In a recent post on Alternet, Bucu Bakliogu and Peter Ludlow discussed 10 of the most significant hacktivist actions over the last 20 years. In this post, I go into more detail on the #1 hacktivist action on their list: the Electronic Disturbance Theater event. Here I go into more detail on the EDT and the some of the fault lines in the hacktivist community that it has given rise to.
In 1998 the Electronic Disturbance Theater (EDT) developed and utilized a tool called FloodNet to target the Pentagon, the White House, the School of the Americas, the office of Mexico's President, the Mexican Stock Exchange and the Frankfurt Stock Exchange, all in support of the Zapatista guerilla movement in Mexico. Floodnet, which has subsequently been released as part of EDT's "Disturbance Developer Kit" allowed users to participate in a sit-in attack on these sites by a simple click on an icon on the EDT website. The Floodnet software then directed the participating computers to continually attack the target websites. It has been estimated that 10,000 people accessed floodnet in this two day action resulting in some 600,000 hits per minute .
According to computer security expert Dorothy Denning, the FloodNet attack on the Pentagon was met with perhaps the first military response to a hacktivist attack. Immediately after detecting the attack the Pentagon servers redirected the FloodNet clients to a hostile Applet which tied up the attacking computers, ultimately forcing them to reboot.
FloodNet has subsequently been deployed by a group called The Electrohippies who used it to target the World Trade Organization and various e-commerce websites, defending their actions in Biblical terms: "As Jesus ransacked the temple in Jerusalem because it had become a house of merchandise, so the recent attacks on e-commerce web sites are a protest against the manner of it's [sic] recent development."
Interestingly, the Electrohippies recognized that DDOS attacks did have the result of denying speech to the target, but came up with a formula for determining when such action was justified: First the "the acts or views perpetrated by the targets of a [D]DoS action must be reprehensible to many in society at large, and not just to a small group." Second, the attack should show proportionality, which is to say that it should focus on a single issue, and not the organization as a whole. The theory, we take it, is that the attacks should be counterpoints that allow alternative points of view to become visible; the goal is not to silence the targeted group but to restore informational balance. The Electrohippies also distinguished between server side attacks and client-side attacks, where a client-side attack is coming from multiple individuals (using Floodnet, for example), the though being that such action is more democratic.
Not all Hacktivists have agreed with the Electrohippies on this point, with Oxblood Ruffin of cDc, famously pushing back against their rationale: "Denial of Service attacks are a violation of the First Amendment, and of the freedoms of expression and assembly. No rationale, even in the service of the highest ideals, makes them anything other than what they are--illegal, unethical, and uncivil."
Ruffin's counterpoint expresses a decidedly American-centric view of hacktivism, which has not gone unnoticed by other hacktivists around the world. The First Amendment, after all, is the name of an amendment to the constitution of The United States, and American hackers tend to be more technolibertarian whereas hacktivists in other parts of the world tend to be more concerned with social justice and overthrowing repressive regimes than with civil discourse.