"E-Guerrillas in the mist"



Edited/Distributed by HURINet - The Human Rights Information Network
---------------------------------------------------------------------
## date       : 27.10.98
---------------------------------------------------------------------
E-Guerrillas in the mist

One by one, the world's most prominent Web sites are falling
to the cyber bullets of Internet hackers. Unlike in the
past, the new breed of electronic intruder has a political
agenda.

Bob Paquin
The Ottawa Citizen

On Oct. 12 the Website of Mexican president Ernesto Zedillo
was attacked and compromised.

The date of the event was significant. Oct. 12 happens to be
Columbus Day in America -- an almost irresistible call to
action for the members of the New York-based Electronic
Disturbance Theatre.

The Zedillo hack was not the work of bored teens. It was a
political act, an occasion for Internet activists -- or
"hacktivists" -- to "demonstrate continued resistance to
centuries of colonization, genocide, and racism in the
western hemisphere and throughout the world," according to
the Theatre.

Nor was the Oct. 12 attack an isolated incident. In August,
the Mexican group X-Ploit hacked the country's finance
ministry Website, replacing it with the face of
revolutionary hero Emiliano Zapata, in sympathy with the
Zapatista rebellion in the Chiapas region in southern
Mexico.

And if Mexico is a popular target of hacktivism, it is by no
means the only target.

In June, the group MilwOrm, whose logo features the slogan
"Putting the power back in the hands of the people," hacked
India's Bhabba Atomic Research Centre to protest India's
recent nuclear tests.

Later, in July, MilwOrm and the group Ashtray Lumberjacks,
acting together, orchestrated a unprecedented mass hack of
more than 300 sites around the world, replacing Web pages
with an anti-nuclear statement -- complete with angry red
mushroom cloud -- directed towards all of the nuclear
powers.

On Aug. 1st, the Portuguese group Kaotik Team hacked 45
Indonesian government Websites, altering Web pages to
include messages calling for full autonomy for East Timor.

Mailbombs were delivered and several other Indonesian
government sites were hacked on Aug. 12th by hackers from
China and Taiwan, to protest the fact that
Chinese-Indonesians were targeted for torture, rape and
looting during the anti-Suharto riots in May.

On September 13th, the New York Times had its Website
replaced with a long screed calling for the release of
jailed hacker Kevin Mitnick, and aiming a few barbs at Times
reporter John Markoff, whose coverage of the Mitnick case
raised a fair amount of controversy both in the hacker and
media communities.

On Oct. 13th, political activists took over an Indian
government Website and posted messages and photos calling
attention to alleged government-sponsored repression and
human rights violations in the contested northern Indian
state of Kashmir.

Indeed, as the year 2000 approaches, incidents of
cyber-activism are becoming commonplace. And no wonder.
Never in the long and storied history of political and
social activism have dissidents had at their disposal a tool
as far-reaching and potentially effective as the Internet.

"The technology is changing the equations of power,
challenging the conventional channels of communication,
distributing and disseminating influence in the broadest
possible fashion, to the point of democratizing the channels
and getting rid of the gatekeeper," said Canadian foreign
affairs minister Lloyd Axworthy at an NGO conference last
month in Montreal.

"The technology has a mind-boggling potential to break
through barriers and overcome political obstacles to
educate, inform and be an agent of political change," he
added. "The mouse is mightier than the missile."

And while Mr. Axworthy noted that the Internet provides
opportunities for the communication of dissent and
opposition under repressive regimes, he stated categorically
that the medium should not be a law-free zone.

And yet, as far as hackivists are concerned, the Internet is
not only law-free, but a vast, high-profile canvas for
political graffiti.

According to a recent report from the California based
think-tank the Rand Corporation, entitled "In Athena's Camp:
Preparing for Conflict in the Information Age," authors John
Arquilla and David Ronfeldt define infowar, or cyberwar, as
"conducting military operations according to
information-related principles."

"It means disrupting or destroying information and
communications systems. It means trying to know everything
about an adversary while keeping the adversary from knowing
much about oneself. It means turning the 'balance of
information and knowledge' in one's favour, especially if
the balance of forces is not. It means using knowledge so
that less capital and labour may have to be expended."

Research in Canada into this aspect of the intersection
between communications, political action, and the internet
is thickly peopled by representatives from the Canadian
Security Intelligence Service, the Communications Security
Establishment, the RCMP, the Department of National Defence,
various private sector security-related companies, and
select academics.

When asked to comment on the hacktivism phenomenon, a
spokesperson from the Department of National Defence said
that, while national security infrastructure was evidently
not under attack, there was just cause for concern.

"This is our business, and we need to protect ourselves."

The world of information warfare is "a world where logic
bombs, computer viruses, Trojan-horses, precision-guided
munitions, stealth designs, radio-electronic combat systems,
new electronics for intelligence gathering and deception,
microwave weapons, space-based weapons, and robotic warfare
are being discussed, developed and deployed," wrote
University of Ottawa human-rights professor Gregory Walters
in the Ottawa Citizen earlier this year.

"I have been predicting and warning about this kind of
activity for years," said computer-security expert Winn
Schwartau, whose own "Infowar" Web site, is a repository of
information on hacking and infowar.

"Cyber-terrorism. Cyber civil disobedience. Each seems to
begin 24 months or so after we publish how it's done," said
Mr. Schwartau, who is also the author of the book
Information Warfare: Chaos on the Electronic Superhighway.

Not only are political hackers discovering how to infiltrate
and disrupt "secure" networks, most feel ethically justified
in doing so.

Toronto-based hacker cell The Hong Kong Blondes, led by a
Chinese dissident known as "Blondie" Wong, claims to have
affected the usefulness of a Chinese satellite as part of
their campaign to cripple Chinese military and security
networks, as well as Western companies doing business in
China.

Mr. Wong recently formed another group of hackers -- The
Yellow Pages -- based in Canada, the US, and Europe, to
protest Chinese government conduct over human rights, and
Western investment in the country.

Mr. Wong justified his controversial approach to political
reform in a July interview: "It is better to light a candle
than to curse the darkness."

He added, "There has been a shift in consciousness, I
believe. Younger people have a great deal of talent,
although they can be very awkward. But the point is, I think
they are different from the generation of hackers before
them. They want the recognition and attention, but they also
want to do something to contribute to change things in a
positive way."

The earliest generations of hackers revelled in the
challenge of electronically exploring the digital geography
of the new landscape that was brought into being through the
computer revolution.

This, of course, included the odd malicious hacker, intent
on using the tools of the trade for personal and often
pernicious ends.

However, a second generation has come to the fore. So-called
hacktivists engage in cyber-activism, or what some have
titled ethical hacking.

"Hacktivists are savvy, subversive and are seasoned veterans
of the Cola War," said Jamie Batsy, a Toronto-based
network-security consultant and member of the activist Tao
Collective.

"Advertisers and other opinion makers are now in a position
where they are up against a generation of activists that
were watching television before they could walk. This
generation wants their brains back and mass media is their
home turf."

And Mr. Batsy sees the battle between Internet activists and
the political elite heating up: "Corporations and
governments are at a huge disadvantage in this respect, as
they have to relearn what we were born knowing."

"Hacktivism has become such an effective means of activism.
It was founded by a generation whose language was taught to
them by advertisers, whose habitat is almost entirely
electronic."

Borrowing from the language and theory of Henry David
Thoreau, some hacktivists see themselves as engaged in
non-violent direct action and civil disobedience.

"While all hackers are clearly not averse to transgressing
the boundary between the legal and the illegal, not all
hackers are political. But today, the politicized hacker is
clearly a growing subset of the larger hacker world," said
Stephan Wray, one of the founders of the New York-based
Electronic Disturbance Theatre.

Writing in the Earth First! Journal, Mr. Wray observes,
"Today we are witness to a convergence of the computerized
activist and the politicized hacker."

He describes hacktivists as proponents of Electronic Civil
Disobedience (ECD), borrowing the tactics of trespass and
blockade from these earlier social movements and applying
them to the Internet.

Mr. Wray sees these activities as pushing the envelope and
advocating the notion that the Internet should be an avenue
for direct action, since "there are times when it becomes
imperative to break a law, or set of laws, that appear
unjust in comparison to what some would call a higher law."

The Electronic Disturbance Theatre is a small group of cyber
activists and artists developing the theory and practice of
ECD. The group has focused its electronic actions against
the Mexican and U.S. governments to draw attention to the
war being waged against the Zapatistas in Mexico.

On Jan. 1, through the Electronic Disturbance Theatre,
Sub-cyber-commandante Z, of the Intercontinental Cyberspace
Liberation Army, issued a press release which stated that
"bands of netwarriors around the world, members of the
Intercontinental Cyberspace Liberation Army, are converging
in cyberspace to instigate information warfare, netwar,
against the PRI controlled Mexican government

"No longer shall we sit idly at our computer screens. No
longer shall we wait, hope, and stupidly think that justice
will prevail on its own accord. Justice will only prevail
through struggle. And we, netwarriors of the
Intercontinental Cyberspace Liberation Army, are ready to
launch a co-ordinated attack."

Goals of this attack include the interference in and
obstruction of Mexico's digital networks, the
de-stabilization of Mexico's telecommunication
infrastructure, and the virtual destruction of U.S.
corporate presence in Mexico.

The Electronic Disturbance Theatre has produced a Java
script program called Floodnet, which is used to flood and
block a targeted Website by repeatedly calling for a
specific or non-existent Web page on that server.

The program is posted on a Web site, and participants have
been called on to visit that page during a designated time
period.

This prompts the Floodnet program to zero in on the targeted
Web site for a "Denial of Service" attack, which renders it
inaccessible for the duration of the attack.

The group estimated that up to 10,000 people took part in a
recent attack, sending 600,000 hits to each of the three
targeted Web sites per minute.

Over the past year the group has targeted various Mexican
government Web sites, also sites of the White House, the
U.S. Department of Defence, the Pentagon, and the Frankfurt
Stock Exchange.

The last concerted attack took place on Sept. 9, with a
follow-up skirmish taking place on Oct. 12.

A recent press release from the Electronic Disturbance
Theatre warns that the next attack will happen on Nov. 22,
and is aimed at the U.S. Department of Defence's "School of
the Americas," which has trained many representatives from
repressive Latin American military and intelligence forces.

In June, the Mexican government retaliated with Java of
their own, deflecting the attack and prompting Floodnet
participants' browsers to crash.

As with the Mexican government's efforts, the Pentagon
retaliated during the Sept. 9 attack, with a few tricks up
their digital sleeves.

"Our support personnel were aware of this planned electronic
civil disobedience attack and were able to take appropriate
counter measures," said U.S. Defence Department spokesperson
Suzan Hansen, in a report in Wired Magazine's Hotwired Web
site.

However, the Electronic Disturbance Theatre software
designers are, meanwhile, cooking up countermeasures.

While some activists have questioned the groups' methods,
describing them as technologically ham-fisted and too
politically correct, Mr. Wray and his cohorts' actions have
received wide-spread coverage in the media.

Two weeks ago, Mr. Wray made a presentation on the
Electronic Disturbance Theatre's activities to Harvard Law
School's Berkman Centre on Internet and Society.

Mr. Wray argued that his group is "still operating within a
window of opportunity that -- if not ahead of the law as
strictly interpreted -- is definitely still out ahead of the
prosecutorial or political range of the U.S. Department of
Justice."

This barely touches on the tremendous debate taking place
within the hacking community itself on the ethics of
hactivism, however.

To some extent the debate centres on the activities of
hacker vigilantes -- "white hat" wannabes -- who, a couple
years ago, began quietly targeting child-porn collectors.
The vigilante hackers launched a campaign to harass and
expose those they were able to track down, and to disable
their computers and relevant networks.

Given that hackers define their activity as primarily being
driven by curiosity, and not by malicious intent, most
observers in the hacker community were opposed to this "go
it alone" approach, which was seen to have crossed a line of
principle.

But, in an attempt to define this line, where civil
disobedience intersects with the ethics underlining these
issues, U of O's Prof. Walters asks, "If Hitler had a Web
site, would one not be morally justified in attacking it?"

While he disputes the terminology, and considers the terms
"ethical hacker" or "hactivism" to be oxymorons, Prof.
Walters argues that the debate in our society has not kept
pace with technological evolution.

"The problem," he said, "raises foundational questions about
the role of political, legal, and moral rights and
responsibilities in the information age, as well as
classical problems surrounding civil disobedience, law and
morality."

The debate continues to evolve. John Vranesevich, founder of
the Antionline Web site, which tracks hacking news and
events, reported earlier this year that "out of the
thousands of e-mails that we've gotten about Milw0rm (the
Indian Web site anti-nuclear hack), about 97.3 per cent of
them think that Milw0rm are heroes of sorts, with less than
three per cent thinking of them as criminals."

One letter writer did add, "bottom line to me is that the
hackers have no moral right to break into someone else's
system. … India and Pakistan have no inherent moral right to
put humanity at risk and to further damn our environment.
Conflicting moralities do not justify vigilante action."

Asked if his activities fall under the general rubric of
Infowar, Electronic Disturbance Theatre's Mr. Wray answered
with a wary affirmative.

"But the entire notion of information warfare needs to be
approached cautiously. Always remember who it is that is
creating the language, rhetoric, discourse, definitions,
etc. of infowar. Before entertaining the ideas, it is
necessary to identify in whose interests these ideas are
being promulgated."

Mr. Wray added: "Remember, the military always needs a
scapegoat and an enemy. With the end of the Cold War,
emerges the drug war and information warfare."

Mr. Wray would like to see his group's political hacking
redefine the Infowar doctrine espoused by governments and
within the media.

He told the Harvard presentation, "what we might call an
example of 'hacktivism,' information warfare theorists --
like those at RAND, the U.S. National Defence University, or
for that matter, within the U.S. Defence Information Systems
Agency -- might define pejoratively as a subcategory of
cyber-terrorism.

"We need to seriously question and abandon some of the
language that the state uses to demonize genuine political
protest and expression."

Most of the hacktivism examples cited above were perpetrated
by individuals or disparate groups around the world, each
with differing motivations, but with the common aim of
conveying a message through direct cyber-action.

However, people are networking, and recent media coverage of
the proliferation of these activities has led to plans for
more co-ordinated action.

The Electronic Disturbance Theatre suggests that their high
profile has made them a magnet for information on online
activists, and that they have been contacted by groups in
Australia, Asia, Latin America, and Europe that are already
involved in direct actions of their own and are eager to
contribute to greater initiatives.

The group's actions will escalate with their latest project,
"Swarm," which Mr. Wray describes as "an array of
Floodnet-like devices, arising, acting, and dispersing
simultaneously against an array of cyberspacial political
targets.

"If the electronic pulses generated by our Floodnet actions
are represented by a small mountain stream, the electronic
pulses generated by a swarm of convergent ECD actions are a
raging torrent."

Plans are under way for hacktivism-related conferences in
the next year. These conferences include a conference next
March in Amsterdam to discuss the possibility of developing
a political hacker code of ethics.

York University professor Reg Whitaker argues that, while
much of the hacking that gets reported by the media is
fairly inane, it does indicate potentially more dangerous
directions.

"My own view is that hackers are, in their own, generally
pretty harmless, if infantile and annoying. However, if
their skills can be detached from individualist anarchist
aims and harnessed by larger groups, whether states,
corporations or terrorist organizations, they may be
transformed into serious menaces."

Hacktivism is in its infancy and, given the ubiquity and
democratic nature of the Internet, we will see the
movement's growing pains and increasing maturity. As it
grows in influence, more people and organizations will
become involved.

"As of this moment there are groups of highly sophisticated
hackers that are willing to help whatever cause suits them.
It's not a matter of 'if,' it's 'when,'" stated Toronto
activist Jamie Batsy.

How governments and society evolve to address this assault
has not been sufficiently addressed.

Says Mr. Batsy: "I think it has brought an enticingly
literal definition to the term 'level playing field.' We
just have to wait and see who gets levelled."

The High Tech Report is a weekly feature of the Ottawa
Citizen.

Web posted Monday 26 October 1998


----------------------------------
Send mail for the 'huridocs-tech' list to 'huridocs-tech@hrea.org'.
Mail administrative request to 'majordomo@hrea.org'.
For additional assistance, send mail to: 'owner-huridocs-tech@hrea.org'.
Archives of previous messages posted to the list can be found at:
http://www.human-rights.net/huridocs-tech.


[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]