Origins of hacktivism: Anonymous, LulzSec and WikiLeaks

While today’s hacktivism is undoubtedly much broader than media reporting would lead us to believe, the public appears to focus on three organizations: Anonymous, Lulz Security (LulzSec) and WikiLeaks, as the core of hacktivism in the United States, if not the world.

So who are these self-proclaimed hactivists? Where did they come from? And how are they making their mark on cyber security, corporate business and how we conduct our everyday lives online?

Anonymous

Anonymous’ origin is an interesting study in serendipity. To begin, we need to look at the 4chan message board system. 4chan started in 2003 in the bedroom of a then-15-year-old student, Christopher Poole. The message board’s simple origins were created based on the desire to share interests such as anime, manga, technology, sport, photography, music, hentai, torrents, travel and physical fitness. 4chan has since grown to the point where the Los Angeles Times now reports it as being one of the Internet’s most trafficked imageboards.

Unlike many web forums, 4chan does not have a registration system; it allows users to post blog entries, files and information anonymously. To this end, any message post made without filling in the “Name” field causes posts to be attributed to “Anonymous”. The general understanding on 4chan site is that the name Anonymous does not stand for a single person but rather a collective of users who chose not to identify themselves.

We should pause here and note the pieces of the Anonymous hacktivist group origin puzzle that now fall into place. The fact that 4chan members could secretly post messages (defaulting to the user name Anonymous) not only provides insight into the group name but also sets the stage for a discreet communication mechanism that would support a disjoint, but coordinated set of individuals, in this case a group of hackers performing illegal acts (in the eyes of the government).

While the general public, through continued media reporting, is very aware of the Anonymous group name, very few people outside of the hard-core technology world are aware of the 4chan origin, or how 4chan continues to be in close association with the Anonymous group itself.

It is widely believed (and in some cases proven) that many early hacking attacks originated from 4chan members. In fact, several hacking attacks actually used 4chan facilities to carry out denial-of-service (DDoS) attacks against government websites.

According to Wikipedia, in December 2006 and January 2007, users of 4chan launched DDoS attacks against Hal Turner (an American white nationalist and Holocaust denier) in addition to prank calling his phone-in radio show. In 2008, it was reported that the Republican vice presidential candidate, Sarah Palin’s private email account was also hacked by a 4chan user.

While many other reports of hacking by 4chan members can be cited—one particularly memorable, touching event occurred on February 15, 2009. The posting of several YouTube videos featuring the physical abuse of a domestic cat by a person calling himself “Timmy” prompted the 4chan community to track down the originator of the videos.

Timmy, who turned out to be a fourteen-year-old from Oklahoma, was reported to his local police department by 4chan members, which resulted in his arrest. The cat was treated by a veterinarian and taken to a safe place. Note the social orientation (hacktivist) of this effort. While not directly attributed to Anonymous, the act did connect the desire of 4chan members to use their technical skills for social good.

LulzSec

Much younger than Anonymous, the hacker group Lulz Security (also known as LulzSec), is reported to be a splinter group of Anonymous. The exact origin of LulzSec as a group is not known; nor is the current relationship between Anonymous and LulzSec known. At times the relationship appears to be one of cooperation, at other times one of frustration, which might be a result of LulzSec’s lack of true hacktivism orientation.

The LulzSec name originated as a derivative of the texting shortcut LOL (Laugh Out Loud) and a shortened version of the word “security.” LulzSec attitudes, public statements and chosen attack victims appear to be far more frivolous that the older Anonymous group.

LulzSec’s first reported attack came in May 2011 against Fox.com. This attack, like more recent LulzSec initiated attacks, does not appear to have a solid philosophical foundation other than at least one LulzSec member did not like some report or personality associated with the attacked entity.

In a supposedly final, odd twist, on June 26, 2011, LulzSec released a statement titled “50 days of lulz,” suggesting the disbanding of their group. Whether the claim was yet another LulzSec joke or LulzSec members could not live without their occasional fame, the group committed another hack against newspapers owned by News Corporation on July 18, 2011, when they posted false reports on the death of Rupert Murdoch.

WikiLeaks

The Wikileaks domain name (wikileaks.org) was established on October 4, 2006 and the website published its first document in December 2006.

Though the site claims to have been “founded by Chinese dissidents, journalists, mathematicians and start-up company technologists, from the US, Taiwan, Europe, Australia and South Africa,” news reports, have cited Julian Assange the founder of WikiLeaks since January 2007. Wired magazine also indicated that Assange described himself in a private conversation as “the heart and soul of this organization, its founder, philosopher, spokesperson, original coder, organizer, financier and all the rest”.

WikiLeaks’ site describes itself as “a non-profit media organization dedicated to bringing important news and information to the public. We provide an innovative, secure and anonymous way for independent sources around the world to leak information to our journalists.

We publish material of ethical, political and historical significance while keeping the identity of our sources anonymous, thus providing a universal way for the revealing of suppressed and censored injustices.” A tag line on one of the WikiLeaks mirror sites reads: “We help you safely get the truth out. We are of assistance to peoples of all countries who wish to reveal unethical behavior in their governments and institutions. We aim for maximum political impact.”

While the US government has pointed to Wikileaks as a source of trouble, not everyone agrees. Time Magazine goes so far as to say WikiLeaks collection and release of information “could become as important a journalistic tool as the Freedom of Information Act.”

Finally, in a remarkable affirmation of its place and importance in society, WikiLeaks was nominated for (but did not win) the 2011 Nobel Peace Prize. A Norwegian parliamentarian, Snorre Valen, said WikiLeaks was “one of the most important contributors to freedom of speech and transparency” in the 21st century. Valen added, “by disclosing information about corruption, human rights abuses and war crimes, WikiLeaks is a natural contender for the Nobel Peace Prize.”

Activism or Excuse

Wikileaks, LulzSec and Anonymous all blur the line between right and wrong and encourage us to ponder questions older than cyberspace, the same kinds of questions activists also challenge us to consider. However, the actions of these groups as a whole sometimes appear to be more self-motivated than designed to benefit the greater good. So, are these hactivists modern-day activists or hackers looking for an excuse to do what they want?

Next Week: Anonymous, Lulz Security and WikiLeaks – True Activists or Hackers Looking for a Justification.

Alan Wlasuk is a managing partner of 403 Web Security, a full service, secure Web application development company. A Bell Labs Fellow award-winner with 18+ years of experience building secure web applications, Alan is an expert in Web security - from evaluation to Web development and remediation.