Carrying out hacking attacks as a form of activism. So, you might think of hacktivism as online activism, digital activism, or cyberactivism,

Cyber Criminals (Organized Cybercriminals)

Cybercriminals are individuals or groups of people who use technology to commit cybercrime to steal sensitive company information or personal data and generate profits.

Hacktivists

Hacktivists are individuals or groups of hackers who carry out malicious activity to promote a political agenda, religious belief, or social ideology. Hacktivists are not like cybercriminals who hack computer networks to steal data for cash. They are individuals or groups of hackers who work together and see themselves as fighting injustice.

State-sponsored Attacker (APT Groups)

State-sponsored attackers have particular objectives aligned with either the political, commercial, or military interests of their country of origin. These types of attackers are not in a hurry. The government organizations have highly skilled hackers and specialize in detecting vulnerabilities and exploiting these before the holes are patched. It is very challenging to defeat these attackers due to the vast resources at their disposal.

Insider Threats

The insider threat is a threat to an organization's security or data that comes from within. These types of threats are usually occurred from employees or former employees, but may also arise from third parties, including contractors, temporary workers, employees, or customers.

Malicious Insider Threats

Malicious threats are attempts by an insider to access and potentially harm an organization's data, systems, or IT infrastructure. These insider threats are often attributed to dissatisfied employees or ex-employees who believe that the organization was doing something wrong with them in some way, and they feel justified in seeking revenge.

Cyber Terrorists

Terrorism, by its very nature, seeks out whatever means possible to proliferate fear, unrest, and discord across the globe. Cyber terrorists utilize an array of cyber weapons to disrupt critical services and commit harmful acts to further their cause. Generally speaking (though far from exclusively), they target the state operations, businesses, and critical services that will cause the most dramatic effect.

The interesting thing is that all the services used by cybercriminals cost money, from malware development all the way through to money muling. All the individuals involved in the criminal ecosystem that supports fraud through a malware campaign require payment. This means that unless the criminals are able to access large numbers of bulk payment systems, and get high-value payouts on each occasion, each criminal is relying on small profit margins from each hack just to keep their business going. They then need to reinvest these profits into developing their botnets and campaigns further in order to have continued success.

Individual users: This category focuses on individuals as victims. The threat actors steal and use stolen data, credit card numbers, online financial account information, or ss numbers.

Enterprises: This category of financial cybercrime focuses on enterprises and business org. Threat actors will attempt to steal research on a new product to sell it to another supplier which deprives the legitimate business of profits.

Governments: Governments are also the targets of threat actors. If military information can be stolen, it can be sold. Government information can also be stolen and published in front of its citizens to embarrass the government.

People who carried out hacktivism attacks are hacktivists. They generally claim to operate with altruistic intentions, meaning not to cause malicious harm but rather to draw attention to a cause that’s important to the hacktivist group.

Hacktivists target entities that they believe violate their values or stand in the way of their agenda. Common targets may include Nation-states, Government agencies, Corporations, Religious institutions, Terrorist organizations.

Hacktivists generally believe they’re acting altruistically for the public good. Similar to activism in our physical world, online activists seek to bring public attention to a cause that’s important to them in hopes they’ll invoke change. This often means exposing and correcting perceived injustices.

The nature of the perceived injustices might be political, social, or religious:

• Politically motivated hacktivism seeks to promote or upheave a political agenda, sometimes to the extent of anarchy.
• Socially motivated hacktivism sets out to expose social injustices, ranging from government censorship to human rights.
• Religiously motivated hacktivism acts in the name of a religious ideology and may seek to discredit or encourage the belief.

Despite any altruistic intentions, hacktivism attacks are hacking attacks, which means they’re illegal. But they’re also difficult to prosecute because they’re mostly conducted anonymously.

Unlike traditional hacking attacks, though, hacktivism attacks rarely have true malicious intent. In some cases, you might think of them as a form of antagonism, such as the way we might see graffiti on billboards.

Still, just as this is vandalism in real life, website defacing is considered cyber vandalism. This is just one example of the types of hacktivism that exist today.

Hacktivism comes in many forms, each with its own way to support a hacktivist’s intentions. That might be promoting free speech and information, crashing websites, or exposing incriminating information. Here are 10 known types of hacktivism:

1. Anonymous blogging
2. RECAP
3. Website defacement
4. Website redirects
5. Website mirroring
6. Denial of Service (DoS) or Distributed Denial of Service attacks (DDoS)
7. Virtual sit-ins
8. Leaks
9. Doxing
10. Geo-bombing

 

Hackers and hacktivists generally use the same tools and techniques to achieve their goals. Unlike hacktivists, hackers are not defined solely by social causes.