Introduction to Hacktivism
-
Upload
phil-huggins-fbcs-citp -
Category
Business
-
view
140 -
download
0
description
Transcript of Introduction to Hacktivism
![Page 1: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/1.jpg)
1
Introduction to HacktivismMay 2013Phil Huggins
![Page 2: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/2.jpg)
Digital Activism
![Page 3: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/3.jpg)
3
Activism
The policy or action of using vigorous campaigning to bring about political or social change.
![Page 4: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/4.jpg)
4
Digital or Internet Activism
“Use of Technology over large distances to effect change.”
“Grassroots activists using networked technologies for social and political change campaigns.”
“Goal of Political or Social Change + Digital Technology.”
![Page 5: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/5.jpg)
5
Digital Activism - New Actions Maps & Maptivism QR Codes File-Sharing Media Hijacking Trend a hashtag
Search Engine Optimisation
Livestreaming Check-Ins Self-Surveillance Flash Mobs
![Page 6: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/6.jpg)
6
Sources of advice, services and tools for digital activists
![Page 7: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/7.jpg)
Hacktivism
![Page 8: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/8.jpg)
8
Activism vs Hacktivism vs CyberTerrorism
Digital Activism is separated from Hacktivism by Computer Crime Computer Crime is well defined:▪ Unauthorised Access to computer material▪ Unauthorised access with intent to commit further offences▪ Unauthorised acts with intent to impair the operation of a computer▪ Making, supplying or obtaining article for use in computer misuse
offences
Hactkivism is separated from CyberTerrorism by Terrorism Terrorism in this context is well defined▪ Anything designed to interfere with or seriously disrupt an electronic
system and▪ Use or threat to influence government or intimidate the public and▪ Use or threat is made for the purpose of advancing a political or
ideological cause
![Page 9: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/9.jpg)
9
Hacktivism - Actions
Software distribution Website mirroring Defacements Typosquatting Redirects Denial of Service Attacks (DOS)
Web Sit-ins Email Bombs
Distributed Denial of Service Attacks (DDOS) Opt-In Botnets Malware Botnets
Doxing SWATting
![Page 10: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/10.jpg)
Denial of Service
![Page 11: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/11.jpg)
11
DoS
Denial of Service An attempt by an attacker to deny a
victims services to it’s users.1.Exploit that causes victim to fail2.Resource exhaustion:▪ Network Bandwidth▪ Computing Power▪ Memory
![Page 12: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/12.jpg)
12
DDoS
Distributed Denial of Service A Dos launched simultaneously from multiple points Usually a resource exhaustion attack Attackers now build networks (Botnets) of compromised
computers (zombies or loads) from which to launch their attacks Large Botnets are now available for hire or to buy for pocket
money.
1000 Loads 5000 Loads 10,000 Loads
World Mix $25 $110 $200
EU Mix $50 $225 $400
DE, CA, GB $80 $350 $600
USA $120 $550 $1000
![Page 13: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/13.jpg)
13
Online Botnet marketplaces
![Page 14: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/14.jpg)
14
Chimera Botnet
![Page 15: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/15.jpg)
15
Typical DDoS
![Page 16: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/16.jpg)
16
Reflector DDoS
![Page 17: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/17.jpg)
Examples of Hacktivism
![Page 18: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/18.jpg)
18
History
First known Hacktivism recorded in 1989 Worms Against Nuclear Killers Australian Hacktivists Infected VMS DECNet systems
![Page 19: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/19.jpg)
19
Anonymous
Formed in 2003 from the 4chan /b/ message board
Since 2004 4chan is a forced anonymous community
The Btards Initially focused on pranks, trolling and griefing
![Page 20: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/20.jpg)
20
Project Chanology
Anonymous were ‘politicised’ in 2008 following a series of actions involving the Church of Scientology.
Actions inlcuded: Physical protests ▪ Guy Fawkes masks
Prank calls Black faxes DDoS attacks ▪ Low Orbit Ion Cannon (LOIC)
IRC channels used to coordinate attacks.
![Page 21: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/21.jpg)
21
Other major campaigns
Operation Payback (2010) DDoS attacks on the Pirate Bay by
MPAA & RIAA Expands to include other copyright-
related targets Attacks on Paypal, Matercard and Visa
related to Wikileaks
Operation Darknet (2011) Targeted child pornography sites on
the Tor network Release usernames from the site
“Lolita City”
![Page 22: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/22.jpg)
22
What are Anonymous?
Angry Chaotic Constantly changing International Broad themes not specific goals Uncoordinated Unfinanced Differences in philosophy and
undefined subgroups No long term vision
![Page 23: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/23.jpg)
23
Lulzsec
A splinter group formed in 2011 as a result of Operation Darknet known as Lulzsec
50 day rampage Anti-Sec Movement “Demonstrating insecurity to
improve security”
![Page 24: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/24.jpg)
24
Syrian Electronic Army (SEA)
Pro-Syrian Regime Hacktivists First seen May 2011 Targeting major news organisations
BBC Associated Press Guardian CBS News NPR
Also activists Columbia University Human Rights Watch
And oddly … FIFA Sepp Blatter 2014 World Cup
![Page 25: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/25.jpg)
25
BBC hack example
![Page 26: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/26.jpg)
Opsec for Hackers
![Page 27: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/27.jpg)
27
Operational Security
The underground community has learnt lessons from Lulzsec
They have reviewed the evidence presented in court
Developing guidance: Create a cover Work on the legend Create sub-aliases Never contaminate
Produced the “10 Hack Commandments”
![Page 28: Introduction to Hacktivism](https://reader036.fdocuments.net/reader036/viewer/2022062513/554d55a3b4c905003b8b4863/html5/thumbnails/28.jpg)
blog.blackswansecurity.com