A Cyber Revolt in the Making

5 october 2017

Does the Rise in Hacktivism Threaten the Existing Order?

Yelena Chernenko - PhD in History, Head of the International Section (Kommersant newspaper), Member of Presidium of the Council on Foreign and Defence Policy (SVOP), Member of the PIR Center Working Group on International Information Security and Global Internet Governance.

Julien Nocetti - Research Fellow at the French Institute of International Relations (IFRI).

Resume: The fact that the first wave of hacktivism died out does not mean that a second or third wave will not follow. Next time it would be even easier to bring people together, since they would have a clear vision of what they can achieve together.

Over the last few months, not a day has passed without the media reporting new, increasingly far-reaching and sophisticated hacking attacks. You could be forgiven for thinking that we are witnessing a global revolt of web users against the powers that be.

However, the opposite is true. For many years, it seemed that the state was relegated to the background in the multi-stakeholder Internet governance model, while businesses and civil society were setting the tone. But today, there is no doubt that states are about to take center stage. They have mastered the capabilities offered by cyberspace for domestic and foreign policy, intelligence and military activity. States are now negotiating rules for online behavior, without seeking much input from businesses and ordinary people.

As the state infringes more and more upon user rights and freedoms, whether by censorship or surveillance, it could be argued that a global revolt of hackers is becoming inevitable. The growing “offline” resentment of establishment politics and institutions in the U.S., EU countries and also post-Soviet states certainly adds credence to this argument.

That said, the cyber mayhem we are currently witnessing falls short of a revolt driven by a political agenda. It is largely the product of rank-and-file cyber criminals and cyber vandals, as well as operations by security forces and dealings within the IT industry. In this respect, the attribution of the largest DDoS (distributed denial of service) attack in 2016 is quite telling. During the attack, more than 80 popular news websites, social networks and streaming services, including The New York Times, CNN, Amazon, Twitter, Reddit, PayPal, Airbnb, Pinterest, Netflix and Soundcloud, were brought down as a result of sabotage directed at Dyn, a major U.S. domain name provider.

The Dyn attack was carried out in three waves using a botnet made up of more than 100,000 malicious endpoints. Interestingly, these endpoints consisted less of computers than devices from the “Internet of things” (IoT), such as gaming consoles, cameras, printers, and even video baby monitors. Four percent of all compromised devices were located in Russia. Some experts claim that the attack strength generated by these devices against Dyn servers reached 1.2Tbps, a level of intensity never seen before in attacks of this kind.

The economic fallout from the attack was valued at $110 million. WikiLeaks, a controversial organization specializing in disclosing classified information, claimed that the Dyn attack was an act of revenge by its supporters for cutting the Internet access of the website founder, Julian Assange, who has been hiding in Ecuador’s London Embassy since 2012. However, cyber security experts questioned whether the hackers, or hacktivists, were politically motivated, especially since WikiLeaks representatives failed to produce any evidence to back their claims.

What researchers do believe is that the attack could be attributable to cyber vandals or Dyn competitors. The fact that the code from Mirai malware, which was used to create the botnet, was actively discussed on amateur hacker forums, and the infrastructure used by Mirai had already been used to attack a popular gaming website, supports the first explanation. However, the second explanation could also be correct, since ahead of the attack Dyn had come into conflict with a number of IT companies by releasing an analytical report claiming that some anti-virus makers cooperate with hackers who create artificial threats.

Meanwhile, all the technical conditions for a global hackers’ revolt are in place, and the political motivation is also there.

SOURCES OF DISCONTENT

Confusedly but inexorably, a generation of activists, or simply citizens, seeks to continue the “democratization” on the Internet and via the Internet, i.e. by infinite multiplication of spaces for discussion, an irreversible process that would lead to the questioning of institutions and established positions. Digital technologies offer unlimited possibilities to “act together,” as German-born American political theorist Hannah Arendt put it. The word ‘empowerment’—barely translatable to other languages—illustrates the boon and the taking up of power by individuals, or groups, in order to act on the political and economic conditions that they endure. The whole society is concerned and all the symbolic fortresses are threatened, including the sacrosanct “exclusive domain” of foreign, defense and security policies.

Increasingly, Western societies are getting through a double process: an unprecedented disaffection of citizens to the political system, with which they no longer identify themselves, and the incapacity of political institutions to meet this challenge.

Facing this multifaceted crisis that “our” system is enduring, the Internet as a tool, media, and a personal and collective channel for expression is for some a new opportunity to “recreate trust” among citizens and their rulers, and give back efficiency to institutions.

Digital tools: a response to political disappointment? The deep crisis faced by Western democracies is multifaceted: a crisis of participation—with the rise of abstention and extreme electoral behaviors; a crisis of representation—with the diffuse feeling that a “caste” has seized power and that politicians no longer understand their fellow citizens; a crisis of the legitimacy of the rulers, together with a crisis of institutions, entangled and hardly understandable. Finally, a crisis of “performance”—with the low respect granted to politics as a means to achieve progress (both individual and collective).

A democratic resource? Social media and networks have come to dominate exchanges between individuals and the relationships between governments and citizens. Twitter, Facebook, VK and their numerous apps give everyone the opportunity to be informed and to inform others in real time. They finalize the split between print and writing, and confirm that virtual proximity is no longer associated with contiguity in space.

Visibility, observation, denunciation or repression? The Internet has become the “space” for shifting the balance of power, which is not equal between individual actors or groups, governments, and companies. Its role in electoral processes is growing. The use of certain hashtags, jointly made by citizens and journalists, can be crucial for mobilizing the opposition infuriated by unemployment or corruption.

Indeed, facing the devastating effects of the crisis, protests like the Indignados movement in Spain, launched in May 2011, or the Occupy Wall Street movement in September 2011 in New York owe much to social networks. Horizontal, reticular, non-institutionalized and non-violent, they distinguish themselves from political parties and trade unions. Inevitably, new protest uses of digital technologies are developing, to which political authorities around the world must adapt. It is the case with social networks used for coordinating protests, organizing flash mobs, or enabling what famous Spanish sociologist Manuel Castells called “mass self-communication,” i.e. the way for an individual to reach a global audience through, for example, posting a video on YouTube or sending a message to a massive email list. The example of the Umbrella Revolution by Hong-Kong students in the winter of 2014 shows both a massive and creative use of “all things digital” for political ends. Networked technologies also hinder acts of violence from being kept silent. Police clampdowns in Baltimore, U.S., in 2015 were filmed by mobile phones, and the videos, enhanced with evidence, instantaneously spread on social networks. Such reporters/activists build their own storytelling on the protests, create mobilizing hashtags like #Ferguson or #ICantBreathe that spread worldwide and some, like #BlackLiveMatters, end up on Time magazine’s front-page.

Ideology as such is not necessarily absent from the motives of those contesting the ordre établi. “Transparency” lies at the heart of the whole “pack” of libertarian and common values deeply rooted in the Internet’s genes.

The biggest private actors of the digital economy have also made transparency their key principle and even an unattainable goal. Did they not base their business model on an absolute “mutually transparent” relationship with their users?

Unsurprisingly, the values embedded in the network’s hardware and software architectures reflect the context of its creation decades ago, expressing a liberal bias best encapsulated in the notion of a “free flow of information.” Perhaps the most important element of the U.S. discourse is the constant linkage between the free flow of information and an open Internet with the goal of preserving and promoting universal human rights such as the freedom of speech and expression. American policymakers, in both the Bush and Obama administrations, continuously emphasized the link between the free flow of information and freedom of expression and human rights.

 Hence the perception, in some countries, that the public opinion and citizens’ views around the world are “shaped” by the official U.S. narrative on Internet freedom, even though Edward Snowden’s leaks and the latest WikiLeaks revelations completely diluted the U.S. moral authority as a beacon of Internet freedom.

NEW THREAT

The ways and means of involvement differ substantially between those who adhere to legality and those who consider it necessary to infringe the law. For instance, it is hard to compare the actions of WikiLeaks, Anonymous, or Telecomix. It is therefore necessary to comprehend the political motivations that drive these various groups or initiatives.

WikiLeaks is now directly tied to the personalities of Julian Assange, entrenched in the Embassy of Ecuador in London for almost seven years, and Chelsea (formerly Bradley) Manning, sentenced in August 2013 to 35 years in prison for having leaked classified documents. WikiLeaks unashamedly contests the principle of raison d’état, and presents itself as some sort of counter-power. The year 2010 saw a series of discrepancies between the privilege of confidentiality claimed by the elites and people’s demand for transparency; between the monopoly of political decision-making and the desire for a better-shared democracy; and between the ruling caste thriving on concealment and younger generations for whom Facebook represents a new matrix for understanding the world.

It is worth noting in this respect that WikiLeaks failed in its efforts to shake up global politics by publishing classified documents about the U.S. military operations in Iraq and Afghanistan, as well as diplomatic cables. When WikiLeaks was only beginning to release the papers in its possession, many thought it would lead to tectonic shifts. Italy’s foreign minister at the time, Franco Frattini, had the most memorable quote along these lines: “It will be the September 11th of world diplomacy.”

Julian Assange himself claimed that the revelations would blow up the system. However, not a single country cut off diplomatic relations with another, and not a single government resigned. There have been a number of other major leaks since then (and they continue), however they have had less impact on global politics than was expected. For instance, the revelation that U.S. intelligence agencies wiretapped German Federal Chancellor Angela Merkel’s cellphone for quite a while did not stop her from visiting the U.S. High-ranking representatives of G20 countries did not refuse to take part in G20 summits, although it is not uncommon for host countries to use events like this to access computers and gadgets of delegation members (as was the case in Great Britain in 2009). Countries have become more or less resistant to such leaks.

However, these revelations did have an undeniable effect: they undermined popular trust in political leaders and institutions. The discontent and commitment to protect their right to know led the most advanced computer users to become hacktivists, since they had no other way to influence global politics and intelligence agencies.

The Anonymous group, probably the most famous hacktivist movement, refers to highly diversified communities of Internet users that present themselves as defenders of the right to free expression online and beyond. It is a “galaxy” that nowadays seems more preoccupied with playing with computer flaws of organizations rather than with carrying out a political project. Still, Anonymous has so far provided the only actual example of a global cyber revolt. WikiLeaks and Anonymous brought their support to Edward Snowden, who has had temporary asylum in Russia since July 2013 when he arrived with Sarah Harrison, WikiLeaks’ legal advisor. Snowden’s revelations have been made through major international newspapers. Less covered by the media, Telecomix sought to bring back means of communications blocked by some regimes which resorted to repression to quell the protests in Tunisia, Egypt or Syria.

The “Internet culture,” which started to take shape in the second half of the 1960s, is simultaneously fed from two sources, which are interrelated much closer than one might think, given the organization of research in the United States: a military-scientific source at the root of Arpanet, and an anti-establishment source denouncing, in particular, the U.S. military involvement in Vietnam.

The “Internet culture” resembles a counter-culture which is based on the principle of sharing and linkage; extremely diverse, it is conveyed by authentic liberals (in the American sense of the word), libertarians, radical anti-capitalists, anarchists, pure geeks or, more simply, Internet users defending their freedom of expression, linkage and organization. In this regard, one may establish a historical parallel between the Snowden affair and the Pentagon Papers, the starting point in Hannah Arendt’s quest for understanding “the processes where governmental decisions are entangled” and the mechanisms through which decision-makers produce “deception.” In 1971, Daniel Ellsberg, a RAND Corporation analyst, handed 7,000 pages of classified documents to The New York Times, describing the successive conditions of U.S. involvement in Vietnam. Logically, he supported Julian Assange and Chelsea Manning. In a 2013 op-ed Daniel Ellsberg claimed that the possibility of American intelligence services to violate people’s privacy “is today incomparably more powerful than everything prior to the pre-digital age.” According to him, Edward Snowden “risked [his] life” to disclose information touching on the most fundamental individual and public freedoms; he should incite “others having the same knowledge, the same consciousness, and the same patriotism, to demonstrate a similar civic courage.” In late September 2013, a draft NSA reform plan was launched by U.S. Congress in order to put “limits” to the surveillance programs while “preserving” their efficiency.

In both authoritarian regimes and democratic systems, intelligence services are likely to face the risk of a “digital wave” as the main threat even though the fight against international terrorism, i.e. against Al-Qaeda, has been presented to the world since September 11 as such a threat. The Snowden affair has seemingly triggered a change of paradigm, but did not become the subject of public debate.

FIRST WAVE

So far, only one such wave, the Anonymous movement in 2010–2011, can be viewed as a real hacking revolt. Back then, thousands of hackers and ordinary users from across the world came together to punish the U.S. and a number of other countries for pressuring WikiLeaks. Many regarded WikiLeaks founder Julian Assange as the main fighter for the freedom of speech, while the website he created was expected to signal the dawning of a new era in which governments would no longer be able to conceal information from their citizens. Outraged by the online disclosure of hundreds of thousands of secret documents, the U.S. tried to force companies to stop working with WikiLeaks. A number of major payment and hosting providers bowed to pressure from Washington, making it much harder for Julian Assange to receive donations and keep the site running.

This was when Anonymous stepped in to support WikiLeaks. By 2010–2011, the movement had already existed for several years, but was known only within a restricted circle, mainly for successfully breaking into Scientologists’ online resources or supporting the Pirate Bay torrent tracker. Anonymous members gathered thousands of users under their banners in Operation Payback. As their slogan, they chose a quote by John Perry Barlow, one of the founders of the Electronic Frontier Foundation: “The first serious info war is now engaged. The field of battle is WikiLeaks. You are the troops.”

Anyone was welcome to contribute to attacks on websites hostile to WikiLeaks, since step-by-step instructions on carrying out DDoS attacks using Low Orbit Ion Cannon (LOIC), a simple piece of software, were freely available on hacking websites and on Twitter. This resulted in users from all continents joining attacks against the websites of MasterCard, Visa, PayPal, and Amazon, a majority of whom had never been involved in hacking activities before. The campaign’s success was guaranteed by its sheer scale. A number of government and corporate resources were temporarily put out of operation. In 2012, Time magazine listed Anonymous among the top 100 most influential people in the world.

At that time, many experts believed that hacktivism would gain traction moving forward, and that this would be the way for users driven by a political agenda to respond to any injustice. However, the wave soon receded, and never reemerged on a similar scale.

There are several reasons why the first cyber revolt was not followed by others. First, Anonymous lacked a leader or a core that could coordinate joint action and motivate members to remain engaged. Any Anonymous member could speak out for the movement in the media. Online discussions to agree on the goals and timeframe of attacks were also quite chaotic, and the first successful attacks gave rise to heated debates on future targets. While most Anonymous hackers in the West continued to attack websites of payment systems that refused to work with WikiLeaks, calls emerged among Russian hacktivists to strike at the Pentagon.

Second, many of Julian Assange’s sympathizers soon became disillusioned. Some were scared off by the rape charges brought against the WikiLeaks founder, while others were perplexed by the departure from WikiLeaks of key staff members, who accused Assange of misappropriating millions in donations. There were also those who did not agree with Julian Assange’s decision to release classified documents without censoring names and addresses, despite the fact that it put some of the people mentioned in the documents in harm’s way (for example, U.S. informants in Afghanistan).

Third, as soon as Anonymous started actively recruiting people on Facebook and Twitter, their accounts were disabled, while websites like AnonOps.net were put out of operation for a long time. Deprived of communication tools, Anonymous struggled to reconstitute itself. The very environment that made the emergence of hacktivists possible turned out to be their Achilles’ heel.

Finally, the fact that U.S. law enforcement agencies went after the movement’s members had a clear chilling effect. After several high-profile arrests and show trials, the number of those willing to take part in attacks sharply dropped. It is telling that even the hacktivists’ idol, John Perry Barlow, condemned them, calling DDoS attacks “the poison gas of cyberspace.”

Anonymous prepared and carried out a number of other operations, which were no longer related to WikiLeaks and all much smaller in scale compared to Operation Payback. Today, several separate groups operate under the Anonymous brand, and most of them are hacking just for the “lulz.”

The fact that the first wave of hacktivism died out does not mean that a second or third wave will not follow. The future of this movement will to a large extent depend on the existence of a unifying cause like WikiLeaks, which prompted the Anonymous community to stand up for its rights. It can be even argued that next time it would be much easier to bring people together, since they would have a clear vision of what they can achieve together. Next time, they may even go beyond DDoS attacks.

When the movement was still alive, its most active members were discussing whether to engage in a different kind of action. For example, experienced hackers could stage defacement attacks to change the visual appearance of the targeted websites and post there calls for protests or similar information. Amateur hacktivists could then help raise awareness about these attacks on social media, messenger services, etc. Another option was for advanced hackers to break into email accounts of officials or government agencies, download correspondence, while rank-and-file activists would read it to find compromising information and help spread the word. Anonymous has even carried out several operations of this kind, including the one when they broke into the email server of Stratfor, a private U.S. geopolitical intelligence platform, and leaked 200 gigabytes of correspondence to WikiLeaks. WikiLeaks got hold of correspondence of Bashar al-Assad’s associates the same way.

Nonetheless, regarding the attack against the email server of the Democratic National Committee and accounts of people close to former U.S. presidential candidate Hilary Clinton, Julian Assange said that neither hacktivists, nor Russian intelligence services (as the U.S. authorities claim) were behind the leak, which reportedly came from an insider.

The original copy is available at: http://valdaiclub.com/a/valdai-papers/cyber-revolt-in-the-making/?sphrase_id=163483

} Page 1 of 5