INVITATION TO CYBERSECURITY 54 environment may hack a company they believe is polluting a local stream. After gaining access to their network, the hacktivists may download and disclose evidence to the media or directly to the public. The goal of the hackers is to raise awareness and harm the company. This is a form of vigilante justice, and it is against the law. Insider threat hacktivists might publish private documents in order to expose what they consider are illegal or unethical practices. This is known as a data leak. Sometimes this type of hacktivist is a legitimate whistleblower and is able to obtain legal protection, but other times their actions are illegal and they are charged with crimes. Edward Snowden famously leaked classified documents he obtained from the NSA and claimed whistleblower status, but the United States government disagreed and charged him with serious crimes. Wikileaks is a website that publishes documents from data leaks. There are several well-known groups that call themselves hacktivists. One pioneering group based in Europe is called the Chaos Computer Club. Another famous group based in the United States was called the Cult of the Dead Cow (abbreviated cDc). cDc engaged in gray hat hacking. Some of their early members later formed a group called L0pht that pioneered cybersecurity research and famously appeared before Congress using their hacker nicknames. They were called to testify about the insecurity of the Internet. Some of the members became tech industry leaders. Anonymous is another notorious, and darker, hacktivist group that has a decentralized leadership structure and has members all over the world. Many hacktivists consider themselves on the side of good versus evil. However, hacking is illegal, and hacktivists are subject to criminal charges regardless of their “good” intent. Another cause that motivates hackers is national pride. These individuals are called patriotic hackers. As civilians they are not technically authorized to hack by their country, but they take it upon themselves to defend their nation by hacking perceived enemy nation states. Russian nationals have been accused of patriotic hacking, particularly in the conflict against Estonia in 2007 (see Section 10.3.1.1). The Russian government benefited from their activities even though they could officially denounce them because they were not sanctioned by the government. Another cause that motivates hackers is terrorism. Terrorist groups are motivated by hate. Their goal is to inflict maximum damage on their enemies, and they attempt to do so using any means necessary, including hacking. The terrorist group al Qaeda conducted the 9/11 terrorist attacks against the United States on September 11, 2001, using commercial airplanes as missiles. Today, many people worry about a cyber 9/11. A cyber 9/11 might target critical infrastructure, like shipping ports, the power grid, or water treatment plants. Disrupting critical infrastructure could harm the economy and could also result in mass casualties and death. A similar idea is a cyber Pearl Harbor—a largescale cyber attack carried out by an enemy nation state. Some hackers may leave a calling card to prove that they were the ones that carried out an attack. In some attacks motivat-
RkJQdWJsaXNoZXIy MTM4ODY=