Almost a decade after the Anonymous collective unleashed a flood of hacktivism on the Internet, the digital world is once again experiencing a sharp rise in hacking and online civil obedience.
Politically motivated hacking saw a big boom in 2021, with governments, corporations, and prominent right-wing groups coming straight into the crosshairs.
The country, which is increasingly divided due to partisan politicians and the coronavirus pandemic, reached a turning point on January 6 when supporters of former President Donald Trump stormed the Capitol.
The attack exposed the very real threat posed by widespread conspiracy theories which in many ways had become the norm in conservative circles.
And after years of frustration with big tech and its platforms’ inactivity towards bad actors who move around freely, hackers found the only way to make real change is by taking matters into their own hands. In 2021, hacktivism came back.
After the riot, a hacker named “donk_enby” quietly began archiving public posts on Parler, a popular social media platform among Trump supporters, where users openly boasted of their involvement in the failed riot.
Although the initial goal was to only scratch posts created on January 6th, donk_enby quickly expanded their mission to secure all of the site’s public data. The decision was made just before the platform would go offline after Amazon stopped hosting services.
Amazon argued that Parler had not done enough to stem calls for violence. In return, Parler alleged that it had repeatedly warned the FBI of “special threats of violence at the Capitol”.
In a statement to Gizmodo, donk_enby said it was able to extract a staggering 56.7 terabytes of information. The data should contain 99.9 percent of the posts published on Parler as well as video files with GPS coordinates. The metadata would ultimately reveal which Parler users had uploaded footage when they entered the Capitol, giving Congress and the FBI a better understanding of what was happening on the day.
Vasileios Karagiannopoulos, a lecturer in cybercrime and cybersecurity at the University of Portsmouth, believes the polarization caused by the Trump presidency and the coronavirus pandemic created a perfect storm for a revival of hacktivism.
“I think hacktivist trends are going through ups and downs and we will see similar spikes when political tension is high,” Karagiannopoulos said. “We see that the US is going through a very intense political split right now, and this is likely also reflected in the efforts of the hacktivists.”
With Parler temporarily out of service, exiled users of the site would quickly find a new home on Gab. The platform, run by Christian fundamentalist and virulent anti-Semite Andrew Torba, would reportedly see an 800 percent increase in traffic, doubling its user base.
But Gab was about to fall victim to the same security problems as Parler.
In February, the journalists’ collective Distributed Denial of Secrets (DDoSecrets), often referred to as the new WikiLeaks, announced that it had been provided with 70 gigabytes of data by Gab.
Received from a hacker who identified himself as “JaXpArO and My Little Anonymous Revival Project” contained the data loudly WIRED, “Not only all of Gab’s public posts and profiles – with the exception of any photos or videos uploaded to the site – but also private group and private individual account posts and messages, as well as user and group passwords.
Given the sensitivity of the data, DDoSecrets decided not to make the information publicly available and instead gave access to selected journalists, researchers and social scientists. The massive break reignited fear and discomfort among right-wing users, many of whom were forced to abandon Gab just like Parler.
Social media platforms weren’t the only targets. As journalist and DDoSecrets co-founder Emma Best noted, hacktivism had already made waves overseas, but it did not get the same amount of attention in the US as it did when right-wing groups took center stage.
“I think the rise in hacktivism has gone way beyond the far right, but that has mostly caught the public’s attention and imagination,” Best said.
But it wasn’t just politically motivated. It was ideological too when Big Tech got into the crosshairs of anti-surveillance hackers.
In March, a group of hackers known as “Advanced Persistent Threat 69420” announced that they had gained access to the live feeds of around 150,000 surveillance cameras from the Silicon Valley startup Verkada Inc. police departments to prisons and schools.
Tillie Kottman, one of the hackers blamed for the breach, told Bloomberg at the time that the hack revealed “how extensively we are being monitored.” Only a few days later, Kottman’s apartment in Switzerland was searched by the police. Less than a week later, a Washington state grand jury would indict Kottman with conspiracy, wire fraud, and aggravated identity theft on other alleged hacker incidents.
The indictment accused Kottman and co-conspirators of hacking “dozens of companies and government agencies” since 2019, according to a DOJ press release. Kottman remains in Switzerland and is confident that it will not be extradited to the US
Speaking to the Daily Dot, Kottman spoke about the state of hacktivism in 2021.
“I am very excited to see how big hacktivism has returned and that activists in general appreciate it as a serious aspect in much of the struggles currently going on,” they said. “And while there is definitely still a lot of ‘Lulz’ going on, as it should be, I appreciate the increased focus on talking directly about politics.”
The focus on the right-wing extremists would only increase over the course of the year. With social media platforms like Parler and Gab still rebounding, hacktivists would target the very company that originally hosted those websites.
Hackers claiming to be affiliated with Anonymous announced in September that they had thoroughly ransacked Epik, a hosting provider known for providing sanctuary to some of the internet’s most notorious websites.
The hacktivist campaign, known as Operation EPIK FAIL, would reveal the company’s internal secrets in a series of increasingly damning leaks. The real owners of countless extremist websites, long hidden from researchers and journalists, were no longer hidden. Websites that had issued subpoenas from the FBI were brought to light. Attempts by prominent far-right Ali Alexander to remove his name from websites promoting post-January election fraud conspiracy theories have even been exposed.
Ultimately, more than 15 million people were affected by the hack. Many everyday individuals who merely trusted Epik’s claims of robust security had their names, addresses, passwords, and credit card numbers disclosed.
“It seems that right-wing extremism is on the rise worldwide,” added Karagiannopoulos. “And it only seems natural for hacktivists to try to address these issues with their own tools and tactics.”
The militia group known as Oath Keepers, which began using Epik’s services after Jan 6, would also leak their data on DDoSecrets later that month. Although the hacker behind the breach did not reveal his identity or access to the data, it is believed that the epic breach may have facilitated the hack.
The Oath Keepers, already under scrutiny for their involvement in the Capitol riot, had everything from their emails and internal chats to membership and donor lists disclosed. E-mails from military and government officials grazed the militia membership roster.
The Texas GOP, another Epik customer, would also be dragged into the hack. Tens of thousands of names, emails, phone numbers, and addresses mostly belonging to Texas residents who had used the party’s website leaked on-line.
The incidents were just a handful of the celebrity hacks that will happen in 2021. Although many believe this year was a high point in the world of hacktivism, Best, the co-founder of DDoSecrets, argues that 2021 was only part of an upward trend.
“This year doesn’t feel like an isolated event or a climax,” Best said. “It feels like a growing wave of hacktivism.”