Ethics and Law in New Media/From Hacktivism to Cyberwar
From pranksters to yippies
Bruce Sterling in his Hacker Crackdown lists the historical landmarks on what we could call the darker side of Internet:
- 1865. U.S. Secret Service (USSS) founded.
- 1876. Alexander Graham Bell invents telephone.
- 1878. First teenage males flung off phone system by enraged authorities.
- 1939. "Futurian" science-fiction group raided by Secret Service.
- 1971. Yippie phone phreaks start YIPL/TAP magazine.
- 1972. Ramparts magazine seized in blue-box rip-off scandal.
- 1978. Ward Christensen and Randy Suess create first personal computer bulletin board system.
- 1982. William Gibson coins term "cyberspace." "414 Gang" raided.
- 1983. AT&T dismantled in divestiture.
- 1984. Congress passes Comprehensive Crime Control Act giving USSS jurisdiction over credit card fraud and computer fraud.
Moschovitis et al in their History of the Internet quote a possible origin of the word 'hacker', citing its use for the early radio enthusiasts that messed with the Army radio communication (causing the 1927 Radio Act as a legal measure to regulate radio more effectively). As seen from the list above, telephone cracking or 'phreaking' started also much earlier than the age of Internet (according to Sterling, first telephone operators were teenage boys who were soon replaced by women due to what we could today call 'inappropriate use'). And with the emergence of Internet, the trend just continued. Moschovitis writes: "Little did the Congress know that it was funding the backbone of a system that would link the nation's young people, faclitating communication between the hotbeds of social unrest in the midst of anti-Vietnam War protests - that a system designed as a strategic military tool would ultimately help hippies to find each other."
The Internet often walks the thin line between freedom of speech and thought and illegality. E.g. the video of the assassination of the U.S. president Kennedy taken by Abraham Zapruder, an amateur home movie enthusiast, was long kept classified. Nowadays it is freely available on the Net, e.g. here. The same applies to many other historical events - most probably, the events of September 11, 2001 will be fully revealed someday as well. Many occasions of goverment-sanctioned Internet use for eavesdropping and espionage (like the Echelon project reviewed earlier) have also caused a backlash towards the other end of spectrum.
The use of communication as a conscious method of political protest is also quite old. During the Vietnam War, the US government placed an extra tax on phone system. members of the Youth International Party ('yippies'; actually a largely fictional pseudo-party or rather a motley mix of performance artists and political pranksters) advocated bypassing the payments (essentially phreaking) as a legitimate means of protest. Similar 'bending of ethical standards' has occurred many times since then. Law and Disorder
While the classical hacker culture emerged from the labs of MIT and Stanford, bringing along new ideas about software development, licensing and network-based cooperation, there has almost always been also the 'dark side' (that are called 'crackers' by classical hackers and 'blackhats' by security people) as well as various forms of inbetweens ('samurai', 'freelancers' or 'grey hats'). Hackers proper have participated in security projects, but various 'twilight zone' activities have mostly been performed by the latter groups. While Bruce Sterling defines hackers somewhat differently (confusing the hacker/cracker line) and does not focus on the socially motivated cracking, his Hacker Crackdown sheds light to many interesting facts from the early days of computing. Hacktivism
The term was coined by author/culture critic Jason Sack in an article about media artist Shu Lea Cheang, published in InfoNation in 1995. Since then, it has spanned a wide range of counterculture groups striving to fight the 'establishment' - it can be used separately or in combination with other kinds of direct action. A notable early case was the WANK worm which attacked a number of government VMS machines, displaying the message below:
W O R M S A G A I N S T N U C L E A R K I L L E R S _______________________________________________________________ \__ ____________ _____ ________ ____ ____ __ _____/ \ \ \ /\ / / / /\ \ | \ \ | | | | / / / \ \ \ / \ / / / /__\ \ | |\ \ | | | |/ / / \ \ \/ /\ \/ / / ______ \ | | \ \| | | |\ \ / \_\ /__\ /____/ /______\ \____| |__\ | |____| |_\ \_/ \___________________________________________________/ \ / \ Your System Has Been Officically WANKed / \_____________________________________________/ You talk of times of peace for all, and then prepare for war.
Whether hacktivism should include directly malicious methods like systems cracking, website defacement and DDoS attack, is debated even inside the movement. Both opinions do exist.
An interesting form of activity which grew out from the original free speech movement of the 60s and has since then been fueled by various government activities of questionable motivation, is the Electronic Civil Disobedience. Like the real-life sit-ins where the idea is to occupy some important place and by simple presence obstruct the activities of the other side, the ECD (introduced by an activist group called the Electronic Disturbance Theater) is unique in that in many cases, it involves large numbers of people and generally makes use of only legal methods of protest (as opposed to the well-known criminal technique of DDoS or Distributed Denial of Service). For instance, a single person reloading a website repeatedly is not illegal, but if enough people do it at the same time it can render the website inaccessible (effectively achieving a kind of hand-made DDoS).
A colourful example of a group that (along other things) practiced hacktivism is the infamous Cult of the Dead Cow (perhaps most known for authoring the Back Orifice software used to remotely control Windows machines). During the 80s, it cooperated with Chinese dissidents to disrupt Chinese governmental data traffic, later in 1999 they (along with some other similar groups) declared a 'cyberwar' on China and Iraq. In 2006, they had the Goolag campaign (a hackerly wordplay on 'Google' and 'Gulag' in order to protest against Google removing some 'unsuitable' material from their Chinese version).
In 1999, the Hacktivismo initiative grew out from the CDC. Unlike its parent, it focused on legal activities dedicated to free speech and access to information, producing the Hacktivismo Declaration (scroll down) as well as their own software license which explicitly forbids all human rights violating as well as espionage-oriented use. They have also produced some software solutions which aim to short-circuit governmental surveillance systems.
Actually even the file sharing can be viewed as an ECD. The increasing absurdity of 'intellectual property' legislation has led to the situation where a growing number of otherwise law-abiding citizen choose to consciously break the law they consider unfair. Also, the related example of Metallica vs Napster court cases and the subsequent, surprisingly extensive backlashes (public burning of records, the Napster Bad! campaign, the 17th position in the Blender Magazine's "Biggest Wusses of Rock" etc) point to the same direction.
Drawing parallels to air warfare, networks just like planes were used at first only to gather information. Gradually, things started to change - network infrastructures are becoming an important target in future conflicts. While largely not directly military installations, these form an important part of defensive infrastructure, which have strong impact on overall defensive ability (just as the German Navy in WWII focused on attacking the Allied naval convoys).
Examples include the Titan Rain, a series of coordinated attacks on US military and industrial targets since 2003 (believed to originate from China) and the 1999 attacks codenamed Moonlight Maze (possibly from Russia; a short news can be found here).
A threat for the future?
At present, strictly Internet-based terror attempts are not widespread yet. But considering the growing importance of information warfare (like conventional weaponry, the cyber-arsenals can be both used and misused) and the ubiquity of networks, it may well be that the first global-scale cyberterror cases will be here in near future. Actually, the cases of cyber-extortions and network racket that started to surface around 2003 are the first signs.
Probably one of the most alarming recent tendency in this field has been the use of network-based attacks during the Bronze Soldier riots in Tallinn in April 2007 and in the Georgian War in August 2008. In both cases, almost identical attacks on the target country's network infrastructure were launched - in Estonia, they had limited effect due to rather adequate countermeasures (some downtimes still occurred), in Georgia they were effective enough to force the country to move most of the crucial network services temporarily out of the country. While the official channels of Russia denied any governmental involvement and quoted 'patriotically-minded hackers', the attacks in both cases were not limited to typical DDOS and featured some characteristics likely unavailable to typical crackers (parallels could be drawn with the Moonlight Maze described above).
- MOSCHOVITIS, C. et al. History of the Internet: A Chronology, 1843 to the Present. ABC-CLIO, Santa Barbara 1999.
- STERLING, B. The Hacker Crackdown: Law and Disorder on the Electronic Frontier
- Napster Bad!
- Project Liberty
- FAS: Information Warfare and Information Security on the Web
- Information Warfare Monitor
Food for Thought
- How would you draw the line between civil disobedience over Internet and hacktivism?
- The 'cyberwar' seems to be only effective if the opponent has got high enough level of network infrastructure (no point in attacking Venezuela, Cuba or North Korea). How does this influence its applicability in future conflicts?
- Find and blog about an illustrative case of hacktivism.