The etymology of words – and the shifting cultural stances that often instigate changes in meaning – can be fascinating. For instance, the ‘viral’ in today’s title. Pre-internet it meant only an illness. And to some degree, it still does, albeit a digital one. We’ve generally moved on to calling computer viruses ‘malware’, a portmanteau of malicious software. But ‘viral’ can also be a specific metric. A viral video, for instance, is one with huge numbers of views and/or shared copies. That number used to be considered anything over a million, but that standard has fallen somewhat by the wayside given the magnitude of online visual media as a social norm. But it is still meant to denote that something has spread widely...like a virus.
Another term that has changed meaning over time, and is itself also a portmanteau, is hacktivism. A combination of hacker and activism, this term is defined by Wikipedia as the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. It has a storied history, dating back into the 1990’s. And some memorable actors, many of whom have never been fully identified. As well as some who have been internationally reviled for their work. Some people see hacktivists as being altruists, doing the gray area to outright lack of legality work that no one else will or has the capacity to. Some see them as nothing more than another type of cybercriminal. The difference is mostly dependent on which side of the hack one is on.
Popular culture has played a role as well. Groups like Anonymous, who take some of their aesthetic from the stylized image of a Guy Fawkes mask after the success of V For Vendetta, both the movie and the graphic novel it’s based upon. That visage has become synonymous with a certain type of hacktivism, namely that of the greater good, regardless of who it might expose (although these days the group seems to have devolved into online trolling more than anything).
But who defines that greater good? And when does it become opportunistic instead of altruistic? Again, that depends on which side of the line one is standing. All’s fair in love and war, right?
Today on my cyber news feed is an article from CloudSEK regarding a surge in hacktivist type attacks against US critical infrastructure by Iranian actors. The attacks are comprised of exploitation of internet facing ICS devices, phishing campaigns targeting OT-adjacent personnel, and long-dwell IT infiltration. Multiple malware families and groups are being utilized, like APT33, MuddyWater, Volt Typhoon, and others. Each one is targeting a different, sometimes overlapping, sector. They are coordinated and numerous, over 60 groups that activated within hours of the February 28th strikes. And some of them have been quietly present for years. There is a confluence of factors involved here. Motivation to retaliate against a foreign power, taking advantage of lowered online defense with the interruption of CISA’s workforce and the sheer ability to obtain access to the targets in the first place due to default credentials (or none required at all).
The article points out that the disruption of services isn’t theoretical in nature; it’s documented operational history. The playbook of how to dismantle a government has already been written, by the US. For Iranians facing this controversial military action, these attacks are a way to exemplify ‘turnabout is fair play’. For the US, they are a threat. The context is important to remember. And history will document which side will emerge as justified.
