News

Hacktivism: between protest and cyber security 

Discover hacktivism, what hacktivists do, and its impact on cyber security, from ethical debates to DDoS attacks, leaks, and threats to websites.

Form of digital activism

26 February 2025

Table of contents

  • Hacktivism: what it is and why it’s controversial 
  • The most common hacktivist techniques 
  • Famous hacktivist groups 
  • Hacktivism and cyber security: an ongoing challenge
  • Hacktivism: ethics and legality 

Hacktivism combines hacking with activism, where hacktivists use technical skills to promote political or socialcauses. Unlike cybercrime, the goal isn’t always financial gain but rather spreading messages, exposing injustices, or fighting censorship and surveillance.

However, attacks on websites, governments, and corporations raise serious ethical and legal concerns. Is hacktivism a threat or a tool for digital freedom? And how does cyber security defend itself against these attacks? 

Hacktivism: what it is and why it’s controversial 

Hacktivism is the digital-age equivalent of civil disobedience, using hacking to make political or social statements. Some view it as a fight for human rights and freedom of speech, while others see it as a security threat. The line between activism and cyberattacks is blurry—defacing a website or leaking confidential data can lead to legal and political repercussions. 

Some incidents have had a huge impact on public opinion.

Example
Anonymous has carried out attacks against the Church of Scientology, governments, and multinational corporations to protest censorship or abuses of power.

However, hacktivism can sometimes cross into cybervandalism or serious crimes, such as stealing sensitive information. 

The most common hacktivist techniques 

Hacktivists employ a range of sophisticated techniques to attack IT systems, disable websites, and spread information. These strategies vary in complexity and impact, from targeted attacks to information manipulation. 

DDoS attacks (Distributed Denial of Service) 

One of the most common hacktivist tools is the DDoS attack, which floods a website or server with excessive traffic until it crashes. This method has been used by Anonymous against government agencies and corporations like Visa and PayPal, in retaliation for blocking donations to WikiLeaks

DDoS attacks can be executed using botnets (networks of compromised devices) or “booter” and “stresser” services, allowing even non-technical users to launch attacks. Victims suffer service disruptions, financial losses, and reputational damage. 

Defacement: altering websites for protest 

Defacement involves modifying a website to display political or social messages.

Example
In 2008, Anonymous targeted the Church of Scientology, replacing its homepage with a video criticizing the organization’s practices. 

This technique is highly effective for grabbing public opinion‘s attention and creating media buzz. However, it constitutes a cyber security breach and can lead to severe legal consequences. 

Data leaks and whistleblowing 

One of the most powerful hacktivism tools is exposing classified documents, often obtained through cyberattacks or insider sources. WikiLeaks, founded by Julian Assange, is a prime example: it has leaked sensitive information about the United States government, revealing military secrets and diplomatic scandals. 

Sometimes, hacktivists collaborate with employees or whistleblowers to obtain confidential data. In other cases, they use phishing and malware to infiltrate systems. These leaks can embarrass governments and corporations, sparking debates on transparency vs. national security. 

Targeted phishing and social engineering 

Hacktivists often rely on targeted phishing, tricking people into revealing credentials or installing malware in IT systems.

Example
A famous case was the cyberattack on the Democratic National Committee (DNC) in the United States, where hackers used fake emails to gain access to sensitive documents. 

Beyond phishing, social engineering techniques involve deception and manipulation to extract information. Impersonating IT staff, setting up fake websites, or gathering intelligence from social media are common tactics. 

Communication interception and spyware 

Some hacktivist groups use man-in-the-middle attacks and sniffing to intercept communications and obtain confidential data. Spyware and keyloggers can record everything typed on a device, including passwords and financial details. 

A notorious case is the FinFisher spyware, used by both governments and hacktivists to monitor political opponents. Tools like Pegasus have also sparked global controversy due to their extensive surveillance capabilities. 

Malware and ransomware: when hacktivism overlaps with cybercrime 

While ransomware is typically associated with cybercriminals, some hacktivist groups have used it to lock systems and demand symbolic ransoms or political statements.

Example
In 2020, the DarkSide group attacked companies and critical infrastructure, including the Colonial Pipeline in the United States, causing major disruptions. 

Some hacktivists deploy malware to sabotage infrastructure or inject harmful files into government networks, attempting to influence political decisions and strategies. 

Computer systems

Famous hacktivist groups 

Over the years, various hacktivist groups have carried out high-profile actions: 

  • Anonymous
    The most well-known group, famous for DDoS attacks and campaigns like #OpISIS and #OpRussia. 
  • LulzSec
    A collective targeting governments and corporations “for fun and chaos.” 
  • WikiLeaks
    Founded by Julian Assange, it publishes confidential government and corporate documents. 
  • GhostSec
    A splinter group from Anonymous, focused on fighting online terrorist propaganda. 
  • Cult of the Dead Cow (CDC)
    One of the earliest hacktivist groups, promoting digital security and freedom of information. 

These groups operate in the shadows, with motives ranging from sabotage to political activism. 

Hacktivism and cyber security: an ongoing challenge 

For governments and businesses, defending against hacktivists is a priority. IT systems must withstand attacks like DDoS and data breaches. Some key security measures include: 

  • Advanced DDoS protection
    Firewalls, CDNs, and mitigation systems help protect websites from overload attacks. 
  • Vulnerability monitoring
    Keeping software and servers updated reduces the risk of breaches. 
  • Zero Trust Security
    Strict access controls prevent unauthorized users from infiltrating networks. 
  • Incident Response Plans
    A structured approach to handling cyberattacks minimizes damage. 
  • Training and awareness
    Educating employees and users on phishing risks prevents data leaks. 

Despite these defenses, hacktivism continues to evolve, pushing the limits of cyber security

Hacktivism: ethics and legality 

The debate over hacktivism is complex. Is it a form of social change, or a security threat? Some consider it a necessary tool for protest, while others see it as a criminal activity. 

Example
Laws vary by country. In the United States, many hacktivist activities are illegal and carry severe penalties.

However, in cases involving freedom of information, hacktivism is viewed differently. The boundary between justice and illegality is thin, and the debate will likely continue. 

Conclusion 

Hacktivism is a complex phenomenon that blurs the line between ethics, security, and politics. On one hand, it is a form of civil disobedience in the digital world, but on the other, it can threaten global IT systems.

As governments and businesses strengthen defenses, hacktivists develop new methods to bypass them, creating an ongoing game of cat and mouse. ùù

Domande e risposte

  1. What is hacktivism? 
    Hacktivism is a form of digital activism that uses hacking techniques to promote political or social causes. 
  2. What’s the difference between hacktivism and cybercrime? 
    Hacktivism is ideologically driven, while cybercrime is motivated by financial or criminal interests. 
  3. Is Anonymous a hacktivist group? 
    Yes, Anonymous is one of the most famous hacktivist groups, known for DDoS attacks and global campaigns. 
  4. What are the main risks of hacktivist attacks? 
    They can disrupt websites, steal sensitive data, and influence public opinion. 
  5. Are DDoS attacks legal? 
    No, a DDoS attack is illegal in most countries. 
  6. What has WikiLeaks done? 
    It has published classified documents on governments and corporations, often causing political scandals. 
  7. How can organizations defend against hacktivists? 
    By implementing cyber security measures such as DDoS protection and vulnerability monitoring. 
  8. Is hacktivism ethical? 
    It depends on the perspective: some see it as a form of protest, others as a criminal act. 
  9. Which governments have been targeted by hacktivists? 
    The United States, China, and Russia have frequently been targeted by hacktivist groups. 
  10. How is Tom Cruise linked to hacktivism? 
    His name surfaced when Anonymous attacked the Church of Scientology, with which Cruise is affiliated. 
5
To top