Hacktivism (a blend of the words ‘hacking’ and ‘activism’) is a form of political activism that employs computer hacking techniques to promote a political or social cause. It involves using technology to disrupt or manipulate systems or networks to make a statement, expose information, raise awareness or exert pressure on a specific target. Hacktivists often target government and defence, corporate or authoritative entities they view as unethical or oppressive. Unlike conventional hackers, the primary aim is not financial gain, but to raise awareness or challenge a political issue. Hacktivists frequently use their hacking capabilities to advocate for causes like free speech, human rights or government transparency.

Examples of hacktivism

Hacktivism has a long history, dating back to the 1990s, during the early days of the internet . Notable examples include:

  • US Department of Justice – In 1996, hackers renamed the Department of Justice’s website to “Department of Injustice” and posted pornographic images as a protest against the Communications Decency Act, which sought to regulate online pornography
  • WikiLeaks –  A non-profit organisation founded in 2006 by Julian Assange that publishes leaked documents and classified information provided by anonymous (mainly government) sources
  • Anonymous – A decentralised international collective known for its various hacktivist campaigns against governments, corporations and religious institutions. Anonymous gained notoriety when they targeted the Church of Scientology in 2008, using YouTube and a targeted DDoS (Distributed Denial of Service) attack. Anonymous has targeted several well-known organisations since then, including ISIS.
  • OpIsrael – A series of cyberattacks launched against Israeli websites and government servers in 2010 in response to the Israeli offensive in Gaza
  • Ashley Madison – In 2015, a group of hackers known as The Impact Team breached Ashley Madison, a dating website for extramarital affairs. The hack exposed sensitive user data, and the group’s aim was to draw attention to the ethics of such websites and their practices.

How is hacktivism carried out?

Hacktivists employ a variety of methods to achieve their goals and spread their own worldview. One tactic used by hacktivists is website defacement, where they alter the content of a website to spread their message. Other methods include DDoS to disrupt services, leaking sensitive data and doxxing, which involves exposing personal information to the public. Hactivists may also use social engineering, whereby individuals are manipulated into granting unauthorised hackers access to systems or classified information. Hacktivists may also use ransomware, phishing or malware to access or sabotage systems, all with the aim of drawing attention to their cause.

Is hacktivism ethical?

The ethics of hacktivism are debated. Supporters of hacktivism argue that it can be a legitimate form of political expression when used to expose corruption or human rights abuses. However, critics see hacktivism as illegal and potentially harmful, especially when it disrupts public services or compromises personal data.

The ethical implications of hacktivism can vary depending on several factors including the target, the motivation and the impact of the actions for example. While the intentions of hacktivists may be noble, the methods – often involving illegal activities – raise ethical concerns about accountability and the potential for collateral damage​.

Statistics on hacktivism

Quantifying hacktivism is challenging due to its decentralised nature, and the tendency of hacktivists to remain anonymous to avoid legal prosecution. There is ongoing research into hacktivism however, and a few key statistics are listed below:

  • ENISA identified nearly 3,662 hacktivist incidents in its 2024 Threat Landscape report, with most connected to the war between Russia and Ukraine
  • The pro-Russian NoName057(16) group accounted for almost 60 percent  of all hacktivist incidents during 2023. Intel 471 observed shifting alliances within hacktivist groups, and the reignition of the Israel-Palestine conflict in October caused significant fluctuations in activity
  • When surveying motivations towards cybercrime, researchers found that hacktivism increased as a motivation from 6 percent to 7.1 percent year on year, suggesting a rise in hacktivism as a cause for cybercrime
  • According to the PSTA, there was a 27 percent increase in hacktivism activity against police in Q3 2023. This research also revealed that hacktivist threats accounted for 83 percent of all cyber activities targeting the public safety sector during this period
  • Research from Thomas Murray into cyber attacks on the financial sector indicated that the banking industry is an increasingly important target for hacktivist groups

Hacktivism vs. hacking

The primary difference between hacktivism and hacking is the motive. Hacktivism is driven by political or social causes, aiming to create awareness or incite change. Conversely, traditional hacking typically focuses on exploiting vulnerabilities for personal or financial gain. While both involve unauthorised access to IT systems, hacktivism often involves publicising the breach to advance a cause, whereas hackers may remain covert. Ultimately, hacking is predominantly motivated by financial gain, whereas hacktivism is driven by political or ideological goals.

Hacktivism vs. cyberterrorism

Hacktivism and cyberterrorism are distinct forms of cyber activity and differ mainly by their intent and the severity of their impact. Whilst hacktivism focuses on the use of hacking to effect social change, usually through disrupting systems or exposing sensitive information. It generally aims to avoid causing direct physical harm.

Cyberterrorism, on the other hand, uses hacking techniques with the intent to cause significant harm, such as violence, loss of life or severe economic damage. It often involves politically motivated attacks aimed at furthering extremist ideologies.

While both use similar tactics, cyberterrorism is more likely to target critical infrastructure to create widespread chaos​. Cyberterrorism is a more serious crime that is motivated by malicious intent. Hacktivism, while often disruptive, is generally not intended to cause direct harm.

What is the goal of hacktivism?

The goal of hacktivism is to promote political or social causes through hacking. Hacktivists seek to raise awareness, expose misconduct or disrupt operations to force change. By leveraging technology, they can bypass traditional media, directly delivering their messages to the public. Their actions often focus on achieving mass exposure and applying pressure on targets to drive ethical, legal or societal reforms​.

Hacktivism can be a powerful political tool that exposes government corruption, highlights human rights issues and protests oppressive regimes. By publicly disclosing sensitive data or disrupting online services, hacktivists challenge authority and attract media attention, prompting essential political discussion. Social media further amplifies these actions, turning hacktivist campaigns into global movements.

Who do hacktivists target?

Hacktivists often target governments, corporations and institutions that they perceive as oppressive or harmful. This may include sectors like energy and utilities, healthcare and pharmaceuticals, financial services, technology and telecoms, retail and more.

They may also target individuals who they believe have committed wrongdoing. Hacktivists typically target businesses and organisations they view as unethical or unjust for varying reasons. This includes governments, especially those accused of censorship or human rights violations, as well as corporations engaged in controversial practices like environmental harm or privacy breaches.

Other common targets include law enforcement agencies, political parties and religious institutions. The goal is to expose, embarrass or disrupt the operations of these entities to make a public statement or spread a particular ideology.

Cybersecurity threat of hacktivism

Although hacktivism is driven by political or social causes rather than financial gain, it is still a cyber attack that can significantly disrupt organisations and individuals.

To protect against these threats, organisations should maintain robust cybersecurity measures and continuously monitor for hacktivist activity, using threat intelligence to identify key actors, tactics and sector-specific risks.

Shifting geopolitical events can impact both the digital and physical security of an organisation. By staying aware of social and political issues, organisations can better anticipate and mitigate potential hacktivist threats before they occur.

Is hacktivism legal?

Hacktivism is generally considered illegal. Even if the motives are noble, the methods of hacktivism often violate laws. This is because hacktivism entails gaining unauthorised access to computer systems and may also involve other illegal actions such as defacing websites, the theft or leaking of data and disruption of services.

While hacktivism may be seen as a form of protest, the activities engaged in to further their cause are still typically classified as illegal.

FAQs

What does hacktivism mean?

Hacktivism combines the words “hacking” and “activism,” and involves the use of hacking techniques to promote political or social causes. Hacktivists often disrupt systems, expose sensitive data or deface websites to raise awareness or challenge authorities on issues like human rights, censorship or corporate misconduct.

What are examples of hacktivism?

Notable examples of hacktivism include Anonymous’ attacks on the Church of Scientology for internet censorship, WikiLeaks’ data leaks of classified government documents and the defacement of the US Department of Justice website in protest against the Communications Decency Act. These cases highlight how hacktivism can disrupt institutions and expose information to promote social or political agendas.

What is a hacktivist?

A hacktivist is someone who uses hacking techniques to promote or further a political or social cause. They target entities such as governments or organisations they view as oppressive or unethical, aiming to disrupt operations, expose corruption or spread their own message and ideology.

Is hacktivism ethical?

The ethical implications of hacktivism are debated. Some view it as a form of civil disobedience, fighting for just causes like free speech or transparency. Others criticise it for being illegal and potentially harmful, especially when personal data or critical services are affected in the pursuit of hacktivism.

Hacktivism and Silobreaker

Silobreaker empowers businesses to stay ahead of emerging cyber risks, including hacktivism, by providing a comprehensive view of the evolving threat landscape. Silobreaker consolidates unstructured, dark web and premium data sources into actionable intelligence that can be delivered using bespoke dashboards, reports and real-time alerts.

It identifies the common tactics, techniques and procedures (TTPs) from hackers (and hacktivists), alongside specific indicators of compromise (IoCs) relevant to the industry and region in which you operate.

By monitoring discussions, emerging trends and specific IoCs, Silobreaker helps you anticipate hacktivist threats, identify likely targets and take proactive measures to safeguard your systems. This intelligence not only allows early detection of threat, but also helps you respond more effectively.

Beyond hacktivism, Silobreaker offers insights into wider cyber and physical threats, as well as the geopolitical context driving hacktivist actors, giving businesses a multi-dimensional view of how risks are interconnected across cyber, physical and geopolitical domains. This enables organisations to develop a proactive cyber defence strategy that addresses threats from all angles.

Find out more about how Silobreaker can help your organisation to identify hacktivist and other emerging threats and make intelligence-led decisions here.