 30, 2012 10:35 AM ET

CSO - Another hacktivist group struck this week for yet another "good cause."

Parastoo, which broke into a server of the International Atomic Energy Agency (IAEA) and leaked the email addresses of 167 experts working with the agency, declared that its goal was to expose "beyond-harmful operations" at Israel's Negev Nuclear Research Center.

The worst security snafus of 2012

In a statement posted on Pastebin, the group demanded that those experts petition the IAEA to investigate the Negev site, and threatened to expose the locations and other personal and professional information of those experts if they don't.

The group sought to show that its motives were noble. "We are reassuring IAEA that their critical information is safe with us, as we are brothers." But it said its brotherly connection did not extend to any "Western-flavored elements."

This latest break-in is yet another example of hacktivists viewing themselves as the good guys. They have regularly described themselves as freedom fighters who strike blows in behalf of the common people against the evils of corporations and governments.

But security experts say the reality is that while they can make life miserable in some cases for their targets, they generally have little more long-term impact than other, more traditional, activist movements like the Tea Party or Occupy Wall Street (which did have a major online element).A'A Hacktivists gain a measure of short-term publicity and influence, but are now essentially irrelevant.

Michael Murray, managing partner of MAD Security and also of the Hacker Academy, said the targets of attacks "hardly ever" comply with the demands or threats of hacktivists. "I know of a couple of off-the-record types of deals," he said. "But most often, the target plays along only so long as it takes to either prosecute the hacktivists, usually with the assistance of law enforcement, or to buy time to figure out how to stop the attacks."

Chester Wisniewski, a senior security adviser at Sophos, said online activism can have an effect on public policy. "That's one of the reasons SOPA (Stop Online Piracy Act) got shut down," he said. "But that's not hacking ... That's just making yourself heard.

"When they start breaking the law, no, they don't really change things. How many times did Sony get hacked -- 49 or so? -- and they never changed their minds about anything," Wisniewski said.A'A "Stratfor (an Austin, Texas-based international intelligence broker) is not going to back down from what they do because they got hacked. Most of those types of actions are really misguided."

The IAEA did not respond to multiple requests over two days for comment about how it might respond to the demand. But in a statement to Computerworld, spokeswoman Gill Tudor said only that the agency was working to make sure that no further information was vulnerable.

[Slide show:A'A Anonymous and LulzSec -- 10 greatest hits]

This doesn't mean hacktivism never has any impact. As a Business Insider post on the hacktivist collective Anonymous noted, "Following allegations of vote rigging after the results of the June 2009 Iranian presidential election were announced, declaring Iran's incumbent President Mahmoud Ahmadinejad as the winner, thousands of Iranians participated in demonstrations."

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News