Hackers with a Cause: Navigating the Ethics of Hacktivism in Cyberspace – Caresse Tan

NetMission Ambassador Blog Posts

What is Hacktivism? 

Stemming from the words “Hack” and “Activism”, hacktivism is generally understood as the illegal or legally ambiguous use of hacking techniques to achieve a specific political agenda. Examples of techniques employed by hacktivists include website defacements, distributed denial-of-service (DDoS) attacks and leaking private information. 

#OpsWakeUp21 by Hacktivist Group “Anonymous Malaysia

To provide more context about hacktivism, let us explore the case study below. For years, Malaysia has been no stranger to hacktivist attacks. In 2021, the Malaysian government was targeted in a concerted cyber-attack against various government websites and online assets (AR 2021). Dubbed #OpsWakeUp21, the campaign targeted 17 government and university websites, highlighting vulnerabilities in Malaysia’s cybersecurity infrastructure. The attack was carried out by Anonymous Malaysia, a prolific hacktivist group. The group had previously gained attention in 2015 when they demanded the resignation of former Prime Minister Najib Razak amidst corruption allegations. 

This time, the government was urged to address recent incidents pertaining to the widespread data breach and sale of Malaysian citizens’ personal data online. Putrajaya, as the administrative capital of Malaysia, was called out for not supporting developers of their digital assets and giving them no ownership over their codes. For failing to promote skill growth and learn from their mistakes, Anonymous Malaysia claimed that #OpsWakeUp21 will serve as a wake-up call for the government of Malaysia to improve cybersecurity measures within the country.

Ethical Considerations

Hacktivism often blurs the line between pursuing justice and upholding legality. In the context of #OpsWakeUp21, Anonymous Malaysia sought to advocate for stricter cybersecurity measures within the country, which would benefit the personal data protection of Malaysian citizens. However, in defacing government websites, the group has violated the  Computer Crimes Act 1997 which relates to unauthorized access to computer systems or data (Hakim 2021). Although Anonymous Malaysia managed to highlight vulnerabilities in the local cybersecurity infrastructure, their actions can sow distrust and fear among citizens and organizations; thereby, undermining actual constructive efforts to strengthen cybersecurity.

Hacktivism is often deemed ethical only when it adheres to core principles of minimizing harm, promoting transparency, and ensuring accountability. This involves avoiding unintended consequences that could harm innocent individuals and organizations, particularly in situations where conflicts escalate.  However, navigating these ethical dilemmas can be challenging for many, given the complexity of such situations and the lack of expertise in addressing them effectively.

Moving forward

Hacktivism may be effective in driving awareness, transparency and accountability, but this form of social activism borders on legal ambiguity and may infringe upon people’s rights. Organizations can discourage hacktivism by ensuring internal cybersecurity protocols are up-to-date and prepared to defend against various cyberattacks. Employees should also be trained to identify phishing attempts and respond appropriately. From a legal standpoint, governments and other stakeholders can prevent cross-border cyber attacks by agreeing upon a shared standard for enforcing and prosecuting cybercrimes. As hacktivism attacks often arise from perceived neglect or abuse of power, organizations may also take an ethical approach to address the root cause of the problem. Upholding responsibility and transparency in their operations can reduce the likelihood of them becoming a target of cyberattacks. 

Written by Caresse Tan

References

AR, Z. (2021, January 25) Hacktivist group Anonymous Malaysia resurfaces, vows cyber-attack against govt over data breaches. Retrieved from https://www.malaymail.com/news/malaysia/2021/01/25/hacktivist-group-anonymous-malaysia-resurfaces-vows-cyber-attack-against-go/1943943 (Accessed: 20 February 2024). 

Hakim, A. (2021, January 27) AnonymousMY Is Back & The Government Is Using A RM1.8 Billion Cyber Security Strategy To Defend Against It. Retrieved from https://www.therakyatpost.com/news/malaysia/2021/01/27/anonymousmy-is-back-the-government-is-using-a-rm1-8-billion-cyber-security-strategy-to-defend-against-it/ (Accessed: 20 February 2024).