The quest for the righteous hack: revisited

I was sitting in solitary confinement in a federal prison back in 2012 when I received a coded message from a completely anonymous source. This was strange because I didn’t receive unsolicited mail often, but it was someone who studied a code scheme I often used in the past.

The coded message described events that were being relayed to me by a third party from an eyewitness who detailed the alleged contents of an email account belonging to a United States government prosecutor.

Supposedly, this had been extracted from a data breach from mail servers used by the Department of Justice (DOJ). If the message was true and factual, the emails could have set off a chain of reactionary consequences, in turn, sending shockwaves throughout the world. Heads would roll. Either literally or figuratively.

Unfortunately, I cannot delve into specifics since I have never seen this data dump myself, only that I came to know that the data dump was indeed a factual event carried out by unknown hacktivists over a decade ago.

Strangely, its contents were never made public. As a justice reform activist, this event could have changed the world for the better and rescued countless people from an overreaching justice system while at the same time making countless bad actors responsible for their actions.

The purpose of this recollection is simple. The current dynamic of the hacktivism landscape doesn’t seem to share the same ambitions and passion as the activists they lionize, such as Julian Assange or Edward Snowden, who were willing to risk their lives in the fight for a more transparent government.

Let me take this a step further. It’s more common for hacktivists to invest more time in launching cyberattacks against random targets (such as innocent people) than meaningful targets that could be used for positive social impact. Hackers are usually after low-hanging fruit – targets that offer quicker results than targets that will require more time investment.

Hackers (1995)

Okay, time for some nostalgia. In the 1995 movie Hackers, Phantom Phreak says to Joey Pardella, “If you want to be elite, you've got to do a righteous hack.” In other words, no lucky accidental hacks. In a nutshell, Joey was a “new blood” or noob.

Joey was experimenting with different commands, not knowing what they do. Nevertheless, he managed to hack into a bank and cause an ATM to spit out $700 in the middle of the street. Even though he was an amateur, he knew just enough to get himself arrested by the Secret Service.

Joey is one of my favorite characters. He reminds me of where most of us started our journey in the hacker world and where many of my readers are today. Joey is a member of a circle of friends that are all skilled hackers, and when there’s a noob in the bunch… Well, they chide him for being a script kiddie.

They weren’t wrong. You see, he was clueless about the ramifications of getting his hands on powerful tools and then attempting to launch them in the wild. Even though he learned from the attack described above and was able to reproduce it later to help his friends, he was taken away in handcuffs because he had no OPSEC.

The thing is, Joey was one person in a group of skilled hackers. However, in reality, it’s the other way around because skilled hackers are now the minority, which means that while ambitions are very high, the ability to carry out high-profile hacktivist campaigns typically doesn’t aim very high.

However, once someone manages to successfully carry out a distinguished attack that’s not cut from the same cloth as the general caste of mainstream hacktivists, the race is on for other groups and individuals to try to replicate it. Word spreads like wildfire in the mainstream hacker world.

The problem with this is these groups invest more time chasing fame and notoriety rather than contributing to devising and planning strategies that can potentially help society. That is the true spirit of hacktivism at its core. After all, society benefits from government transparency, as it also does from government accountability.

If we’ve learned anything from citizen uprisings like the Arab Spring, it’s that the right ideas can change the course of history.

When hacktivists get it right

In early 2017, something unprecedented happened in the hacker world, which caused tidal waves across the dark web. A mysterious cyber vigilante took down 10,000 onion websites hosted by the dark web hosting service Freedom Hosting II.

freedom hosting hack

The content of these sites contained marketplaces for child pornography, black-market guns, narcotics, and even murder-for-hire. The hacker claimed that child sexual abuse material (CSAM) comprised more than 50% of the data dump. Only later did news sources reveal that Anonymous claimed credit for the attack, although that’s doubtful.

The attack took out 20 percent of these onion sites, which amounted to 5% of the total dark web itself. The hacker dumped the contents of the hosting server, which totaled nearly 80 gigabytes and included system files but not user data because it contained a massive volume of child pornography. Then, the data made its way to law enforcement.

The rest is history

Earlier, in 2021, the founder of Freedom Hosting was arrested and extradited to the United States and subsequently sentenced to 27 years in federal prison for running "one of the largest facilitators of child pornography in the world," said one US prosecutor who was involved in the investigation.

Let’s not forget the case of the LulzSec hacktivist Jeremy Hammond, who initially faced life imprisonment for his role in the December 2011 email database hack against Strategic Forecasting, Inc. (Stratfor), and leaking the data to the whistleblowing website Wikileaks.

Ultimately, he served a total of ten years in prison. His sacrifice helped expose three million private messages detailing heinous surveillance activities carried against the Occupy Movement by the US government, as well as Stratfor’s own initiatives into compiling data against various activist movements, which included Anonymous.

While this was happening, journalist Barrett Brown who initially was facing a 105-year prison sentence for his connection to the above data breach. Ultimately, he was sentenced to serve 63 months in prison back in 2015 for linking the data dump as a reporting journalist (among some other things that he incurred during this period).

Where would we be without hacktivists like Deric Lostutter, aka KYAnonymous, who exposed the vile Steubenville football rape case cover-up back in 2012? News of this hack took the world by storm. Even though he served more prison time than the rapists he exposed, hacktivists like him remind us what real hacktivism actually looks like.

We need the Aaron Swartz’s of the world to rise up and liberate information in the hope of shaping the world into a better place, and not the mask-toting cosplay we see today with the pretentious videos and delusions of grandeur. These mavericks all thought outside the box and weren’t known for following the same repetitious patterns of the mainstream.

Hackers will always exist, even if the internet collapses and society is thrown into chaos. The hacker’s mind to explore technologies and push boundaries or find new ways to make things better and more convenient will never come to an end.

While I am not an advocate for committing cybercrime, I do believe in the spirit of true hacktivism.

“Think deeply about things. Don't just go along because that's the way things are, or that's what your friends say. Consider the effects, consider the alternatives, but most importantly, just think. All censorship should be deplored.”

– Aaron Swartz

More from Cybernews:

She’s behind your Android VPN app: I do magic

FDA approves blood glucose monitor compatible with smart devices

JetBrains vulnerability actively exploited in the wild: CISA urging users to patch

Apple won‘t update third-party apps if users leave the EU

Russia claims of US cyber offense surface on X

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked