Not long ago, several hacktivist groups like the Syrian Electronic Army and Lizard Squad were making headlines on a weekly basis with new hacktivism campaigns and random attacks. While Anonymous has always been the primary source of hacktivism throughout the world, it is interesting to see how these other prominent hacktivist groups’ activity has essentially fallen off the map. Where have all the hacktivists gone?
Taking a look at SurfWatch Labs’ data, Anonymous has been (and will remain) the top trending hacktivist group in 2016, with other factions of Anonymous such as New World Hacking and Ghost Squad Hackers providing additional support to the many Anonymous campaigns currently in existence.
The members of the Anonymous collective have been busy in 2016. New campaigns are underway, but several operations that were created in previous years have seen the most activity to date.
Government Sector Targeted, Financials Sector Trending
The government sector has been targeted the most by hacktivism in 2016 by a large margin. The data breach of the Philippines Commission on Elections is by far the top trending hacktivism target.
Two Anonymous-affiliated groups were behind the data breach of the Commission on Elections: Anonymous Philippines and Lulzsec Pilipinas. The breach affected 55 million Filipino voters and is considered one of the biggest government data breaches on record.
The Financials sector has also seen a lot of activity over the last month. This is largely due to #OpIcarus, a campaign created by members of Anonymous that is specifically targeting banks.
As the chart illustrates above, several banks are trending, with new banks targeted by #OpIcarus making headlines seemingly on a weekly basis. Between May 13 and 19, a total of 18 banks suffered DDoS attacks at the hands of Anonymous.
Where are the Other Hacktivist Groups?
Anonymous continues to make headlines while other prominent hacktivist groups remain stagnant. Groups like Lizard Squad, the Armada Collective, and the Syrian Electronic Army (SEA) appear to have almost completely ceased all operations. The CyberFacts collected by SurfWatch Labs backs this up, with 2015 being the last time any significant conversation took place among the three groups.
Syrian Electronic Army
Once one of the most recognized hacktivist groups, the SEA has seemingly disappeared since the summer of 2015. Most current news surrounding the SEA involves legal and law enforcement content as members of the group are being hunted down for past hacking activities. The SEA has been involved with many cyber-attacks, including the the hijacking of the Associated Press Twitter account and the takeover of Forbes. The group was founded in 2011, with most of their activity occurring during 2013 and 2014.
Perhaps one of the most notorious groups linked with DDoS attacks, Lizard Squad made a name for themselves after launching multiple DDoS attacks against the Sony Playstation Network and Xbox Live. The group has engaged in a war with Sony Online Entertainment president John Smedley, leading to bizarre events such as calling in a fake bomb threat to an airline which Smedley was a passenger of and effectively grounding the flight. Lizard Squad has recently made headlines without any effort, as a group of unknown hackers were posing as the hacktivist group in an effort to extort money from U.K. businesses through the threat of a DDoS attack. As for actual current activity from Lizard Squad, Blizzard reported a DDoS attack from the group back in April 2016.
The Armada collective is the newest hacktivist group out of the three, and it is well-known for its DDoS extortion attacks against online retailers, a method of attack that was first made popular by another hacker group, DD4BC. The group was very active towards the end of 2015, attempting to extort several companies. Much like ransom demands, experts have overwhelmingly warned companies not to give into these attacks. The group went silent in late 2015, although other groups continue to use the group’s name for fake DDoS threats, which unfortunately lead to the group earning over $100,000 for their efforts.
While many people find the threats of hacktivism to be just a nuisance, the damage created from a single attack can have lasting consequences. DDoS attacks — the primary hacktivist weapon of choice — can impact a company through financial losses and damaged brand reputation due to the amount of time the company’s servers are down. In other attacks, sensitive data can be obtained and leaked on the Internet for other criminals to exploit. Hacktivism hasn’t been as prominent in 2016 compared to years past, but the threat posed from these groups remains the same, and companies need to remain diligent in protecting from these threats.