Case Studies
A New York City public housing project
hardly looked like a place where someone
could disrupt the activities of government
agencies or corporations around the world.
Yet in the midst of that obscure
neighborhood, the Federal Bureau of
Investigation showed up one morning to
place under arrest a masterful hacker,
Hector Xavier Monsegur, known in hacking
circles as “Sabu.” Months after his arrest in
2011, Sabu became an informant, exposing
the inner workings and structure of the
hacker group known as “Lulz Sec,” which
means laughable security. Federal
prosecutors described Sabu as an
“influential” member of the Lulz Sec
organization.
Lulz Sec is a splinter faction of
“Anonymous,” a disparate group of hackers
or hacktivists comprised primarily of young
men ranging in age from their late teens to
early 30s. In 2008, Anonymous initiated a
DoS attack against the Church of
42
Scientology because of its obsessive efforts
to keep its online data secret. Because
Anonymous members believe strongly in the
old internet value of free-flowing information,
the group was sympathetic to WikiLeaks and
its founder Julian Assange after he released
thousands of confidential documents about
U.S. military security. Anonymous hacked
the websites of businesses that terminated
their relations with WikiLeaks after this
incident occurred. Among these companies
were MasterCard, Visa, and PayPal (owned
by eBay). Lulz Sec also hacked into the
computers of the Public Broadcasting
Service (PBS) after it aired an
unsympathetic Frontline exposition about
WikiLeaks. And in the spring of 2011, Lulz
Sec disabled the Central Intelligence
Agency’s website for a short time—though,
according to the Agency, no classified data
were compromised.
In addition to disabling websites and denying
online service, Lulz Sec also filches
computer files. After hacking into the
computers of Sony Pictures, it stole the
personal information of about 100,000
customers. It also seized the personal data
43
of 200,000 users of the video game Brink,
which is a product of Bethesda Software.
Lulz Sec has justified its highly publicized
attacks as a vivid means of exposing
security holes in the computer systems of
government agencies and corporations.
They have aimed to show that the strong
security safeguards proclaimed by
corporations and government agencies are
no more than a fleeting illusion. However,
group members also admit they do this for
the fun of it. “This is the Internet,” one of
them said, “where we screw each other over
for a jolt of satisfaction.”
While law enforcement officials point to its
pernicious effects, hacktivism has supporters
who consider this activity to be a valid form
of online protest and even civil disobedience.
Although not necessarily endorsing all the
tactics of groups like Anonymous, hacktivist
apologists applaud their creativity and
ingenuity. They see value in protesting the
treatment of organizations like WikiLeaks.
Others regard hacktivists as providing an
invaluable service by exposing security
deficiencies so they can be properly
repaired. Support for hacktivism sometimes
44
45
comes from unlikely places. Father Antonio
Spadaro, writing for Civiltà Cattolica, a
publication sponsored by the Vatican,
approvingly characterized the hacker
philosophy as “playful but committed,
encouraging creativity and sharing, and
opposing models of control, competition and
private property.”
On the other hand, hacktivism is not typical
of civil disobedience, which involves
peacefully protesting unjust laws while
willing to suffer the consequences of one’s
actions. Hackers are anonymous, elude law
enforcement officials, and often cause
damage to systems that they infect with
worms and viruses. The favorite tactic of
“doxing,” finding embarrassing personal
information about someone and disclosing it
online, has the potential to be extremely
damaging. It’s one thing to protest the
actions of a government agency or
corporation, but it’s quite another thing to
pick on one or two executives and expose
the personal details of their lives. This tactic
could inadvertently bring harm not only to
them but to their families and associates,
innocent third parties who have nothing to do
46
with the behavior under assault by the
hackers.
The Lulz Sec group has dispersed for now,
but hacktivism will surely live on and
continue to be a source of interest and
controversy.
Questions
- How do you assess the various activities
of Lulz Sec? Do you agree with their
actions in support of WikiLeaks, such as
DoS attacks? - Under what conditions is hacktivism
morally permissible?
