Cyber-attacks against businesses and the government are on the rise – but how is this being conducted, and is it for the common good? Say hello to activist hackers.
Online vigilantism, is the use of the internet to carry out vigilante acts. May it be through applications like e-mail, the World-Wide Web, social media or hacking passwords. The Internet is no longer used by experts in information technology, leading to an increase in vulnerabilities that “hackers” can exploit.
“The word hacker didn’t use to mean what it means today,” Said Dr Z. Cliffe Schreuders, a senior lecturer at the school of Computing, Technologies and Engineering, at Leeds Beckett University. “In the technical community we wouldn’t say the word hacker means anything negative. In this industry, someone who is good at computers is a hacker.” Dr Schreuders said.
The term black hat hacker describes an individual, whose main purpose is to breach online security, to expose a flaw in the system and take it down. “They are not trying to do the right thing, and typically you would include vigilantes under this term.” Said Dr Schreuders.
Anonymous are one such group who would be classed as black hat hackers. The group are a string of loosely tied members that use black hat hacking techniques to take down, or corrupt a system.
The group describe themselves on their website as: “we do not forgive and we do not forget, expect us.” They see themselves as online vigilantes, they stand against internet control and censorship. Most of their targeted actions are on governments and organisations guilty of censorship.
For instance, the group has recently threatened the American President Donald Trump saying he will “regret the next four years” in office, as well as threatening to expose his “personal ties with Russian Mobsters.”
Ignorance of Internet security protocols makes these individuals and organisations extremely vulnerable to black hat hackers. According to the UK Government website, around two-thirds of big named companies have been hit by cyber-crime in the last year.
Groups can steal personal data, electronic identities, and cause a full black out on a system. Using lots of different methods, from phishing – which is tricking people into giving up personal details via email, to spoofing – which is pretending to be a “friendly” website or server the individual may trust.
The rapid growth of technology, and its use in everyday life, is at the centre of online hacking and security vulnerabilities. Professor Reinhold Behringer, a creative technology expert at Leeds Beckett University, said: “hackers get smarter with growing technology. This is all part of the challenge for them, so you have to be careful about being vulnerable, and to strengthen security, like password use.”
There are many forms of attacks black hat hackers can use, the most common, yet simple one is the use of passwords encryption.
Everyone uses passwords online, to make this safe, it must be encrypted into a long string off numbers and letter for it to be stored safely online. This is converted into what is known as a hashed password. But because the password is still stored on the computer network, black hat hackers can easily get hold of that hashed code.
Although they cannot decode a hashed password back straightaway, they can try to match the hash, in fact computers can do this very quickly. This is done using a tool called a rainbow table, “these are tables used for reversing back passwords,” said Prof Behringer.
Black hat hackers essentially look up a hashed password on these rainbow tables, to see if the code has already been discovered. If not, then “they just keep on typing, until a match is found,” explained Prof Behringer. The thing that makes this so easy is that rainbow tables are easily available on the web. “This is why you should have a complicated password with all types of symbols and numbers in, so it won’t be present on the rainbow table.”
Every little thing you add makes it that more complicated to hack, individuals should also make sure to have a different password for different web sites.
Companies involved in black hat hacker attacks, can also improve the protection of sensitive data. Businesses will usually have to have data protection methods put in place online.
“Businesses will often encrypt sensitive data, making it unreadable if someone got hold of it when they weren’t meant to,” said Henry Nicholson, a freelance website developer for businesses. “Businesses should also encourage regular password alterations to their users, keeping personal account details secure.”
For an individual using a company site, “users will actually be asked to create additional security around their accounts,” explained Mr Nicholson. This will act as a “backup in-case their data or account gets compromised by a hacker.” This will enable the user to access their account and recover their data, as well as lock the hacker user out.
Other types of black hacker attacks include several Distributed Denial of Service (DDoS) attacks. “These attacks are essentially where you inundate something like a website with a lot of traffic, enough to a point where it breaks and shuts down.” Said Dr Schreuders.
For example, if you get enough computers to attack PayPal, then the site will stop altogether, as it is being overwhelmed. This then causes a significant inconvenience for innocent uses, as well as the company.
Most notoriously, the black hat hacker group Anonymous use this method to attack websites in a sign of protest. They see this type of attack in a way of a petition to send a message to the affected website or organisation. According to the group, this type of attack should be made legal, and say anyone been sent to jail because of this, should have their criminal records wiped.
Anonymous, and other similar groups, also use doxing methods. “This is when someone releases private information about an individual or organisation,” said Dr Schreuders. For example, this tool was used against the racist group Ku Klux Klan (KKK) by Anonymous.
The group released hundreds of names allegedly to be supporting members of the group, along with their social media profiles. Doxing in a sense is taking hostage, and published sensitive information publicly.
Similarly, in 2014 the supposed group called Guardians of Peace, released sensitive data from the film studio Sony, using doxing methods. The information included private e-mails, information about the company, personal data about their employees and families, as well as leaks of all the unreleased Sony films.
It is highly thought that North Korea had a hand in this leak of information, as a retaliation against the Sony film The Interview. The film had a plot line of assassinating North Korean leader Kim Jong-un, but North Korea has denied they were a part of this.
Ion Cannon attacks are also commonly used by black hat hacker groups. This is a way of using your computer to attack other computers using Denial of Service (DoS) attacks, “Anonymous use this method all the time in their attacks, but it’s also known as a fairly low tech attack, but dangerous”. Said Dr Schreuders.
DoS attacks are different to DDoS attacks. DoS only uses one computer and one network to carry out an attack, whereas DDoS attacks use multiple computers.
Low Orbit Ion Cannon are part of DoS attacks; they are described on the InfoSec Institute website as being “one of the most powerful DoS attacking tools freely available.” DoS can take down many servers at once while only using one computer.
Lastly, botnet attacks are another common tool used by black hat hackers. “This is where an attack can compromise hundreds, or even millions of computers through various technical means,” Dr Schreuders told me. The most famous case of a botnet attack came in 2007. The Trojan horse, Zeus, was created to steal banking data using these botnet attacks. In accordance with the website Veracode, Zeus spread through many Windows computers targeting emails, online messages and people’s downloads. This caused computers to go into a “zombie” mode while banking information was stolen.
The website also states that the Federal Bureau of Investigations (FBI) tracked down, the cyber-criminal team behind the attack, and arrested over 100 individuals. The botnets used stole over $70 million dollars from Americans all around the US. These tools are commonly used by groups, allegedly calling themselves black hat hackers, or vigilantes. However “instead of helping people they are putting people’s lives at risk,” Dr Schreuders stressed.
There is an idea vigilantes construct these acts in aid of a strike or protest, considering it ethical. But “even in the vigilantes, individuals can think they are doing something ethical, but that doesn’t make them an ethical hacker in any way.” Dr Schreuders said. There is a clear difference between black hat hackers and white hat hackers. “White hat hackers are used to hack into a computer to test the systems security weaknesses, we even teach it to students as you need to know how to test a system for vulnerabilities.”
These terms can somewhat get confusing as Dr Schreuders explained, there are also terms known as blue and grey hat hackers. These individuals fall somewhere in the middle of black hat, and white hat hackers. He also explained an ethical hacker is someone completely different to these terms.
Ethical hacking refers to someone who works within the law, with organisations and governments to hack into a computer system to evaluate its criminal intent and security. “Ethical hackers help to solve a crime, they are on the right side of the law, and the whole point is they are working and employed, mainly by the police, to solve a crime.” Said prof Behringer.
But from time to time, these ethical hackers can conduct acts of black hat hacker attacks. This can be seen acceptable by them, but in fact is done for the wrong intention, to break the law instead.
They use the same tools as black hat hackers, but “ethical hackers doing these acts in the name of vigilantism, is not ethical in my opinion. They put the end above the meaning,” which in turn is not a positive trait for hacking ethically. “You may end up with a lawless society, you cannot say you are above the law even with a good purpose, in the name of vigilantism,” prof Behringer explained.
The most famous example for this is the case of Ben Snowdon. He was a computer professional for the Central Intelligence Agency (CIA). He used his skills as a system administrator to leak copies of sensitive data from the CIA to the press. His prime goal was to expose the CIA for their wrong doings, and their plans on global surveillance programs. Mr Snowdon never considered himself a black hat hacker or a vigilante in that sense, but it was seen as such.
Looking at how the term has changed throughout the years is important. “In the early days of the internet and computing, it was an exploration of what was possible,” so it was a challenge rather than a criminal action. “In recent days’ hacktivism or black hat hacking, is more of an organised criminality, where a large proportion is motivated,” said Dr Schreuders, may it be driven politically or criminally.
“Mostly, the media has turned the meaning people know now,” said Dr Schreuders. Most individuals don’t understand the different variations of the term like black hat, white hat and grey hat hackers, or the use of vigilante acts surrounding them.
But one thing is certain, if technology advances, and there are high-profile issues being discussed, these so-called “internet vigilantes” will continue to exist. No matter how advanced the technology gets, they will always find a way to get their message across. “Vigilantism online can peak at times. If I would say, vigilantism online would rise just because there are more people using more computers. Meaning there are more targets, and cyber-crime in general is rising.” Said Dr Schreuders.