By David Cassel

IN DECEMBER THOUSANDS of computer owners fired up their modems for the assault. From unseen corners of the globe they converged on a single Web site – to overload it.

Though the media portrays hackers as destructive intruders, some individuals and groups – known as hacktivists – are openly committing online forms of protest in the service of political and social causes. These protests might consist of a symbolic, mass visit to a Web page – an action that, with enough participants, would make the targeted page inaccessible to others – or they might involve more invasive monkey-wrenching, the disabling of the Web site's underlying technology. Others are aimed at bypassing government restrictions that protesters see as unfair. Fusing their passions with their technology, hacktivists are using the power of the Internet to foster new forms of social protest.

The Electrohippies are a five-member group of U.K. hacktivists. As the 20th century ticked to a close they organized a "WTO virtual sit-in," which overloaded the machines keeping the World Trade Organization's Web site on the Internet. The group estimates it helped 452,000 people swamp the site over several days, reporting that during the action participants sent up to 900 e-mails a day.

Paul Mobbs, the group's cofounder and media liaison, says the Electrohippies accomplished their goal – disrupting the World Trade Organization's online presence for four- to five-hour stretches – and reduced the site's overall speed by half. Last week the group launched several events focused on genetically modified crops.

If you have a computer with a modem, you're already a potential coactivist in this radical action. A surprise "special action" began April Fools' Day, with an e-mail campaign scheduled from the 3rd to the 7th – targeting 78 officials listed on the Hippies' Web site, including U.S. Department of Agriculture communications official Vic Powell – to build public pressure against genetically modified foods. A "server-log rant" is also planned, in order to "put the public in touch with genetics webmasters," and the main event will be "an e-mail and client-side denial of service extravaganza."

The Electrohippies have discovered that they can act collectively – even though the members of the group have never met one another off-line – and they're hoping this is only the beginning. After the actions, they've promised to release their newly designed "virtual sit-in tools" to the public to popularize the tactic. As one of their Web pages puts it, "In cyberspace everyone can hear you scream – if you want them to."

It's a new breed of activism – entirely online, but nevertheless confrontational. Some question whether it's really a desirable form of protest, but the Electrohippies are hoping to defuse such criticism by popularizing not just their tools but a code of ethics. Not only did they publicize their intentions before their attacks but they also issued a lengthy paper on the philosophy behind them. "These types of actions are directly analogous to the types of demonstrations that take place across the world," stated "Occasional Paper No. 1."

The Electrohippies argue that the large numbers needed to have an impact mean a "democratic guarantee" is inherent in the technique. "One or two people do not make a valid demonstration," their Web site argues. "100,000 people do.... If there are not enough people supporting the action then it doesn't work." As they see it, their actions – publicizing not just a protest but the tactics behind it – serve a larger goal, "extending the ordinary legal and moral guarantees of freedom of expression and association to this space."

These hacktivists are seeking nothing less than a world where e-commerce is balanced by e-protest – or at least, where cyberspace isn't immune from public pressure. One approach is, as the Electrohippies put it, "applying the tactics of street campaigning to cyberspace." Henry David Thoreau's famous 152-year-old essay "On the Duty of Civil Disobedience" is displayed prominently on the group's site.

Think locally, act globally

Mobbs notes that much of the practical theory behind hacktivism began with the actions of various U.S. groups, like the Electronic Disturbance Theatre, that were supporting the Zapatista National Liberation Army in 1998. Using tactics hardly more complicated than repeatedly hitting the button on a Web browser to reload a Web page, these groups created a form of activism that was also part poetry. It was often, as one Web site described it, "a symbolic gesture created to increase awareness about the low intensity war in Chiapas, Mexico."

And it was surprisingly simple. The Electronic Disturbance Theatre was created by four activists who declared themselves to be an Internet performance art-activism group. Brett Stalbaum, who in December received an MFA in computers in fine art from San Jose State University, got together with Carmin Karasic, a Boston graphic designer, and activists Ricardo Dominguez and Stefan Wray in New York. Together they created a program that would repeatedly access the Web page for Mexican president Ernesto Zedillo and request nonexistent files containing phrases like "human rights," causing error messages such as "human_rights not found on this server." The project, which they dubbed FloodNet, also left ghosts in the machine: the names of people killed by government troops were left in the page's access log, making it appear that the dead were visiting Zedillo's Web site. "In an artistic sense this is a way of remembering and honoring those who gave their lives in defense of their freedom," Dominguez wrote in an online remembrance.

But was the action effective? Yes, Domingo argued. He measured its success not by technical effects on the Web site but by the attention it brought to the Zapatistas. The EDT Web site points out that the group's tool "emerged from and serves a community which genuinely requires the development of such attention weapons as a matter of survival." Other online documents describe their actions as a show of presence that continues to send the Mexican government a message: "We are numerous, alert, and watching carefully."

The technique is becoming more common. In mid March a similar attack temporarily disabled the Web site for the Federal Bureau of Investigation. Like the Electrohippies, Karasic argues that it was the number of people showing support that gave the FloodNet pro-Zapatista action its validity. "It was only actualized through thousands and thousands of participants," she remembers. "It was meaningless without the masses."

Popular support transforms an act of vandalism into a show of political solidarity, Karasic argues. This draws the line between hacktivist groups like the Electronic Disturbance Theatre and the "single hacker/hacktivist who takes down a server with a single script." Since the aim is to foster legitimacy, the EDT "always identified ourselves and our targeted Web site before the action. We explained what we were doing, when, for how long, and exactly why we were doing it."

The longest march

Not everyone agrees. Elsewhere on the Internet, the Hacktivism mailing list – an e-mail discussion list started last summer – has carried debate about whether such attacks are nothing more than glorified censorship, with activists simply hampering the opposing side's right to speak. "It depends on the target," one message countered during the list's first weeks last summer. "In many cases there is not a level playing field, especially when the opponent is a large corporation or government."

The FloodNet project was fortunate enough to secure a grant from RTMark, an online collective distributing funds globally for anticorporate activities. Though its Web site is registered to a San Francisco mailing address, "we're not based there," a spokesperson for the group says. "We have members all over the country. There are about half a dozen, and we're all professionals: lawyer, accountant, graphic artist, et cetera." After the FloodNet technique was firmly established, "there were nine actions between April and December 1998," Karasic says – culminating with a mass action on the Web site for the Mexican Stock Exchange. In early 1999 the group released the FloodNet program to sow more online activism.

But is hacktivism truly widespread? "It happens all the time," says Cap'n Crunch, a Bay Area resident whose own hacking activities date back to near-legendary explorations of the nation's phone lines during the early '70s. The phone company's network had been so poorly secured that individuals – including Apple cofounder Steve Wozniak – discovered they could travel the lines simply by punching in the correct series of digital tones. In the pre-Internet days, they would gather on party lines to trade tips about the phone system.

Today, Cap'n Crunch says, similar activities may have different motives. "In many other countries, hackers are always hacking up Web sites to further some political cause." Others are arguing that this evolution may have been inevitable. "For us the idea of hackers as activists seemed obvious," an RTMark spokesperson says. "Too many were becoming experts in defending corporate privacy rights rather than using their skills to fight those rights and others."

By the fall of 1998 Wired News reported that a group called X-Pilot had even rewritten text on the Mexican government's Web site. Such incidents offer evidence that groups and individuals can move beyond overloading the machines that host Web pages. Attacks can be more technical – more hack than activism – raising issues of just how far an online protest should go.

Invisible pioneers

According to an editor at the Hacker News Network, the word hacktivism was first used by a hacker named Tweety Fish at a hacker convention several years ago. When reached for comment last month, Tweety Fish said he was not impressed by simplistic page-overloading tactics like FloodNet's. "A much better example of hacktivism, I think, is when Bronc Buster removed the filtering from some of the fire walls separating China from the rest of the Internet, allowing, for a brief time, unfiltered Internet browsing from within China." The Chinese government's attempts to control its populace and the flow of information had made it a target.

Just months earlier, a Chinese dissident living in Toronto and calling himself Blondie Wong claimed to have a network in place in China – including government and technical employees – ready to harry both the Chinese government and the corporations supporting it. Wong left open the possibility of "cracking" the government's equipment, acknowledging that publicity would always be the hacktivists' first recourse.

Speaking to a hacker collective called Cult of the Dead Cow in 1998, Wong claimed to have independently acting sympathizers in the United States, Canada, and Europe and defended attacks on the Web sites of corporations doing business with China. "Human rights is an international issue, so I don't have a problem with businesses that profit from our suffering paying part of the bill." If nothing else, Wong concluded, young idealistic people would become involved in the struggle of his group, the Hong Kong Blondes. Oxblood Ruffin, Wong's interviewer and the group's "foreign minister," seemed to agree it was a significant step. "It won't change the world," Ruffin conceded, "but it will raise the issue in a different way, and that is important."

Some credit Ruffin for coining the word hacktivism. For security reasons, he hasn't maintained contact with the Hong Kong Blondes, but Ruffin says they now number more than 100 members, and many are in positions within China's communist party.

Ruffin closes his e-mail with a slogan for the Cult of the Dead Cow: "We put the hack into hacktivism." But these groups aren't the only ones taking a direct approach. Hacker Web sites like 2600.com and AntiOnline preserve screen shots of dozens of Web sites that have been compromised and rewritten. Attackers sometimes leave only vain blustering with a pastiche of names as a kind of online graffiti. RE:no, a designer of electronic disturbance tools, warns of the dangers produced by hacktivists "intoxicated by their little technological power."

But in other instances, there's far more to hacktivists' messages than mere graffiti. Earlier in 1998 a hacker broke into the system of the Bhabha Atomic Research Centre in Bombay, India, converting its Web page into a protest of India's nuclear weapons tests and stealing its e-mail. The Electronic Disturbance Theatre issued a statement of support for the hacker's actions, and despite the hands-on approach, Blondie Wong also applauded it for its effectiveness. "I view the BARC intrusion as something positive," he told Oxblood Ruffin, "because it will draw attention to the situation and cause more discussion about a serious issue."

The Yahoo! legacy

Last month on the hacktivism mailing list, Bronc Buster argued that taking positive actions and distributing information is superior to overloading Web page servers, a tactic that may also affect "innocent" Web sites sharing the same equipment. "Denial of service attacks are more like the carpet bombing used in Vietnam. Sure you may hit the target, but then again, you hit everyone else around it, regardless if they are innocent or not." The Electrohippies' Mobbs seems to agree, cautioning that groups overloading e-commerce sites shouldn't be overly malicious. "If you want to be effective, it's more justifiable to disrupt a server for one day and make your point rather than drag the action on for a few days and cause more generalized disruption."

Hanging over this discussion was February's wave of massive attacks on high-profile Web sites like Yahoo!, CNN, eTrade, ZDNet, and Datek. Nearly two months later the perpetrators remained unidentified, their motives unknown. Worries about future attacks have already prompted calls for greater security, and the Electrohippies' site raises concerns that there will be a backlash against cyberactivism, with acts of protest classified as acts of terrorism.

"The problem with the knee-jerk response of politicians and e-commerce gurus is that we run the risk of losing legitimate electronic action as governments use the excuse of 'hackers' to criminalize certain activities." In essence, hacktivists are seeking the right to peaceably assemble – on a private company's Web server. But the Electrohippies' site goes further, defending the unidentified perpetrators of the denial-of-service attacks and speculating that the attacks "are not a matter of pleasure-seeking by bored computer nerds. They represent a fundamental disagreement about the purposes of the Internet, and the increasing emphasis on the use of the Net as a vehicle for profitable trade rather than of knowledge and discussion."

Ultimately, the argument goes, an online community is still a community. And with that, some have argued, spiritual implications follow. Citing a Jesuit priest, Electronic Frontier Foundation cofounder and Grateful Dead lyricist John Perry Barlow once told the New Republic that "it seems clear we are about some Great Work here – the physical wiring of collective human consciousness." According to Barlow, that may even bring a set of thorny moral issues. "The idea of connecting every mind to every other mind in full-duplex broadband is one which, for a hippie mystic like me, has clear theological implications."

The Electrohippies' main Web page seems to take that to its militant extreme, citing the parable of Jesus driving the moneylenders from the temple, and asking whether he would also be labeled a terrorist. It's a broad comparison, but the site argues that attacks on the major sites originated from the same depth of feeling among the responsible technology users: "Those involved probably have a reverential view of the Net." And at least some of their underlying sentiments about the attacks are echoed by Evangelo Prodromou, a San Francisco computer programmer and sometime hacktivist who uses the online handle Mr. Bad. "These things weren't done by people who hate computers, they were done by people who love computers," he says. "But loving computers and the Internet doesn't mean you have to love the exploitative e-commerce sites unconditionally."

Prodromou is a Silicon Valley technology worker who picked up hacktivism as a natural outgrowth of high-tech culture. It's a Bay Area tradition that goes back more than three decades. "In the '60s, we were [misdirecting] the police," remembers one of the earliest activists, "intercepting their radios and jamming their frequencies. We started to send the police off on wild goose chases." Cap'n Crunch remembers that in the '70s, when Tom Campbell insulted a phone-system hacker during his radio show, "They flooded the station's phone lines so he couldn't take any more calls."

As technology becomes more familiar, users become more comfortable and adept at adapting it for their own agendas. This year, when the Motion Picture Association of America started searching for copies of an illegal program that allowed playing of DVD movies without authorized players, Prodromou had no qualms about creating a dummy program with the same name for the Net-culture site Pigdog.org. He then encouraged others to duplicate his decoy to make the organization's search for the software more difficult.

A new approach?

Maybe new technology is just amplifying the political impulses that people have always had. "The Acteal massacre in December 1997 moved me to tears," Karasic remembers, and her work with the Electronic Disturbance Theatre was the ultimate result. But her preparations for the demonstrations also harnessed the Net in another way. While the guerrilla army was using the Internet to deliver news of its struggle to an online audience, Karasic's own contingent was using the Net to develop forms of support. "Our collaboration was 100 percent Internet linked," Karasic remembers. "All e-mail exchanges." To this day, Karasic notes, "I think I'm still the only Electronic Disturbance Theatre member who has met all of us face-to-face."

Though hard to measure, it's possible that cybercauses may reach those with the same passions more quickly, allowing political sentiments to be better focused. Online networking has been cited as a factor in the large turnout for the WTO protests in Seattle. And though it's hard to quantify, the concept of hacktivism itself may be spreading, possibly even evolving.

On the hacktivism mailing list, Buster announced he was working with human rights groups and hackers groups on a suite of applications to be released at the hacker convention DefCon this summer. "It will show that hacktivism is a real way to use the Net to blend activism and technology in a positive way, while helping people at the same time," he argued. And elsewhere, RE:no says he's developed the Mail-O-Matic for use in online actions. He describes it as "a mail washer, to send extracts from books explaining our state of mind."

Almost by definition, any pursuit of hacktivism will require a constantly updated set of tools. The Electronic Disturbance Theatre's site notes that the Department of Defense wrote a counterprogram to try to thwart one of the group's actions. "We must be inventive with each problem which we encounter," RE:no says. But even when those tools lie dormant, their potential is felt. RE:no believes activists should keep them in reserve – "as an armed peace tool" – the way the Zapatistas remain armed "as a symbolic gesture of voice."

And the hacktivism continues. After funding FloodNet, RTMark moved on to other forms of online activism, creating a doppelgänger to the official Web site for the General Agreement on Trade and Tariffs and championing European art group eToy in its fight with toy retailer eToys. Pigdog.org called on network administrators to block Doubleclick ads from reaching their users. Last summer on the Hacktivism list, Dominguez even announced new online actions that took place in August of 1999 to commemorate the birthday of Emiliano Zapata.

Whether hacktivists can stay in the code race, escalating tactics in response to countermeasures, remains to be seen. But their actions have at least raised that possibility – along with thorny issues that accompany it. While it may be unclear whether online masses can make a lasting impact on social policy, there are individuals who believe it's possible and are working to find a way to make it happen. That is, in itself, a kind of first step. As Thoreau once said, "In the long run men hit only what they aim at."

IILLUSTRATION: NOEL DANSECO

On the Web More information on:
FloodNet: http://www.thing.net/~rdom/ecd/ZapTact.html
Hacktivism e-mail list: http://hacktivism.tao.ca./
RTMark: http://www.rtmark.com./
Wired News coverage of hacks to the Mexican government Web site: http://www.wired.com/news/politics/0,1283,15129,00.html
http://www.2600.com/hacked_pages/
AntiOnline: http://www.AntiOnline.com/archives/pages
Re:No's designs:http://this.is/etoytech/