// THREAT DETECTION AND DATA PRIVACY TERM
Hacktivism
Hacktivism is the act of hacking into or disrupting a computer system or network for a politically or socially motivated purpose. Think of it as digital protest or civil disobedience, where individuals use their technical skills to draw attention to a cause.
TECHNICAL DEFINITION
Hacktivism is a cyber threat activity where actors, known as hacktivists, use computer hacking techniques like DDoS attacks, website defacement, or data leaks to promote a political or social agenda. These ideologically-motivated attacks target government, corporate, or other organizational entities to disrupt operations and broadcast a specific message or protest.
BACKGROUND
Hacktivism is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. A form of Internet activism with roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- political hacking
- cyber protest
- digital activism
- cyber civil disobedience
- issue-oriented hacking
- protestware
USAGE NOTE
The term is used to distinguish attacks motivated by ideology from those driven by financial gain or espionage.
DEVELOPERS
Organizations developing technology related to Hacktivism.
Provides incident response and threat intelligence services, specializing in tracking and analyzing sophisticated threat actors, including politically motivated hacktivist groups and their evolving tactics, techniques, and procedures (TTPs).
A cybersecurity firm whose Falcon platform and global threat intelligence team actively monitor and report on the activities of various adversaries, including prominent hacktivist collectives, often providing attribution and analysis of their campaigns.
A threat intelligence company that aggregates and analyzes vast amounts of data from open source, dark web, and technical sources to provide context on cyber threats. Their platform helps organizations anticipate and defend against campaigns from hacktivist groups.
An interdisciplinary research lab at the University of Toronto that investigates digital espionage and threats to civil society. They frequently publish reports on the tools and methods used in politically motivated cyber attacks that align with hacktivism.
A non-profit organization that develops the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques. This framework is used by security professionals to model and defend against threats from all types of actors, including hacktivists.
A U.S. federal agency that provides advisories, tools, and best practices to protect critical infrastructure. CISA actively shares intelligence and defensive measures against common hacktivist tactics like DDoS attacks and website defacements.
A cybersecurity company with an Advanced Research Center that investigates the global threat landscape. They publish threat intelligence on emerging campaigns, including those orchestrated by hacktivist groups targeting specific industries or geopolitical events.
The threat intelligence team for Palo Alto Networks, Unit 42 researches and publishes detailed analyses of cyber adversary groups and their campaigns. Their work includes tracking hacktivist operations and providing actionable intelligence to defenders.