Neutralizing Ideological Cyberattacks
Lead Research Organisation:
University College London
Department Name: Computer Science
Abstract
If not long ago was difficult to organize social movements, nowadays, the widespread use of computer technology created new opportunities to promote a political agenda and social changes. This combination of activism and hacking is known as hacktivism. As this phenomenon become increasingly common and structured, it is crucial to understand the narratives of political subcultures active online. There is, however, a lack of empirical research on political motivated cyberattacks. Beginning with Sykes's and Matza's neutralization theory, I seek to determine if, and to what extent, far-left and far-right hacktivists develop techniques of neutralization to justify their actions. To understand the applicability of this theoretical framework on the phenomenon examined, I apply a qualitative content analysis of documents leaked by the anarchic group, Antisec and interviews released by the Jester, a patriotic hacker. The data were investigated in depth and coded in a deductive and inductive manner by adopting a theory-driven approach. More specifically, I tested the following hypothesis:
H1: Ideological hacktivists justified cyberattacks adopting denial by victim neutralization technique.
H2: Ideological hacktivists justified cyberattacks adopting condemnation of condemners neutralization technique.
H3: Ideological hacktivists justified cyberattacks adopting appeal to higher loyalty neutralization technique.
H4: Ideological hacktivists justified cyberattacks adopting appeal to higher moral principal neutralization technique.
H5: Ideological hacktivists justified cyberattacks adopting defence of necessity.
Overall, these finding demonstrate that as other forms of traditional crime and cybercrime, such as cyber harassment and cyber racism hacktivism can be explained by adopting neutralization theory as a framework. Furthermore, despite slightly differences on the way through which far-left, and far-right hacktivist groups rationalize their cyberattacks, at the greatest extend, they all developed neutralization techniques.
Expanding our knowledge on this phenomenon is essential for two main reasons. Firstly, nowadays with growing access to ransomware tools hacktivist represent a more dangerous threat. Finally, in the future, with the advance of technology and of the interconnections between physical and digital space, hacktivism might become the most common form of protest.
Based on the finding of these case studies I would encourage additional research into whether neutralization theory can be a useful theoretical framework to examine other hacktivists groups and patriotic hackers. By better understanding the process by which ideological cybercriminals engage in cybercrime would help to develop more targeted and effective interventions to anticipate and counteract ideological and political motivated cyberattacks.
H1: Ideological hacktivists justified cyberattacks adopting denial by victim neutralization technique.
H2: Ideological hacktivists justified cyberattacks adopting condemnation of condemners neutralization technique.
H3: Ideological hacktivists justified cyberattacks adopting appeal to higher loyalty neutralization technique.
H4: Ideological hacktivists justified cyberattacks adopting appeal to higher moral principal neutralization technique.
H5: Ideological hacktivists justified cyberattacks adopting defence of necessity.
Overall, these finding demonstrate that as other forms of traditional crime and cybercrime, such as cyber harassment and cyber racism hacktivism can be explained by adopting neutralization theory as a framework. Furthermore, despite slightly differences on the way through which far-left, and far-right hacktivist groups rationalize their cyberattacks, at the greatest extend, they all developed neutralization techniques.
Expanding our knowledge on this phenomenon is essential for two main reasons. Firstly, nowadays with growing access to ransomware tools hacktivist represent a more dangerous threat. Finally, in the future, with the advance of technology and of the interconnections between physical and digital space, hacktivism might become the most common form of protest.
Based on the finding of these case studies I would encourage additional research into whether neutralization theory can be a useful theoretical framework to examine other hacktivists groups and patriotic hackers. By better understanding the process by which ideological cybercriminals engage in cybercrime would help to develop more targeted and effective interventions to anticipate and counteract ideological and political motivated cyberattacks.
Planned Impact
The EPSRC Centre for Doctoral Training in Cybersecurity will train over 55 experts in multi-disciplinary aspects of cybersecurity, from engineering to crime science and public policy.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Organisations
People |
ORCID iD |
| Paul Gill (Primary Supervisor) | |
| Sara Rubini (Student) |
Studentship Projects
| Project Reference | Relationship | Related To | Start | End | Student Name |
|---|---|---|---|---|---|
| EP/S022503/1 | 01/04/2019 | 23/11/2028 | |||
| 2726637 | Studentship | EP/S022503/1 | 26/09/2022 | 30/09/2026 | Sara Rubini |