By Ari Zoldan
The most recent cyber attacks on American Express, JP Morgan Chase, and South Korean banks over the last month have spurred debate on how best to handle this growing hacktivist phenomenon. Over the past couple of years, hacker groups consisting of individuals from across the globe have attacked government protected sites and corporate banking sites, determined to disable activity as a form of civil protest against certain actions or establishments. Since these attacks began, they have disabled government websites and corporate banking sites, including those of American Express, JP Morgan Chase, Wells Fargo, and Bank of America. A group of hackers referred to as Izz ad-Din al-Qassam Cyber Fighters has been leading these banking assaults. Using a technique called denial-of-service attacks, hackers overload the targeted site with Web activity from infected computers until the site is saturated with activity and shuts down. With the recent bank site attacks, the hackers used commercial data centers infected with complex malware to simultaneously fire Web traffic at each bank, which resulted in massive technological assaults.
This recent hacktivist group is potentially linked to another unit known as Anonymous, created in 2003 on the imageboard 4chan. Anonymous served as a digitalized form of protest, strongly opposing Internet surveillance and censorship, Scientology and homophobia. The initial intentions of the hacktivists seem to have originated around miscellaneous goals or simply for their entertainment. However, their actions soon progressed into coordinated hacktivism and retaliations. In 2009, Anonymous attacked the International Federation of the Phonographic Industry (IFPI), a corporation focused on protecting recording artists’ rights. This attack protested the promotion of censorship in the guilty conviction for The Pirate Bay defendants who were accused of facilitating copyright infringement. Other attacks on government corporations have been in retaliation for shutting down file-sharing websites like Megaupload in 2012, using civilian surveillance, and for anti-homosexuality statements.
From the perspective of freedom of expression, the hackvists are utilizing the means of digitalized media to convey their ideas and opinions. This right is bestowed in the Universal Declaration of Human Rights, Article 19: “Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.” However, this right is often restricted through censorship, harassment, and restrictions of press, journalists, bloggers, and activists. In this case of the hacking of websites, while it does express the protests of a certain group, it also disrupts the freedoms of the government and corporations to publicly display their information and to engage in Web commerce. The Oxford Internet Institute’s Joss Wright stated, “In one sense the actions of Anonymous are themselves, anonymously and unaccountably, censoring websites in response to positions with which they disagree.” Thus, although the hackers deserve the right of speech, their means of conveying their opinions are unjust and harmful to the freedoms of others.
These cyber attacks also promote the concept of the freedom of the Internet and the right to Internet privacy. The Internet has created countless opportunities for collaboration and is utilized by journalists, activists, and countless other groups across the globe for their own personal and professional means. However, the Internet can also be exploited by the government in ways that may infringe on individual privacy. Governments struggle with balancing the national security with the needs and rights required for the protection of individuals’ privacy. This can lead to censorship and surveillance that prevents the free flow of information and that serves as an infringement of privacy. Many of the cyber attacks focus on websites that they believe have overstepped the boundaries of censorship. The basis of their protests may certainly be valid; however, as stated earlier, there are more effective and less damaging ways of achieving that goal. As they damage government sites to protest the infringement of Internet freedom, the hacktivists are themselves invading the free flow of digitalized government information.
The question that remains is whether the actions of hackers have simply disrupted the activity of banks and government sites or whether they have actually damaged the functionality of the site. While the attack on the U.S. federal sentencing website, avenging the Internet activist Aaron Swartz, was more disruptive than harmful, the hackings of banking sites costs millions of dollars in repairs and in lost opportunities. The malware that infected and shut down the American Express site was supposedly attempting to steal credit card numbers and bank information, an action, which does not just disrupt customer usage of the site but effectively harms the operations of the corporation. Although some hackers claim to have acted in retaliation for an anti-Islamic Youtube video posted last fall, others suggest that it is in fact an Iranian government-sponsored hacktivist group. Thus, the harmful nature of the attacks could have farther-reaching effects than simply innocuous interferences.
In combating the cyber attacks, governments fear that direct action will only lead to increased and fiercer attacks in response. Other means to tackle the issue focus on improving the security of corporate and governmental sites to ensure that they can withstand these increasingly common hacktivist attacks.
Michelle Levine contributed to this article