Latest break-in at International Atomic Energy Agency highlights that the public still doesn't buy criminal acts in support of 'good causes'. Credit: Illus_man/Shutterstock Another hacktivist group struck this week for yet another “good cause.” Parastoo, which broke into a server of the International Atomic Energy Agency (IAEA) and leaked the email addresses of 167 experts working with the agency, declared that its goal was to expose “beyond-harmful operations” at Israel’s Negev Nuclear Research Center. In a statement posted on Pastebin, the group demanded that those experts petition the IAEA to investigate the Negev site, and threatened to expose the locations and other personal and professional information of those experts if they don’t. The group sought to show that its motives were noble. “We are reassuring IAEA that their critical information is safe with us, as we are brothers.” But it said its brotherly connection did not extend to any “Western-flavored elements.” This latest break-in is yet another example of hacktivists viewing themselves as the good guys. They have regularly described themselves as freedom fighters who strike blows in behalf of the common people against the evils of corporations and governments. But security experts say the reality is that while they can make life miserable in some cases for their targets, they generally have little more long-term impact than other, more traditional, activist movements like the Tea Party or Occupy Wall Street (which did have a major online element). Hacktivists gain a measure of short-term publicity and influence, but are now essentially irrelevant. Michael Murray, managing partner of MAD Security and also of the Hacker Academy, said the targets of attacks “hardly ever” comply with the demands or threats of hacktivists. “I know of a couple of off-the-record types of deals,” he said. “But most often, the target plays along only so long as it takes to either prosecute the hacktivists, usually with the assistance of law enforcement, or to buy time to figure out how to stop the attacks.” Chester Wisniewski, a senior security adviser at Sophos, said online activism can have an effect on public policy. “That’s one of the reasons SOPA (Stop Online Piracy Act) got shut down,” he said. “But that’s not hacking … That’s just making yourself heard. “When they start breaking the law, no, they don’t really change things. How many times did Sony get hacked — 49 or so? — and they never changed their minds about anything,” Wisniewski said. “Stratfor (an Austin, Texas-based international intelligence broker) is not going to back down from what they do because they got hacked. Most of those types of actions are really misguided.” The IAEA did not respond to multiple requests over two days for comment about how it might respond to the demand. But in a statement to Computerworld, spokeswoman Gill Tudor said only that the agency was working to make sure that no further information was vulnerable. This doesn’t mean hacktivism never has any impact. As a Business Insider post on the hacktivist collective Anonymous noted, “Following allegations of vote rigging after the results of the June 2009 Iranian presidential election were announced, declaring Iran’s incumbent President Mahmoud Ahmadinejad as the winner, thousands of Iranians participated in demonstrations.” “Anonymous, together with The Pirate Bay and various Iranian hackers, launched an Iranian Green Party Support site called Anonymous Iran. The site has drawn over 22,000 supporters worldwide and allows for information exchange between the world and Iran, despite attempts by the Iranian government to censor news about the riots on the Internet,” the report said. Wisniewski said one of the quieter impacts of hacktivism is intimidation that may have the beneficial effect of improving security. He said the Sony hacks woke people up. “I must have talked to 100 companies who were saying, ‘What’s preventing us from being the next Sony? ‘We don’t want to be on the front page.’ That’s the real impact I see — but it’s good that it has them thinking about security.” Murray adds: “Anonymous did a good job of bringing attention to some of the abuses of the Church of Scientology, but this was as much predicated on their real-world efforts as their online ones.” But, Murray and Wisniewski agree that most of the time, the public does not buy the claim that “hacktivists are not criminals.” “In the mind of the general public, hackers are criminals whether they’re trying to be activists or not,” Murray said. “One can rob banks and give the money to charity, but it doesn’t mean that the public and law enforcement won’t consider them bank robbers.” Another thing that tends to undermine general public support for hacktivists is that they frequently acknowledge that their exploits are “for the lulz,” which generally means for personal enjoyment, but is also seen as craving attention. Regardless of its long-term impact, or lack of it, nobody sees hacktivism declining. Murray said that major media coverage of hacktivist exploits, including the arrests and trials of those who are caught will make it more valuable to be a hacktivist. “These people are doing this to bring attention, and the media gives more attention to it as it becomes more prevalent,” he said. Jeremiah Grossman, founder and CTO of WhiteHat Security, said it is important to keep hacktivism in perspective. “Remember, while hacktivists are a concern, they are in no way the most pressing,” he said. “Professional hackers, those who are purely in it for the money, or nation state-sponsored hackers, are far more dangerous to us all.” More on hacktivism: Hacktivism's reemergence explained: Data drops and defacements for social justice Rash of hacktivism incidents accompany Russia's invasion of Ukraine Russian hacktivist group targets India's health ministry Russian hacktivists deploy new AresLoader malware via decoy installers Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe