Background:

Hacktivism is the use of computer hacking methods, such as website defacing, data leaking, or network/system disrupting, to promote some form of ideological cause. The term was coined in the 1990s by the hacker group Cult of the Dead Cow, who used it to describe their actions of hacking into systems and websites to expose security flaws and spread their messages.  Some of the most notable examples of hacktivism include:

  • The Electronic Disturbance Theatre, a group of activists who used denial-of-service attacks and virtual sit-ins to protest against the Mexican government’s treatment of the Zapatista movement in the late 1990s.
  • Anonymous, a loose collective of hackers who have launched various campaigns against targets such as Scientology, the Islamic State, and the Church of Latter-day Saints, among others. Anonymous is known for its use of masks, slogans, and videos to communicate their messages and recruit supporters.
  • WikiLeaks, a non-profit organization that publishes classified and sensitive information from anonymous sources. WikiLeaks has exposed various scandals and controversies involving governments, corporations, and individuals, such as the Iraq War logs, the Cablegate, and the Panama Papers.
  • The Arab Spring, a series of popular uprisings that swept across the Middle East and North Africa in 2010-2011. Hacktivists played a key role in spreading information, organizing protests, and circumventing censorship during the revolutions.
  • The Occupy movement, a global protest movement that emerged in 2011 to challenge economic inequality and corporate power. Hacktivists supported the movement by hacking into websites, leaking documents, and launching cyberattacks against financial institutions and corporations.

Hacktivism is a controversial phenomenon that raises ethical and legal questions. Some view hacktivism as a legitimate form of civil disobedience and a powerful tool for social change. Others see it as a form of cybercrime and a threat to security and privacy. Hacktivism also poses challenges for law enforcement and regulation, as it often crosses national borders and operates in the shadows of cyberspace.

Recently, a number of Hacktivist groups are starting to emerge with broad and unclear motivations for their cyber attacks which are causing serious concern in the cybersecurity world. Two examples include:

1) KittenSec:

KittenSec is a new hacking group that claims to expose corruption by attacking government and private sector targets in multiple NATO countries. The group has leaked data from Romania, Greece, France, Chile, Panama and Italy, affecting more than 13 million people. KittenSec says it does not care about the difficulty or the consequences of its attacks, and that it has connections to other hacktivist groups. Some experts doubt the group’s motives and suggest that it may be a front for state-sponsored actors.

KittenSec is a new hacking group that claims to expose corruption by attacking government and private sector targets in various NATO countries. The group has leaked data from Romania, Greece, France, Chile, Panama and Italy, affecting more than 13 million people. KittenSec says it is not affiliated with any country and has connections to other hacktivist groups. However, some experts doubt the group’s motives and suggest they may be a front for state-sponsored actors.

2) Anonymous Sudan:

Anonymous Sudan is a hacker group that has been behind a series of cyberattacks on various organisations in the West, such as Microsoft, Reddit, Scandinavian Airlines and others. The group claims to be a pro-Islam hacktivist collective from Sudan, but cybersecurity experts have found evidence that links them to Russia and its interests.

According to Cybernews, Anonymous Sudan emerged as a Russian-speaking Telegram channel in mid-January 2023, taking the name of a 2019 hacking operation by the original Anonymous collective, which has denied any association with them. The group initially targeted websites that were involved in or related to instances of desecrating the Quran, but later expanded its scope to include any organisation that was perceived as hostile to Sudan or Islam.

However, researchers from TrueSec and CyberCX have pointed out several inconsistencies and clues that suggest Anonymous Sudan is neither anonymous nor Sudanese. For example, the group’s posts on Telegram were mostly in Russian and English, not Arabic; the group’s account was located in Russia; the group had close ties with another pro-Russian DDoS group called Killnet; and the group avoided attacking any Russian site even though the Quran had been burned inside Russia.

Moreover, the experts noted that Anonymous Sudan used paid infrastructure and sophisticated tools to conduct its attacks, which indicated that it had a major financier. They speculated that someone in the Russian government or its circle was behind the group’s operations and paid Killnet to carry out the attacks on their behalf. The group’s targets and messages seemed to align with the Kremlin’s agenda and propaganda, such as undermining Ukraine’s allies, spreading misinformation and creating chaos.

Anonymous Sudan has not revealed its exact motives or goals, but it has threatened to continue its attacks until its demands are met. The group has also expressed support for other cybercrime groups that share its anti-Western stance, such as REvil and DarkSide. It is unclear how effective or influential Anonymous Sudan is, but it has demonstrated its ability to disrupt online services and attract media attention.

Read more about those groups on the Cloudflare website by clicking the button below.