Hacktivism takes to the cyberstreets
By David Cassel
IN EARLY MAY an activist calling himself “Reverend Billy” called for thousands of computer owners to fire up their modems for an assault on Starbucks. From unseen corners of the globe, they’d converge on the company’s website–hoping to overload it. Though the media portray hackers as secretive, destructive intruders, some individuals and groups are openly committing online attacks in the name of furthering specific causes. It can be a symbolic massing on a Web page which, with enough participants, makes it inaccessible to others–or more invasive “monkey-wrenching” to disable a site’s equipment.
Others just want to bypass government restrictions they see as unfair. But they’re all trying to fuse their passions to their technology, using the power of the Internet to discover new forms of social protest.
In December a group called the Electrohippies(www.gn.apc.org/pmhp/ehippies) organized a “WTO virtual sit-in” that overloaded the machines keeping the World Trade Organization’s Web pages on the Internet. The five U.K. activists estimate that over 452,000 people swamped the site. (During the action, the group says, participants sent them up to 900 e-mails each day.) Paul Mobbs, the group’s co-founder and media liaison, says they accomplished their goal–disrupting the World Trade Organization’s online presence for four- to five-hour stretches–and reduced that site’s overall speed by half.
In April the group launched an even more ambitious series of events, protesting genetically modified crops. If you had a computer equipped with a modem, you were already a potential co-activist in their radical action. A surprise “special action” began April Fool’s Day with the media-friendly name “Resistance Is Fertile.” The Electrohippies called for an e-mail campaign from April 3 to April 7 targeting 78 officials listed on the Hippies’ website–including U.S. Department of Agriculture communications official Vic Powell–to build public pressure against genetically modified foods. But the tactics remained so controversial that they called off their main event that had been scheduled for the next week– “an e-mail and client-side denial-of-service extravaganza”–after an online vote for the action failed to muster a simple majority.
Meanwhile, authorities worry that a new international event could become the target.
On Aug. 23, Australian Communications Minister Richard Alston announced that computer experts will work around the clock during the upcoming Sydney Olympics to keep out cyber hackers who might try to vandalize the games’ Web sites, even changing official results and the names of medal winners.
“You can’t assume goodwill. You’ve got to proceed on the basis that there will be people trying to cause difficulties and do your best to avoid these,” Alston told the Associated Press.
“We are not about to telegraph our punches.”
There is good reason to fear virtual vandalism down under: Sydney is being heralded as the first “Internet Olympics,” with more than 275 million Net users worldwide compared to 40 million just four years ago.
Disruption of the games would be a major coup for hackers, computer experts say.
Symbolism vs. Damage
IT’S A NEW BREED of activism–wired and confrontational. Some question whether it’s really a desirable form of protest, but the Electrohippies are hoping to defuse criticism by popularizing not just their tools, but a code of ethics. They publicized their intentions before the attack–and also issued a lengthy paper on the philosophy of it.
“These type[s] of actions are directly analogous to the type[s] of demonstrations that take place across the world,” reads “Occasional Paper No. 1.”
The group has always argued that the large numbers needed to have an impact mean a “democratic guarantee” is inherent in the technique. “One or two people do not make a valid demonstration,” their website argues–“100,000 people do. . . .
“If there are not enough people supporting the action, it doesn’t work.”
They’re seeking nothing less than a world where e-commerce is balanced by e-protest–or at least where cyberspace isn’t immune from public pressure. Henry David Thoreau’s “On the Duty of Civil Disobedience” is displayed prominently on the group’s website–surviving 152 years only to be taken up by Internet activists.
But Mobbs acknowledges that much of the practical theory began with various U.S. groups like the Electronic Disturbance Theatre that were supporting the Zapatista National Liberation Army in 1998. Using tactics hardly more complicated than repeatedly hitting the button on a Web browser to reload a Web page, the group created a form of activism that was also part poetry.
It was often, as one website described it, “a symbolic gesture created to increase awareness about the low-intensity war in Chiapas, Mexico.”
Together, four activists, calling themselves an Internet performance art group, had created a Web interface that would access the page for Mexico’s President Zedillo. After altering the page, the interface would seek bogus addresses, so the browser would return messages like “human_rights not found on this server.”
The project–which they dubbed “FloodNet”(www.thing.net/~rdom/ecd/ZapTact.html)–also filled the page’s access log with the names of people killed by government troops. “In an artistic sense, this is a way of remembering and honoring those who gave their lives in defense of their freedom,” Ricardo Domingo wrote in an online remembrance. There were nine actions between April and December of 1998, adds Carmin Karasic, a Boston-based activist–culminating with a mass action on the website for the Mexican Stock Exchange.
But were the actions effective?
Yes, Domingo argued–measured not by their technical effect on the targeted sites, but by the attention they brought to the Zapatistas. The website for their Electronic Disturbance Theatre points out that their activism tool–which the group released in early 1999 to sow more online activism–“emerged from and serves a community which genuinely requires the development of such attention weapons as a matter of survival.”
Other online documents describe their actions as a show of presence that sends the Mexican government a message: “We are numerous, alert, and watching carefully.”
The technique is now becoming more common. Attackers used a variation in February for overwhelming assaults on several high-profile sites, including Yahoo! and CNN, and in mid-March a similar attack temporarily disabled the website for the FBI. But Karasic argues that, like the protests of the Electrohippies, FloodNet’s action drew its validity only from the number of people showing support.
“It was only actualized through thousands and thousands of participants,” she remembers. “It was meaningless without the masses.” Popular support transforms a random act of vandalism into a show of presence, Karasic argues.
“This is an important difference from the single hacker/hacktivist who takes down a server with a single script,” she says.
For hacktivists, like the two Cloverdale teens who hacked their way into sensitive U.S. government sites a couple of years ago, damage is often less important than symbolism. Hacker Reverend Billy’s early May action against the Starbucks site had almost no noticeable effect, according to some observers.
“Whenever . . . I, myself, went to visit starbucks.com, I did not have any trouble accessing them,” concedes Ricardo Domingo, whose group supported the action. But that’s almost beside the point. “The true goal of the action is to generate focus on the issue of [Starbucks’] policy to take over neighborhoods with its loss-leader branding.” Announcements for the action even included information about Zapatista settlements in Mexico facing an ominous military presence.
“The Zapatista communities now have as many military camps around as we have Starbucks in Manhattan,” says Domingo, who feels the action helped their effort “to spread to levels of information about our world under the signs of neoliberalism.”
A Bad Idea?
THE ELECTROHIPPIES’ Paul Mobbs agrees, cautioning that groups overloading e-commerce sites shouldn’t be overmalicious. “If you want to be effective, it’s more justifiable to disrupt a server for one day and make your point, rather than dragging the action on for a few days and cause more generalized disruption.”
The tactics aren’t universally supported. “The Electrohippies are trying to rationalize Denial of Service attacks and violate the First Amendment privileges of their opponents,” wrote a hacker named Oxblood Ruffin, in an essay that the Electrohippies agreed to display on their website (www.gn.apc.org/pmhp/ehippies/files/op1-cdc.htm). And the discussion continues elsewhere on the Internet.
The Hacktivism mailing list (hacktivism.tao.ca)–an e-mail discussion list started last summer to grapple with this combination of hacking and activism–has carried debate about whether such attacks are nothing more than glorified censorship, with activists simply hampering the opposing side’s right to speak.
But there’s not a clear consensus. “It depends on the target,” one message countered during the list’s first weeks last summer. “In many cases there is not a level playing field, especially when the opponent is a large corporation or government.”
Some even argue that this evolution may have been inevitable. “For us the idea of hackers as activists seemed obvious,” says a spokesman for RTMark, an online collective distributing funds globally for anticorporate activities.
“Too many were becoming experts in defending corporate privacy rights rather than using their skills to fight those rights and others.”
By the fall of 1998, Wired News reported that a group called X-Pilot had even rewritten text on the Mexican government’s website. Such incidents offer evidence that groups and individuals sometimes move beyond overloading the machines hosting Web pages. Attacks can be more technical–more hack than activism–raising again the issue of just how far an online protest should go.
Oxblood Ruffin–whom some credit with coining the word hacktivism–notes that one Hong Kong group of hacktivists, called the Hong Kong Blondes, now numbers over 100 members, many with positions within China’s Communist Party. Reached recently for a comment, he added that he now distinguishes between hacktivism and simple “[h]activism.”
“The former seeks to remedy the Net of bad code, restriction, lack of access, etc.; the latter seeks to use the Net as an agent for social justice on the ground through various protest actions or as a publicity medium.”
He says the distinction is important for assessing groups online. “There is more [h]activism than hacktivism,” he writes.
“The Electrohippies are starting to get into electronic civil disobedience, although I very much disagree with their methodology.”
In contrast, he points out that his own group is currently working on a way to e-mail Chinese Internet users Web pages that are officially banned by their government.
Meanwhile, hacker websites like 2600.com and AntiOnline preserve screen shots of dozens of websites that they’ve learned were compromised and rewritten. Attackers sometimes leave only vain blustering with a pastiche of names–a kind of online graffiti.
But in other instances, there’s an unmistakable message. Earlier in 1998 a hacker broke into the system of the Bhabha Atomic Research Centre in Bombay, India, changing its Web page into a protest of India’s nuclear weapons tests, as well as stealing its e-mail.
The Electronic Disturbance Theatre issued a statement of support for the hacker’s actions, and despite the hands-on approach, even the leader of the Hong Kong Blondes applauded the action in an online interview conducted by Oxblood Ruffin.
“I view the BARC intrusion as something positive,” he told Ruffin, “because it will draw attention to the situation and cause more discussion about a serious issue.”
MAYBE THE NEW technology is just amplifying the impulses of the people who use it now. “The Acteal Massacre in December 1997 moved me to tears,” remembers Carmin Karasic–and her work on the Electronic Disturbance Theatre was the ultimate result.
But her preparations for the demonstrations also harnessed the Net in another way. While the guerrilla army was using the Internet to deliver news of its struggle to an online audience, Karasic’s own contingent was using the Net to develop forms of support.
“Our collaboration was 100 percent Internet-linked,” Karasic remembers–“all e-mail exchanges.” To this day, Karasic notes, “I think I’m still the only Electronic Disturbance Theatre member who has met all of us face-to-face.”
Though it’s hard to measure, it’s possible that cyber-causes may also reach those with the same passions more quickly–allowing political sentiments to be better focused. Online networking has been cited as a factor in the large turnout for the WTO protests in Seattle. And though it’s hard to quantify, the concept of hacktivism itself may be spreading, possibly even evolving.
On the hacktivism mailing list, Bronc Buster announced he was working with human rights groups and hacker groups on a suite of applications, released at the hacker convention “DefCon” this summer.
“It shows that hacktivism is a real way to use the Net to blend activism and technology in a positive way,” he argued, “while helping people at the same time.” And elsewhere, an activist who goes by the name RE:no says he’s developed a “Mail-O-Matic” for use in online actions–“a mail washer, to send extracts from books explaining our state of mind.”
Almost by definition, any pursuit of hacktivism will require a constantly updated set of tools. (The Electronic Disturbance Theatre’s website notes that the Department of Defense wrote a counterprogram to try to thwart one of the group’s actions.) “We must be inventive with each problem which we encounter,” RE:no argues. But even when those tools lie dormant, their potential is felt. RE:no believes activists should keep them in reserve–“as an armed peace tool”–the way the Zapatistas remain armed “as a symbolic gesture of voice.”
And the hacktivism continues. After funding FloodNet, RTMark moved on to other forms of online activism, creating a doppelgänger of the official website for GATT and championing European art group eToy in its fight with toy retailer eToys. Pigdog.org called on network administrators to block Doubleclick ads from reaching its users. Last summer on the Hacktivism list, Ricardo Domingo even announced new online actions in August of 1999 to commemorate the birthday of Emiliano Zapata.
Whether or not hacktivists can stay in the code race, escalating tactics in response to countermeasures, remains to be seen. But their actions have at least raised that possibility–along with the thorny issues that accompany it.
While it may be unclear whether online masses can make a lasting impact on social policy, there are individuals who believe it’s possible and are working to find a way to make it happen–which is, in itself, a kind of first step.
As Thoreau himself once said, “In the long run men hit only what they aim at.”
From the August 31-September 6, 2000 issue of the Sonoma County Independent.
© Metro Publishing Inc.