As Palestinian rioters clashed with Israeli forces in the fall of 2000, Arab and Israeli hackers took to cyberspace to participate in the action. According to the Middle East Intelligence Bulletin, the cyberwar began in October, shortly after the Lebanese Shi’ite Hezbollah movement abducted three Israeli soldiers. Pro-Israeli hackers responded by crippling the guerrilla movement’s website, which had been displaying videos of Palestinians killed in recent clashes and which had called on Palestinians to kill as many Israelis as possible. Pro-Palestinian hackers retaliated, shutting down the main Israeli government website and the Israeli Foreign Ministry website. From there the cyberwar escalated. An Israeli hacker planted the Star of David and some Hebrew text on one of Hezbollah’s mirror sites, while pro-Palestinian hackers attacked additional Israeli sites, including those of the Bank of Israel and the Tel Aviv Stock Exchange. Hackers from as far away as North and South America joined the fray, sabotaging over 100 websites and disrupting Internet service in the Middle East and elsewhere.

The Palestinian-Israeli cyberwar illustrates a growing trend. Cyberspace is increasingly used as a digital battleground for rebels, freedom fighters, terrorists, and others who employ hacking tools to protest and participate in broader conflicts. The term "hacktivism," a fusion of hacking with activism, is often used to describe this activity. A related term, "cyberterrorism," refers to activity of a terrorist nature. However, whereas hacktivism is real and widespread, cyberterrorism exists only in theory. Terrorist groups are using the Internet, but they still prefer bombs to bytes as a means of inciting terror.

Hacktivists see cyberspace as a means for non-state actors to enter arenas of conflict, and to do so across international borders. They believe that nation-states are not the only actors with the authority to engage in war and aggression. And unlike nation-states, hacker warriors are not constrained by the "law of war" or the Charter of the United Nations. They often initiate the use of aggression and needlessly attack civilian systems.

Hacktivism is a relatively recent phenomenon. One early incident took place in October 1989, when anti-nuclear hackers released a computer worm into the US National Aeronautics and Space Administration (NASA) SPAN network. The worm carried the message, "Worms Against Nuclear Killers … Your System Has Been Officically [sic] WANKed. … You talk of times of peace for all, and then prepare for war." At the time of the attack, anti-nuclear protesters were trying (unsuccessfully) to stop the launch of the shuttle that carried the plutonium-fueled Galileo probe on its initial leg to Jupiter. The source of the attack was never identified, but some evidence suggested that it might have come from hackers in Australia.

In recent years, hacktivism has become a common occurrence worldwide. It accounts for a substantial fraction of all cyberspace attacks, which are also motivated by fun, curiosity, profit, and personal revenge. Hacktivism is likely to become even more popular as the Internet continues to grow and spread throughout the world. It is easy to carry out and offers many advantages over physical forms of protest and attack.

The Attraction to Hacktivism

For activists, hacktivism has several attractive features, not the least of which is global visibility. By altering the content on popular websites, hacktivists can spread their messages and names to large audiences. Even after the sites are restored, mirrors of the hacked pages are archived on sites such as Attrition.org, where they can be viewed by anyone at any time and from anywhere. Also, the news media are fascinated by cyberattacks and are quick to report them. Once the news stories hit the Internet, they spread quickly around the globe, drawing attention to the hackers as well as to the broader conflict.

Activists are also attracted to the low costs of hacktivism. There are few expenses beyond those of a computer and an Internet connection. Hacking tools can be downloaded for free from numerous websites all over the world. It costs nothing to use them and many require little or no expertise.

Moreover, hacktivism has the benefit of being unconstrained by geography and distance. Unlike street protesters, hackers do not have to be physically present to fight a digital war. In a "sit-in" on the website of the Mexican Embassy in the United Kingdom, the Electronic Disturbance Theater (EDT) gathered over 18,000 participants from 46 countries. Hacktivists could join the battle simply by visiting the EDT’s website.

Hacktivism is thus well-suited to "swarming," a strategy in which hackers attack a given target from many directions at once. Because the Internet is global, it is relatively easy to assemble a large group of digital warriors in a coordinated attack. The United Kingdom-based Electrohippies Collective estimated that 452,000 people participated in their sit-in on the website of the World Trade Organization (WTO). The cyberattack was conducted in conjunction with street protests during WTO’s Seattle meetings in late 1999.

Another attraction of hacktivism is the ability to operate anonymously on the Internet. Cyberwarriors can participate in attacks with little risk of being identified, let alone prosecuted. Further, participating in a cyberbattle is not life-threatening or even dangerous: hacktivists cannot be gunned down in cyberspace.

Many hacktivists, however, reject anonymity. They prefer that their actions be open and attributable. EDT and Electrohippies espouse this philosophy. Their events are announced in advance and the main players use their real names.

Web Defacement and Hijacking

Web defacement is perhaps the most common form of attack. Attrition.org, which collects mirrors and statistics of hacked websites, recorded over 5,000 defacements in 2000 alone, up from about 3,700 in 1999. Although the majority of these may have been motivated more by thrills and bragging rights than by some higher cause, many were also casualties of a digital battle.

Web hacks were common during the Kosovo conflict in 1999. The US hacking group called Team Spl0it broke into government sites and posted statements such as "Tell your governments to stop the war." The Kosovo Hackers Group, a coalition of European and Albanian hackers, replaced at least five sites with black and red "Free Kosovo" banners.

In the wake of the accidental bombing of China’s Belgrade embassy by the North Atlantic Treaty Organization (NATO), angry Chinese citizens allegedly hacked several US government sites. The slogan "Down with Barbarians" was placed in Chinese on the web page of the US Embassy in Beijing, while the US Department of Interior website showed images of the three journalists killed during the bombing, crowds protesting the attack in Beijing, and a fluttering Chinese flag. The US Department of Energy’s home page read: