ReutersMar 26, 2021 5:15:20 AM
By Joseph Menn
(Reuters) – At a time when US agencies and thousands of corporations are fending off major hacking campaigns originating in Russia and China, another type of cyber threat is re-emerging: activist hackers seeking a political point of view.
Three major hacks show the power of this new wave of “hacktivism” – the unveiling of AI-controlled video surveillance by startup Verkada, a collection of riot videos from the right-wing social network Parler from January 6th, and the disclosure of the high-tech surveillance apparatus the military junta in Myanmar.
And the US government’s response shows officials are alarming the return of hacktivism. In an indictment last week, 21-year-old Tillie Hottmann, a Swiss hacker found guilty of the Verkada violation, was charged with an extensive conspiracy.
“Wrapping yourself up in an allegedly altruistic motive does not remove the criminal stench of such intrusion, theft and fraud,” said Seattle-based US attorney Tessa Gorman.
According to a US intelligence agency strategy released a year ago, “ideologically motivated entities such as hacktivists, leasivists and information disclosure organizations” are now viewed as “significant threats” alongside five countries, three terrorist groups and “transnational criminals”. “
Earlier waves of hacktivism, particularly from the amorphous collective Anonymous known in the early 2010s, largely subsided under pressure from law enforcement agencies. But now a new generation of teenage hackers is joining the fight, many angry at how the cybersecurity world works and angry at the role of tech companies in spreading propaganda.
And some former anonymous members are returning to the field, including Aubrey Cottle, who helped reinvigorate the group’s Twitter presence in support of the Black Lives Matter protests last year.
Anonymous followers pointed out that they had disrupted an app that Dallas police were using to file complaints about protesters by flooding them with nonsensical traffic. They also took control of Twitter hashtags promoted by police supporters.
“The interesting thing about the current wave of Parler Archives and Gab Hack and Leak is that hacktivism supports anti-racist politics or anti-fascism politics,” said Gabriella Coleman, anthropologist at McGill University in Montreal, who wrote a book on Anonymous.
Gab, a social network favored by white nationalists and other right-wing extremists, was also injured by the hacktivist campaign and was temporarily closed after violations.
INTERRUPT QANON
Most recently, Cottle focused on QAnon and hate groups.
“QAnon is trying to adopt Anonymous and merge into Anonymous. That was the straw that broke the camel’s back,” said Cottle, who has held a number of web development and engineering jobs, including a stint at Ericsson.
He found email data showing that those in charge of the 8kun image board that posted the person known as Q were in constant contact with key promoters of QAnon conspiracies. Https://www.bellingcat.com/news/2021/01/07 / exposed-email-logs-showing-8kun-owners-in-contact-with-Qanon-influencers-and-enthusiasts.
The New Wave hacktivists also have a privileged place to post materials they want to post – Distributed Denial of Secrets, a transparency site that took the WikiLeaks cloak with less geopolitical prejudice. The website’s collective is headed by Emma Best, an American known for filing extensive freedom of information requests.
Best’s two-year-old website coordinates research and media access to a hoard of posts by unknown hackers in Gab. In an essay earlier this week, Best praised Hottmann, saying leaks would keep happening, not just from hacktivists but also from insiders and ransomware operators who release files when companies fail to pay them off.
“Charges like Tillies show how fearful the government is and how many companies view embarrassment as a greater threat than uncertainty,” Best wrote at https://ddosecrets.substack.com/p/hacktivism-leaktivism-and-the-future.
The events covered by the Hottmann indictment https://www.justice.gov/usao-wdwa/press-release/file/1377536/download?utm_medium=email&utm_source=govdelivery took place from November 2019 to January 2021. The Lucerne software developer and his Employees broke into a number of companies, removed computer code, and released it. The indictment also stated that Hottmann spoke to the media about the victims’ poor security practices and benefited from it, if only by selling shirts that said things like “Venture Anticapitalist” and “Catgirl Hacker”.
But it was only after Hottmann publicly acknowledged Verkada’s violation and posted alarming videos from large companies, medical facilities and a prison that the Swiss authorities ransacked her home at the behest of the US government. Hottmann uses non-binary pronouns.
“This move by the US government is clearly not only an attempt to disrupt the freedom of information, but above all to intimidate and silence this emerging wave of hacktivists and leaktivists,” said Hottmann in an interview with Reuters.
Hottmann and her attorney declined to discuss U.S. wire fraud allegations for some of Hottmann’s online testimony, aggravated identity theft for the use of employee ID cards, and the conspiracy that together add up to a long prison term.
The FBI declined an interview request. When it comes to extradition, the Swiss would determine whether Hottmann’s alleged actions violated the laws of that country.
CONTEMPT
Hottmann was open about her contempt for the law and future corporate powers. “Like many people, I have always been against intellectual property as a concept and especially against using it to limit our understanding of the systems that govern our daily lives,” said Hottmann.
A European friend of Hottmann’s known as “donk_enby,” an indication that he is not binary in gender, is another important figure in the hacktivism revival. Donk got furious over conspiracy theories spread by QAnon supporters on the Parler social media app sparking protests against COVID-19 health measures.
After a Cottle post about a leak from Parler in November, Donk dissected the iOS version of Parler’s app and found a poor choice for the design. Each post had an assigned number and she could use some program to keep adding 1 to that number and downloading each post one at a time.
Following the January 6th riot in the U.S. Capitol, Donk shared links to the web addresses of a million Parler video postings and asked their Twitter followers to download them before rioters recorded inside the building cleared the evidence. In addition to footage, the treasure trove included precise locations and timestamps so members of Congress could catalog the violence and the FBI could identify other suspects.
Popular with far-right personalities, Parler has struggled to stay online after being dropped by Google and Amazon. Donk’s actions alerted users who thought some videos were going to be private and hampered their attempt to comeback.
Meanwhile, protesters in Myanmar asked Donk for help, which resulted in file dumps that prompted Google to remove its blogging platform and email accounts https://www.reuters.com/article/idUSKBN2B20WD from the leaders of the February 1st coup. Donk’s identification of numerous other military contractors helped fuel the sanctions, which continue to pile up.
A big change from the earlier era of hacktivisim is that hackers can now legally make money by reporting the security vulnerabilities they find to the companies involved or by taking jobs at cybersecurity companies.
However, some see so-called bug bounty programs and hiring hackers to break into systems to find vulnerabilities as corporate protection mechanisms that should be exposed.
“We’re not going to hack anyone and help protect someone we believe is doing something extremely unethical,” said John Jackson, an American researcher who works with Cottle on above-ground projects. “We’re not going to hack surveillance companies and help them secure their infrastructure.”
(Reporting by Joseph Menn in San Francisco; Editing by Jonathan Weber and Grant McCool)
This story was not edited by Firstpost staff and is generated by automatic feed.
