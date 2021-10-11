Hacktivists are back in the public spotlight, nearly a decade after groups like Anonymous and LulzSec tore through the Internet and wreaked havoc on everyone from Sony to the U.S. Senate. In places including the United States, Iran and Belarus, hackers aiming to further political goals have gone after companies and organizations perceived as right-wing, the surveillance industry and even authoritarian governments.
It’s been an “incredibly big year” for hacktivism and leaktivism so far, said Emma Best, co-founder of nonprofit whistleblower group Distributed Denial of Secrets.
Let’s take a spin back through this year, looking at some of the biggest hacktivist breaches:
January: A hacker known as “donk_enby” extracted publicly accessible data from social media network Parler, used by many on the political right, in the wake of the Jan. 6 riot at the Capitol. Some of those videos were even used as evidence in the January impeachment trial of former president Donald Trump.
February: Hacktivists breached one of Parler’s main competitors, Gab. They pilfered 40 million posts from the platform, as well as private messages and passwords. But they had a different modus operandi: instead of posting the data for the world to see, they provided it to researchers and journalists, who wrote about their findings.
Leaked data included chat logs from Jan. 6, as well as the private groups that were created for far-right groups like the Oath Keepers militia.
March: Hacker Tillie Kottmann shared clips of some of the more than 149,000 security feeds that administrators at camera start-up Verkada were able to access, with the goal of exposing the pervasiveness of surveillance and lack of security in the industry.
Things didn't go well for Kottmann. Three days after Bloomberg first reported on the hack, police raided Kottmann’s Swiss apartment. Less than a week later, a grand jury in Washington state indicted Kottmann, alleging identity theft, wire fraud and conspiracy as part of a campaign to leak proprietary data in a series of unrelated hacks targeting major corporations.
September: Hacker group Anonymous exposed more than 150 gigabytes of previously private data — including user names, passwords and other identifying information of customers of Epik, the favorite Internet company of the far-right. Epik provides domain services to QAnon theorists, Proud Boys and other instigators of the Jan. 6 attack on the U.S. Capitol.
October: Hackers dumped a colossal haul of data stolen from Twitch, “revealing what they said was not just the million-dollar payouts for its most popular video game streamers but the site’s entire source code — the DNA, written over a decade, central to keeping the company alive,” Drew Harwell reports.
Consequences
The hackers insist their causes are righteous – and that the ends justify their means.
The hackers of Twitch used a hashtag criticizing the company and called it a “disgusting cesspool,” Drew writes.
“The perpetrators of these hacks are distancing themselves from financially driven cybercriminals and ransomware gangs by portraying their attacks as moral crusades against what they said were the companies’ sins,” Drew writes. “In celebratory notes released alongside their data dumps, the Epik hackers said they were sick of the company serving hateful websites, while the Twitch hackers used a hashtag criticizing company efforts to confront harassment and said the site had become a 'disgusting cesspool.'”
And they're affecting everyday Internet users. The leaked data also included personal information belonging to thousands of Twitch users. (Amazon founder Jeff Bezos owns The Washington Post.)
“Hacking because you disagree with an organization and you want to expose them is starting to really gain traction again,” Allan Liska, a senior intelligence analyst at cybersecurity firm Recorded Future, told Drew. "Generally the biggest victims of the attacks are not the target organization … but the people who work there” or use the service for work or personal reasons, he added.
Scope
The government isn't immune either.
- Hacktivists unsuccessfully tried to interfere in the 2020 election a handful of times, according to an intelligence report that was declassified this year.
- And the Transportation Security Administration told the oil and gas industry in July that hacktivists supporting animal rights, anarchy and the environment “have expressed interest” in conducting cyberattacks against pipelines, though “none of these three movements have demonstrated the capability to conduct any sort of sophisticated cyber attack or intrusion,” according to an industry letter.
And not just in the United States.
When hackers targeted Iran’s train system in July, for example, they aimed for impact, directing passengers to contact the office of the country’s supreme leader, Ayatollah Ali Khamenei.
The next month, hackers went after Iran’s notorious Evin Prison, releasing footage showing them taking over security cameras and calling for protests. A top prison official issued a rare apology for graphic images depicting prisoners getting beaten and kicked by guards.
More than 2,000 miles away from Tehran, Belarusian President Alexander Lukashenko’s government has faced similar headaches.
Lukashenko has been Belarus’s president since 1994. The biggest protests in the country’s history erupted last year when the country’s opposition rejected results showing that he had won his sixth term.
Then came the “Cyber Partisans.” In recent months, a band of 15 self-taught hacktivists who fled the country has wreaked havoc on Lukashenko and his inner circle.
They say they have access to massive troves of data, including the country’s entire passport database and 5.3 million recordings of phone calls that were wiretapped. They’ve also accessed video from police drones and surveillance cameras.
It was “as comprehensive of a hack of a state as one can imagine,” Silverado Policy Accelerator chairman and CrowdStrike co-founder Dmitri Alperovitch said.
The keys
President Biden signed a bill into law to boost school cybersecurity
The law aims to bolster the cybersecurity of K-12 schools and make them less vulnerable to ransomware attacks. It passed with bipartisan support in the House and the Senate.
The legislation tasks CISA Director Jen Easterly with conducting a study on K-12 cybersecurity risks. The law also directs her to develop cybersecurity recommendations and an online training tool kit for schools.
“This law highlights the significance of protecting the sensitive information maintained by schools across the country, and my Administration looks forward to providing important tools and guidance to help secure our school’s information systems,” Biden said in a statement. It was written by Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and Sen. Rick Scott (R-Fla.). Rep. Jim Langevin (D-R.I.) led the House version.
The FBI used encrypted email and cryptocurrency to catch Navy leaker
Jonathan Toebbe is accused of putting secret information about nuclear-powered submarines on encrypted memory cards. Law enforcement officials found the cards in a peanut butter sandwich and chewing gum container at “dead drop” locations in West Virginia and Virginia, authorities said. They were able to view the contents of the cards after paying $90,000 in Monero.
“Toebbe and his wife were charged with conspiracy to communicate restricted data and communication of restricted data,” my colleagues Devlin Barrett and Martin Weil report.
The Biden administration is considering an executive order on cryptocurrency amid surge in ransomware
The order would direct federal agencies to study and make recommendations on different aspects of cryptocurrency including national security issues, people familiar with the matter told Bloomberg's Jennifer Epstein and Benjamin Bain. It would also aim to centralize cryptocurrency work in the executive branch, they said.
The White House has also weighed appointing a cryptocurrency czar, one person said. The White House declined to comment. It hasn't yet made a decision to release the executive order, two of the people said. But the Biden administration plans to publish its strategy on cryptocurrencies regardless of whether Biden signs such a directive.
Cryptocurrency regulation and enforcement has become a hot topic this year. The Justice Department announced the creation of a National Cryptocurrency Enforcement Team to go after cybercriminals in the cryptocurrency ecosystem. In September, the Treasury Department sanctioned Suex, a cryptocurrency exchange it said had “facilitated transactions involving illicit proceeds from at least eight ransomware variants.”
