Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hacktivism gets attention, but not much long-term change

Taylor Armerding | Dec. 3, 2012
Latest break-in at International Atomic Energy Agency highlights that the public still doesn't buy criminal acts in support of 'good causes'

Another hacktivist group struck this week for yet another "good cause."

Parastoo, which broke into a server of the International Atomic Energy Agency (IAEA) and leaked the email addresses of 167 experts working with the agency, declared that its goal was to expose "beyond-harmful operations" at Israel's Negev Nuclear Research Center.

In a statement posted on Pastebin, the group demanded that those experts petition the IAEA to investigate the Negev site, and threatened to expose the locations and other personal and professional information of those experts if they don't.

The group sought to show that its motives were noble. "We are reassuring IAEA that their critical information is safe with us, as we are brothers." But it said its brotherly connection did not extend to any "Western-flavored elements."

This latest break-in is yet another example of hacktivists viewing themselves as the good guys. They have regularly described themselves as freedom fighters who strike blows in behalf of the common people against the evils of corporations and governments.

But security experts say the reality is that while they can make life miserable in some cases for their targets, they generally have little more long-term impact than other, more traditional, activist movements like the Tea Party or Occupy Wall Street (which did have a major online element).Ã'Â Hacktivists gain a measure of short-term publicity and influence, but are now essentially irrelevant.

Michael Murray, managing partner of MAD Security and also of the Hacker Academy, said the targets of attacks "hardly ever" comply with the demands or threats of hacktivists. "I know of a couple of off-the-record types of deals," he said. "But most often, the target plays along only so long as it takes to either prosecute the hacktivists, usually with the assistance of law enforcement, or to buy time to figure out how to stop the attacks."

Chester Wisniewski, a senior security adviser at Sophos, said online activism can have an effect on public policy. "That's one of the reasons SOPA (Stop Online Piracy Act) got shut down," he said. "But that's not hacking ... That's just making yourself heard.

"When they start breaking the law, no, they don't really change things. How many times did Sony get hacked -- 49 or so? -- and they never changed their minds about anything," Wisniewski said.Ã'Â "Stratfor (an Austin, Texas-based international intelligence broker) is not going to back down from what they do because they got hacked. Most of those types of actions are really misguided."

The IAEA did not respond to multiple requests over two days for comment about how it might respond to the demand. But in a statement to Computerworld, spokeswoman Gill Tudor said only that the agency was working to make sure that no further information was vulnerable.


1  2  Next Page 

Sign up for CIO Asia eNewsletters.