BLUF – Not only are cyber criminals becoming bolder in power projection, they are also diversifying into non-monetary causes. Whilst only a pebble risk for now, the potential for criminal-turned-hacktivist lends a rather disturbing picture for anyone considering the threat.

Background

The last post looked at threat actors’ traditional triad – Nation-state/ Criminal/ Hacktivist – and how three incidents in the past five years have blurred lines.

WannaCry showed us nation-states behaving as criminals. NotPetya showed us nation-states using criminal framing to hide aggressive behaviours. Costa Rica is showing us criminals overtly taking on less affluent nations as victims, reaching their citizens to pressure government to give in to demands. More to come there, but we’ve yet another new twist to consider.

Criminals and hacktivists always have an interesting dynamic. Back when Anonymous was more prevalent we saw members turn to the dark side, using their newly honed skills for ill-gotten gains. Perhaps they fell prey to the ease and returns, perhaps we simply paid them better attention; it was not uncommon to see hacktivists turn criminal.

What we are seeing now is more disconcerting, as we are seeing criminals turn hacktivist. Thanks, SCOTUS.

Concerns abound at the potential for criminals finding causes to support – with money and experience to truly take on larger and more secure organisations than seen in the past. Hacktivist success previously was largely reliant upon low-hanging fruit exploits and attacks fostered by participant masses; criminal organisations (depending on which organisation takes the baton) are skilled at getting into harder targets – or know others who can. Established criminal organisations with money and connections create well-resourced protests – defying legal boundaries that others with money must abide by. Talk about a sharp message.

Even more disconcerting – we lack negotiation, except under the terms dictated by the threat actors. Never mind law enforcement has limited effect on these groups, but now money isn’t the issue. There won’t be the option to impede the criminal’s ability to cash out – which was often our best option. In normal criminal responses we often couldn’t ‘t stop the theft, but we could stop them getting the funds. But as hacktivists, law enforcement will have even more difficulty interrupting their activities. How do you negotiate the forced stepping down of a board or executive? What is negotiable in a public apology?

Worst case scenario – what if they push for justifiable causes and are effective in implementing change? Not hard to remember those in power got there somehow. Could criminals-turned-hacktivists be our next-generation’s leaders in a few years? Are we potentially looking at a new Sinn Féin? Perhaps there won’t be a massive shift in criminals finding causes, but when money is no longer a required consideration, many other considerations come to light. Cyber crime is already fighting smoke, what if the smoke chokes us for the betterment of society?

Then again, if both sides of an issue (like we see currently) find resourced hacktivist support – it chokes us for the worse.

-scl