Activism, Hacktivism, and Cyberterrorism:

The Internet as a Tool for Influencing Foreign Policy

Dorothy E. Denning

Georgetown University

Sponsored by the Nautilus Institute.

The conflict over Kosovo has been characterized as the first war on the Internet. Government and non-government actors alike used the Net to disseminate information, spread propaganda, demonize opponents, and solicit support for their positions. Hackers used it to voice their objections to both Yugoslav and NATO aggression by disrupting service on government computers and taking over their Web sites. Individuals used it to tell their stories of fear and horror inside the conflict zone, while activists exploited it to amplify their voices and reach a wide, international audience. And people everywhere used it to discuss the issues and share text, images, and video clips that were not available through other media. In April, the Los Angeles Times wrote that the Kosovo conflict was “turning cyberspace into an ethereal war zone where the battle for the hearts and minds is being waged through the use of electronic images, online discussion group postings, and hacking attacks.”1 Anthony Pratkanis, professor of psychology at the University of California, Santa Cruz, and author of Age of Propaganda: The Everyday Use and Abuse of Persuasion, observed, “What you’re seeing now is just the first round of what will become an important, highly sophisticated tool in the age-old tradition of wartime propaganda…. The war strategists should be worried about it, if they aren’t yet.”

Just how much impact did the Internet have on foreign policy decisions relating the war? It clearly had a part in the political discoursetaking place, and it was exploited by activists seeking to alter foreign policy decisions. It also impacted military decisions. While NATO targeted Serb media outlets carrying Milosovic’s propaganda, it intentionally did not bomb Internet service providers or shut down the satellite links bringing the Internet to Yugoslavia. Policy instead was to keep the Internet open. James P. Rubin, spokesman for the U.S. State Department, said “Full and open access to the Internet can only help the Serbian people know the ugly truth about the atrocities and crimes against humanity being perpetrated in Kosovo by the Milosevic regime.”2 Indirectly, the Internet may have also affected public support for the war, which in turn might have affected policy decisions made during the course of the conflict.

The purpose of this paper is to explore how the Internet is altering the landscape of political discourse and advocacy, with particular emphasis on how it is used by those wishing to influence foreign policy. Emphasis is on actions taken by nonstate actors, including both individuals and organizations, but state actions are discussed where they reflect foreign policy decisions triggered by the Internet. The primary sources used in the analysis are news reports of incidents and events. These are augmented with interviews and survey data where available. A more scientific study would be useful.

The paper is organized around three broad classes of activity: activism, hacktivism, and cyberterrorism. The first category, activism, refers to normal, non-disruptive use of the Internet in support of an agenda or cause. Operations in this area includes browsing the Web for information, constructing Web sites and posting materials on them, transmitting electronic publications and letters through e-mail, and using the Net to discuss issues, form coalitions, and plan and coordinate activities. The second category, hacktivism, refers to the marriage of hacking and activism. It covers operations that use hacking techniques against a target=s Internet site with the intent of disrupting normal operations but not causing serious damage. Examples are Web sit-ins and virtual blockades, automated e-mail bombs, Web hacks, computer break-ins, and computer viruses and worms. The final category, cyberterrorism, refers to the convergence of cyberspace and terrorism. It covers politically motivated hacking operations intended to cause grave harm such as loss of life or severe economic damage. An example would be penetrating an air traffic control system and causing two planes to collide. There is a general progression toward greater damage and disruption from the first to the third category, although that does not imply an increase of political effectiveness. An electronic petition with a million signatures may influence policy more than an attack that disrupts emergency 911 services.

Although the three categories of activity are treated separately, the boundaries between them are somewhat fuzzy. For example, an e-mail bomb may be considered hacktivism by some and cyberterrorism by others. Also, any given actor may conduct operations across the spectrum. For example, a terrorist might launch viruses as part of a larger campaign of cyberterrorism, all the while using the Internet to collect information about targets, coordinate action with fellow conspirators, and publish propaganda on Web sites. Thus, while the paper distinguishes activists, hacktivists, and terrorists, an individual can play all three roles.

The following sections discuss and give examples of activity in each of these three areas. The examples are drawn from the Kosovo conflict, cryptography policy, human rights in China, support for the Mexican Zapatistas, and other areas of conflict. The examples are by no means exhaustive of all activity in any of these areas, but intended only to be illustrative. Nevertheless, they represent a wide range of players, targets, and geographical regions.

The main conclusion of the paper is that the Internet can be an effective tool for activism, especially when it is combined with other communications media, including broadcast and print media and face-to-face meetings with policy makers. It can benefit individuals and small groups with few resources as well as organizations and coalitions that are large or well-funded. It facilitates activities such as educating the public and media, raising money, forming coalitions across geographical boundaries, distributing petitions and action alerts, and planning and coordinating events on a regional or international level. It allows activists in politically repressive states to evade government censors and monitors.

With respect to hacktivism and cyberterrorism, those who engage in such activity are less likely to accomplish their foreign policy objectives than those who do not employ disruptive and destructive techniques. They may feel a sense of empowerment, because they can control government computers and get media attention, but that does not mean they will succeed in changing policy. The main effect is likely to be a strengthening of cyberdefense policies, both nationally and internationally, rather than accommodation to the demands of the actors.


The Internet offers a powerful tool for communicating and coordinating action. It is inexpensive to use and increasingly pervasive, with an estimated 201 million on-line as of September 1999.3 Groups of any size, from two to millions, can reach each other and use the Net to promote an agenda. Their members and followers can come from any geographical region on the Net, and they can attempt to influence foreign policy anywhere in the world. This section describes five modes of using the Internet: collection, publication, dialogue, coordination of action, and direct lobbying of decision makers. While treated separately, the modes are frequently used together and many of the examples described here illustrate multiple modes.


One way of viewing the Internet is as a vast digital library. The World Wide Web alone offers about a billion pages of information, and much of the information is free. Activists may be able to locate legislative documents, official policy statements, analyses and discussions about issues, and other items related to their mission. They may be able to find names and contact information for key decision makers inside the government or governments they ultimately hope to influence. They may be able to identify other groups and individuals with similar interests, and gather contact information for potential supporters and collaborators. There are numerous tools that help with collection, including search engines, e-mail distribution lists, and chat and discussion groups. Many Web sites offer their own search tools for extracting information from databases on their sites.

One advantage of the Internet over other media is that it tends to break down barriers erected by government censors. For example, after Jordanian officials removed an article from 40 print copies of the Economist on sale in Jordan, a subscriber found a copy on-line, made photocopies, and faxed it to 1,000 Jordanians. According to Daoud Kuttab, head of the Arabic Media Internal Network (AMIA), the government would have been better off leaving the print version intact. “We found this very exciting,” he said. “For the first time the traditional censorship that exists within national borders was bypassed.” Kuttab said AMIA opened Jordanian journalists to the non-Arab world and use of the Web as a research tool. “In the Jordanian media, we have been able to detect a much more open outlook to the world as well as to Arab issues,” he said.4

The Internet itself is not free of government censorship. According to Reporters Sans Frontiers, 45 countries restrict their citizens’ access to the Internet, typically by forcing them to subscribe to a state-run Internet service provider, which may filter out objectionable sites.5 Authoritarian regimes recognize the benefits of the Internet to economic growth, but at the same time feel threatened by the unprecedented degree of freedom of speech.

Chinese authorities block access to Web sites that are considered subversive to government objectives. This has been only partially effective, however, and Chinese activists have found ways of slipping information past the controls. For example, the editors of VIP Reference, a Washington-based electronic magazine with articles and essays about democratic and economic evolution inside China, e-mails their electronic newsletter directly to addresses inside mainland China. The e-mail is sent from a different address every day to get past e-mail blocks. It is also delivered to random addresses, compiled from commercial and public lists, so that recipients can deny having deliberately subscribed. As of January, about 250,000 people received the pro-democracy publication, including people inside the government who did not want it. Chinese officials were not, however, complacent. When 30-year-old Shanghai software entrepreneur Lin Hai sold 30,000 e-mail addresses to VIP Reference, he was arrested and later sentenced to two years in prison. In addition, authorities fined him 10,000 yuan (HK$9,300) and confiscated his computer equipment and telephone. Lin was said to be the first person convicted in China for subversive use of the Internet. He claimed he was only trying to drum up business and was not politically active.6

During the Kosovo conflict, people in Yugoslavia had full access to the Internet, including Western news sites. The Washington Post reported that according to U.S. and British officials, the government controlled all four Internet access providers in Yugoslavia and kept them open for the purpose of spreading disinformation and propaganda. The Post also said that Belgrade, with a population of 1.5 million, had about 100,000 Internet connections in mid-April.7 Individuals without their own connections could get access at Internet cafes.

Even though Serbs had access to Western news reports, both through the Internet and through satellite and cable television, many did not believe what they saw and heard from Western media. They considered coverage on Western television stations such as CNN and Sky News to be as biased as that on the Yugoslav state-run station, citing instances when Western reports of Serbian atrocities turned out to be wrong. Alex Todorovic, a Serbian-American who spent time in Belgrade during the conflict observed, “By and large, Serbs mistrust the rest of the world=s media. CNN, for example, is considered the official voice of Washington.”8 Some Yugoslav surfers did not even bother looking at Western news sites on the Internet. When asked if she visited Web sites of Western news stations, one 22-year-old student replied, “No, I don=t believe in their information, so why should I upset myself?”9 Thus, it is not clear that the decision on the part of either Milosovic or NATO to keep the Internet open in Yugoslavia undermined Milosovic=s objectives. Further, given that people living in Yugoslavia personally witnessed and felt the effects of the NATO bombing and either disbelieved reports or heard little about Serb atrocities against the ethnic Albanians in Kosovo, it is not surprising that an anti-NATO discourse ran throughout Belgrade. As one pharmacist observed, “I have two children. The people who are bombing my kids are my only enemy right now.”10

In addition to information relating to a particular policy issue, the Web offers cyberactivists various information that can help them use the Net effectively. For example, NetAction offers a training guide for the virtual activist. The guide provides information on the use of e-mail for outreach, organizing, and advocacy; Web-based outreach and advocacy tools; membership and fundraising; netiquette and policy issues; and various resources.11


The Internet offers several channels whereby advocacy groups and individuals can publish information (and disinformation) to further policy objectives. They can send it through e-mail and post it to newsgroups. They can create their own electronic publications or contribute articles and essays to those of others. They can put up Web pages with documents, images, audio and video clips, and other types of information. The Web sites can serve as a gathering place and source of information for supporters, potential supporters, and onlookers.

One reason the Internet is popular among activists is its cost advantage over traditional mass media. It is easier and cheaper to post a message to a public forum or put up a Web site than it is to operate a radio or television station or print a newspaper. Practically anyone can afford to be a publisher. In addition, the reach of the Internet is global. A message can potentially reach millions of people at no additional cost to the originator. Further, activists can control their presentation to the world. They decide what is said and how. They do not have to rely on the mass media to take notice and tell their story “right.”

During the Kosovo conflict, organizations and individuals throughout the world used their Web sites to publish information related to the conflict and, in some cases, to solicit support. Non-government organizations with Kosovo-related Web pages included the press, human rights groups, humanitarian relief organizations, churches, and women=s groups.

Government Web sites on Kosovo tended to feature propaganda and materials that supported their official policies. An exception was the U.S. Information Agency Web site, which presented a survey of news stories from around the world, some of which were critical of NATO actions.12 Jonathan Spalter, USIA Chief Information Officer, commented that “The measure of our success is the extent to which we are perceived not as propaganda but anti-propaganda.”13

The British government’s Foreign Office used their Web site, in part, to counter Serb propaganda. Concerned that the Yugoslav public was getting a highly distorted view of the war, Foreign Secretary Robin Cook posted a message on their Web site intended for the Serbs. The message said that Britain has nothing against the Serbs, but was forced to act by the scale of Yugoslav President Slobodan Milosevic’s brutality.14 British Defense Secretary George Robertson said the Ministry of Defence (MoD) had translated its Web site into Serbian to counter censorship by Belgrade of the news.15

The Yugoslav media was controlled by the Serbian government and served to promote Milosevic’s policies. Yugoslavia had an independent, pro-democracy radio station, B92, but it was raided by the police in the early days of the Kosovo conflict and turned over to a government-appointed station manager.16 B92 had had a run-in with the government earlier in late 1996 when government jammers tried to keep it from airing news broadcasts. At that time, however, B92 prevailed, in part by encoding their news bulletins in RealAudio format and posting them on a Web site in Amsterdam. Radio Free Europe acquired tapes of the news programs and rebroadcasted them back to the Serbs, circumventing the jammers, who then gave up.17 But when the government took over B92’s facility in 1999, B92’s then-managers ceded to the government and also discontinued posting materials on their Web site, which had offered viewers a reliable source of information about the conflict. This was considered a great loss to Yugoslavia’s pro-democracy movement and general public, which had rallied behind Belgrade’s top-rated news station.

A few individuals inside Yugoslavia posted to the Internet first-hand accounts of events as they were being witnessed or shortly thereafter. Their stories told of fear and devastation, the latter caused not only by the Serb military, but also by NATO bombs. By all accounts, the situation inside Yugoslavia was horrible for citizens everywhere, whether Serbian or ethnic Albanian. The stories may have inspired activists and influenced public opinion, but it is not clear what if any impact they had on government decision making.

New-media artists used to the Web to voice their opinions on the Balkans conflict. In late March, artist and high-school teacher Reiner Strasser put up a site called Weak Blood, which featured works of visual poetry, kinetic imagery, and interactive art, all making an anti-violence statement. Strasser vowed to add one or two pieces a day “as long as bombs are falling and humans are massacred” in the region.18

Some Serbs with Internet access sent e-mails to American news organizations calling for an end to the NATO bombing. Many of the messages contained heated rhetoric that was anti-NATO and anti-U.S. One letter directed to the Associated Press ended, “To be a Serb now is to be helpless … to listen to the euphemistic and hypocritic phrases as ‘peace-making mission,’ moral imperative.” Other messages contained human stories about how their lives were affected. Tom Reid, London correspondent to the Washington Post, said he received 30-50 messages a day from professors at universities and activists all over Yugoslavia. The general tenor of the messages was all the same, “‘Please remember there are human beings under your bombs,'” he said.19 The Serbs used e-mail distribution lists to reach tens of thousands of users, mostly in the United States, with messages attacking the NATO bombing campaign. One message read AIn the last nine days, NATO barbarians have bombed our schools, hospitals, bridges, killed our people but that was not enough for them now they have started to destroy our culture monuments which represents the core of existence of our nation.@ Most recipients were annoyed by this unwanted “spam,” which the Wall Street Journal dubbed AYugospam.@20

Dennis Longley, a professor in the Information Security Research Centre at Australia’s Queensland University of Technology, said they received a suspicious e-mail from Serbia. The message had two paragraphs. The first was the usual friendly greetings, while the second was a rant about NATO that read like pure propaganda, characterizing NATO as a “terrorist organization” that “brought nothing but a gigantic humanitarian disaster to Kosovo,” while attributing the cause of the problem to “albanian terrorist and separatist actions, not the repression by the government security forces.” The second paragraph exhibited a style unlike the first and a standard of English well below that of the sender, leading them to speculate that Serb authorities had modified the e-mail.21 If that is so, one is left wondering how much other anti-NATO talk hitting the Net was the work of the government.

Of course, not all of the messages coming out of the Balkans were anti-NATO. Shortly after the Kosovo conflict began, I found myself on a list called “kcc-news,” operated by the Kosova [sic] Crisis Center from the Internet domain “” The messages included Human Rights Flashes from Human Rights Watch, Action Alerts from the Kosova Task Force,22 and other appeals for support in the war against the Serbs. One message contained a flier calling for “sustained air strikes until total Serb withdrawal” and “ground troops to STOP GENOCIDE now.” The flier included links to Web pages that documented Serb atrocities and aggression.

Even though the Yugoslav government did not prohibit Internet activity, fear of government reprisals led some to post their messages through anonymous remailers so they could not be identified. This allowed for a freer discourse on Internet discussion groups and contributed to the spread of information about the situation inside Belgrade and Kosovo. Microsoft Corp. initiated a section called “Secret Dispatches from Belgrade” on the Web site of their online magazine Slate. An anonymous correspondent gives daily reports of both alleged Serb atrocities and civilian suffering inflicted by NATO bombs.23

After human rights organizations expressed concern that the Yugoslav government might be monitoring Internet activity and cracking down on anyone expressing dissenting views, Anonymizer Inc., a provider of anonymous Web browsing and e-mail services, launched the Kosovo Privacy Project Web site. The site, which went on-line in April, offered surfers anonymous e-mail and instant, anonymous access to Voice of America, Radio Free Europe, and about 20 other Web sites. According to Federal Computer Week, Anonymizer planned to add NATO and other Western government information sites to the Kosovo list, and to launch similar projects for human rights situations in other parts of the world, for example, China.24 However, the effectiveness of the Kosovo project was never established. In August, USA Today reported that activists said the project was little noticed inside Kosovo, where traditional media seemed unaware while the fighting knocked out Internet trunk lines in short order.25

The Internet has raised numerous policy issues in such areas as privacy, encryption, censorship, electronic commerce, international trade, intellectual property protection, taxation, Internet governance, cybercrime, and information warfare, all of which have a foreign policy dimension. As the issues surfaced and took on some urgency, existing industry and public-interest groups began to address them. In addition, both national and international advocacy groups sprung up specifically devoted to Internet issues. They all operate Web sites, where they publish policy papers and information about issues, events, and membership. Many also send out e-mail newsletters and alerts.

In the area of encryption policy, for example, the major players include Americans for Computer Privacy (ACP), the Center for Democracy and Technology (CDT), Cyber-Rights & Cyber Liberties, the Electronic Frontier Foundation (EFF), the Electronic Privacy Information Center (EPIC), the Global Internet Liberty Campaign (GILC), and the Internet Privacy Coalition. The ACP has perhaps the largest group of constituents, being composed of 40 trade associations, over 100 companies, and more than 3,000 individual members.26 GILC is one of the most global, with member organizations from Europe, North America, Australia, and Asia.

In July 1999, nine leading U.S.-based Internet companies joined forces to become the voice of the Internet on issues such as privacy, consumer protection, and international trade. The industry group, called, includes America Online,, eBay, Lycos, Yahoo!, DoubleClick, Excite@Home, Inktomi, and The companies represent 7 of the top 10 Internet sites and more than 90% of the world=s Internet users visit one of the sites at least once a month. The group plans to focus on 150 Internet-related bills that were introduced in Congress.27

The Internet is used extensively as a publication medium by hackers (including hacktivists) and terrorists. Hackers publish electronic magazines and put up Web sites with software tools and information about hacking, including details about vulnerabilities in popular systems (e.g., Microsoft Windows) and how they can be exploited, programs for cracking passwords, software packages for writing computer viruses, and scripts for disabling or breaking into computer networks and Web sites. In March 1997, an article in the New York Times reported that there were an estimated 1,900 Web sites purveying hacking tips and tools, and 30 hacker publications.28

Terrorist groups use the Internet to spread propaganda. Back in February 1998, Hizbullah was operating three Web sites: one for the central press office (, another to describe its attacks on Israeli targets (, and the third for news and information ( That month, Clark Staten, executive director of the Emergency Response & Research Institute (ERRI) in Chicago, testified before a U.S. Senate subcommittee that “even small terrorist groups are now using the Internet to broadcast their message and misdirect/misinform the general population in multiple nations simultaneously.” He gave the subcommittee copies of both domestic and international messages containing anti-American and anti-Israeli propaganda and threats, including a widely distributed extremist call for Ajihad@ (holy war) against America and Great Britain.30 In June 1998, U.S. News & World Report noted that 12 of the 30 groups on the U.S. State Department=s list of terrorist organizations are on the Web. As of August 1999, it appears that virtually every terrorist group is on the Web, along with a mishmash of freedom fighters, crusaders, propagandists, and mercenaries.31 Forcing them off the Web is impossible, because they can set up their sites in countries with free-speech laws. The government of Sri Lanka, for example, banned the separatist Liberation Tigers of Tamil Eelam, but they have not even attempted to take down their London-based Web site.32


The Internet offers several venues for dialogue and debate on policy issues. These include e-mail, newsgroups, Web forums, and chat. Discussions can be confined to closed groups, for example through e-mail, as well as open to the public. Some media sites offer Web surfers the opportunity to comment on the latest stories and current issues and events. Government officials and domain experts may be brought in to serve as catalysts for discussion, debate issues, or answer questions. Discussion can even take place on Web sites that themselves lack such facilities. Using Gooey software from the Israeli company Hypernix, for example, visitors to a Web site can chat with other Gooey users currently at the site.33

Internet discussion forums are frequently used to debate, blast, and maybe even attempt to influence government policies. Encryption policy, for example, is discussed on the e-mail lists “cypherpunks” and “ukcrypto” and on several newsgroups, including alt.privacy and sci.crypt.

The ukcrypto list created was created in early 1996 by two academics, Ross Anderson (Cambridge) and Paul Leyland (Oxford), and one person then in government, Brian Gladman (NATO SHAPE), who was acting outside his official capacity. Motivated by a concern that a lack of public discussion and debate in the United Kingdom on cryptography issues was allowing the government to set policies that they believed were not in interests of the United Kingdom and its citizens, they formed the list with the objective of impacting cryptography policy. They were concerned both with domestic policy, particularly proposals to restrict the use of cryptography by U.K. citizens, and on foreign policy, particularly export controls. As of May 1999, the list has 300 subscribers, including government officials responsible for U.K.policy and persons in other countries, including the United States. Many of the key contributors held influential positions in other policy making fora. Focus is on U.K. policy issues, but items of international interest are also discussed, including export controls adopted under the Wassenaar Arrangement (31 countries participate); policy changes adopted by France, the United States, and other countries; policy statements from the European Union and other organizations; and some technical issues.34

Gladman believes the list has made four contributions: 1) educating many about the policy issues and encouraging journalists and writers to write about them; 2) bringing individual and industry views closer together and allowing U.K. industry to see more clearly that agreeing with their government may not be a good thing if private citizens do not support government policy; 3) encouraging the more progressive voices in government to speak out and argue from within government that their views represent those of the public; and 4) bringing groups together that were previously campaigning separately. “The most significant contribution of ukcrypto is not direct,” Gladman said. “It is the contribution that it has made in promoting an educated community of commentators and a forum for the review of what government is doing that is fully open.”

On the downside, some postings on ukcrypto may alienate the very government officials the authors hope to influence. According to Gladman, Adiscussions on the list can become slinging matches that quickly put those in government on the defensive and hence inclined to discount what is being said. It would be more effective if we had a way of focusing on the issues and not the personalities.@35 But Andrew Brown gave ukcrypto high marks, crediting it with most of the thought and co-ordination behind the successful campaign to keep strong cryptography legal and widely available. “There, for the past two years, the civil servants responsible for policy have actually been available, more or less, to the people who disagree with them,” he wrote in New Statesman. “They have had to justify their actions, not to the public, but to a small group of geographically dispersed experts … It’s a kind of updated version of Lions v Christians.”36

Nigel Hickson, one of the principal players in the policy debates from the U.K. Department of Trade and Industry, agrees the Internet and ukcrypto in particular have played a role in shaping U.K. cryptography policy.37 But he was also critical of the list: “Whilst ukcyrpto has undoubtedly had an influence on the development of UK encryption policy, it has tended to polarise the debate into extremes. This may be because there tends to be a large silent majority on the list who do not directly contribute because o f commercial or policy reasons.”38 Besides participating in ukcrypto, the DTI has published draft consultation documents on the Web for comment. Many of the comments they receive arrive through electronic mail. DTI has also met with industry groups and participated in non-Internet forums such as conferences and seminars. These have also helped shape policy decisions.

There are Usenet newsgroups and other interactive forums that focus on practically every conceivable topic relating to foreign (and domestic) policy. Whether these are effective or not in terms of influencing policy is another matter. After studying the impact of the Net on the American political system, Richard Davis, a political science professor at Brigham Young University and author of The Web of Politics, observed that “In Usenet political discussions, people talk past one another, when they are not verbally attacking each other. The emphasis is not problem solving, but discussion dominance.”39 Davis also found interactivity on the Internet to be primarily an illusion: “Interest groups, party organizations, and legislators seek to use the Web for information dissemination, but they are rarely interested in allowing their sites to become forums for the opinions of others.”40

Coordination of Action

Advocacy groups can use the Internet to coordinate action among members and with other organizations and individuals. Action plans can be distributed by e-mail or posted on Web sites. Services are cheaper than phone and fax (although these services can also be delivered through the Internet), and faster than physical delivery (assuming Internet services are operating properly, which is not always the case). The Internet lets people all over the world coordinate action without regard to constraints of geography or time. They can form partnerships and coalitions or operate independently.

One Web site was created to help activists worldwide coordinate and locate information about protests and meetings. According to statements on Protest.Net, the Web site serves “to help progressive activists by providing a central place where the times and locations of protests and meetings can be posted.” The site=s creator said he hoped it would “help resolve logistical problems that activists face in organizing events with limited resources and access to mass media.”41 The site features news as well as action alerts and information about events.

The power of the Internet to mobilize activists is illustrated by the arrest of Kurdish rebel leader Abdullah Ocalan. According to Michael Dartnell, a political science professor at Concordia University, when Turkish forces arrested Ocalan, Kurds around the world responded with demonstrations within a matter of hours. He attributed the swift action in part to the Internet and Web. “They responded more quickly than governments did to his arrest,” he said. Dartnell contends the Internet and advanced communication tools were changing the way people around the world play politics. Anti-government groups are establishing alliances and coalitions that might not have existed before the technology was introduced.42

The force of the Internet is further illustrated by the day of protest against business that took place on June 18, 1999. The protests, which were set up to coincide with a meeting of the G8 in Cologne, Germany, was coordinated by a group called J18 from a Web site inviting people to plan individual actions focusing on disrupting “financial centres, banking districts and multinational corporate power bases.” Suggested activity included marches, rallies, and hacking. In London, up to 2,000 anti-capitalists coursed through the city shouting slogans and spray-painting buildings.43 According to the Sunday Times, teams of hackers from Indonesia, Israel, Germany, and Canada attacked the computers of at least 20 companies, including the Stock Exchange and Barclays. More than 10,000 attacks were launched over a 5-hour period.44

During the Kosovo conflict, the Kosova Task Force used the Internet to distribute action plans to Muslims and supporters of Kosovo. A March 31 Action Alert, for example, asked people to organize rallies in solidarity with Kosovo at local federal buildings and city halls on April 3 at 11:00 AM; organize public funeral prayers; make and encourage others to make daily calls or send e-mail to the White House asking for Kosovo independence, sustained air strikes until total Serb withdrawal from Kosovo, and arming of ethnic Albanians in Kosovo; and make and encourage others to make calls to their Representatives and Senators. An April 18 alert asked every community in the U.S. to establish a Kosova Room for action and information. Each room was to be equipped with a bank of phones for making 1,000 calls to the White House and Congress in support of resolution #HCR 9, calling for independence of Kosovo.

The International Campaign to Ban Landmines (ICBL), a loose coalition of over 1,300 groups from more than 75 countries, has made extensive use of the Internet in their efforts to stop the use, production, stockpiling, and transfer of antipersonnel landmines, and to increase international resources for humanitarian mine clearance and victim assistance. According to ICBL=s Liz Bernstein, the Net has been the dominant form of communication since 1996.45 It has been used to coordinate events and committee functions, distribute petitions and action alerts, raise money, and educate the public and media. Although most direct lobbying is done through face-to-face meetings and letters, e-mail has facilitated communications with government policy makers. Bernstein said the Net Ahas helped the nature of the campaign as a loose coalition, each campaign setting their own agenda yet with common information and communication.@46 Ken Rutherford, co-founder of Land Mine Survivors Network, noted that the Internet also helped establish bridges from North America and Europe to Asia and Africa, and helped enable quick adoption of the 1997 landmine treaty.47 It became international law on March 1, 1999 and, as of September 16,1999, has been signed by 135 countries and ratified by 86. In 1997, the Nobel Peach Prize was awarded to the ICBL and its then coordinator, Jody Williams.48

Human rights workers increasingly use the Internet to coordinate their actions against repressive governments. One tool that has become important in their battles is encryption, as it allows activists to protect communications and stored information from government interception. Human rights activists in Guatemala, for example, credited their use of Pretty Good Privacy (PGP) with saving the lives of witnesses to military abuses.49 Encryption is not the ultimate solution, however, as governments can outlaw its use and arrest those who do not comply.

PGP was originally developed by a Colorado engineer and activist, Phil Zimmermann, who wanted to make strong encryption available to the public for privacy protection against government eavesdroppers. Although the software was export-controlled, someone (not Zimmermann) quickly posted it on a foreign Internet site where it could be downloaded by anyone, anywhere, despite export regulations. Since then, other encryption tools have been posted on Internet sites all over the world, and the argument is frequently made that the availability of such tools demonstrates the futility of export controls. This is one factor driving export policy towards increased liberalization, but other factors have also contributed, including the role of encryption in electronic commerce and a concern that export controls harm the competitiveness of industry. That drive is countered, however, by a concern that the widespread availability of encryption will make it harder for law enforcement and intelligence agencies to gather intelligence from communications intercepts.

Indeed, terrorists also use the Internet to communicate and coordinate their activities. Back in 1996, the headquarters of terrorist financier bin Laden in Afghanistan was equipped with computers and communications equipment. Egyptian “Afghan” computer experts were said to have helped devise a communication network that used the Web, e-mail, and electronic bulletin boards.50 Hamas activists have been said to use chat rooms and e-mail to plan operations and coordinate activities, making it difficult for Israeli security officials to trace their messages and decode their contents.51

The U.S. government’s program to establish an Advanced Encryption Standard (AES) illustrates how government can use the Internet to invite and coordinate participation in a decision-making process of international significance. The Department of Commerce National Institute of Standards and Technology (NIST) set up a Web site with information about the AES program and AES conferences, a schedule of events, candidate encryption algorithms (more than half from outside the United States), documentation and test values, and links to public analysis efforts all over the world. The site contains an electronic discussion forum and Federal Register call for comments. Public comments are posted on the site and NIST representatives contribute to the on-line discussions and answer questions.52 Because the AES will offer a foundation for secure electronic commerce and privacy internationally, involving the international community from the beginning will help ensure its success and widespread adoption. Cryptographers from all over in the world have been participating.

NIST’s use of the Internet to aid a decision process seems to be unusual. While most government sites provide an e-mail address for making contact, they do not support discussion forums or even actively solicit comments on specific pending policy decisions. However, to the extent that government agencies invite or welcome e-mail messages and input through electronic discussion groups, the Internet can serve the democratic process. Because it is easier to post or send a message on the Internet than to send a written letter, professionals and others with busy schedules may be more inclined to participate in a public consultation process or attempt to influence policy when policy makers are readily accessible through the Internet.

Lobbying Decision Makers

Whether or not government agencies solicit their input, activists can use the Internet to lobby decision makers. One of the methods suggested by the Kosova Task Force for contacting the White House, for example, was e-mail. Similarly, a Canadian Web site with the headline “Stop the NATO Bombing of Yugoslavia Now!” urged Canadians and others interested in stopping the war to send e-mails and/or faxes to the Canadian Prime Minister, Jean Chretien, and all members of the Canadian Parliament. A sample letter was included. The letter concluded with an appeal to Astop aggression against Yugoslavia and seek a peaceful means to resolve the Kosovo problem.@53

E-mail has been credited with halting a U.S. banking plan aimed to combat money laundering. Under the “Know Your Customer” policy, banks would have been required to monitor customer’s banking patterns and report inconsistencies to federal regulators. Recognizing the value of the Internet to its deliberations, the Federal Deposit Insurance Corporation (FDIC) put up a Web site, published an e-mail address for comments, and printed out and tabulated each message. By the time the proposal was withdrawn, they had received 257,000 comments, 205,000 (80%) of which arrived through e-mail. All but 50 of the letters opposed the plan. FDIC=s chair, Donna Tanoue, said it was the huge volume of e-mail that drove the decision to withdraw the proposal. “It was the nature and the volume [of the comments],” she said. “When consumers can get excited about an esoteric bank regulation, we have to pay attention.”54

Most of the e-mail was driven by an on-line advocacy campaign sponsored by the Libertarian Party. About 171,000 (83%) of the e-mail messages were sent through the party’s Web site. The party advertised its advocacy campaign in talk radio interviews and by sending a notice to its e-mail membership list.55 One could argue that the results were due more to the efforts of a large non-government organization than to a grassroots response from the citizens.

Indeed, many e-mail campaigns have been driven by non-government organizations. The organizations send e-mail alerts on issues to electronic mailing lists, offer sample letters to send members of Congress and other decision making bodies, and, in some cases, set up e-mailboxes or Web sites to gather signatures for petitions. The petition process can be automated, making it possible to gather huge volumes of signatures across a wide geographic area with little effort and cost. One Web site, e-The People, offers hundreds of petitions to choose from and 170,000 e-mail addresses of government officials.56

Computer Professionals for Social Responsibility (CPSR) organized an Internet petition campaign in early 1994 to protest the U.S. government’s proposal to adopt the Clipper encryption chip as a standard.57 The chip offered strong encryption, but would have given law enforcement agencies the capability to decrypt a subject’s messages when conducting a court-ordered wiretap against the subject. Despite numerous safeguards to ensure government agencies could not violate the privacy of users of the chip,58 Clipper was strongly opposed for privacy (and other) reasons, and the general sentiment expressed on Internet newsgroups and e-mail discussion lists was strongly anti-Clipper. CPSR announced their petition through e-mail and set up an e-mail address whereby people could sign on. They collected tens of thousands of signatures, but it is not clear the petition had much impact. The government moved forward with the standard anyway.59

Although Clipper was to be a U.S. standard, it was tied in with the government=s foreign encryption policy. Because of its back door, it was to be generally exportable, unlike other encryption products with comparable cryptographic strength. Also, the Administration urged other governments to adopt a similar approach. However, after extensive lobbying efforts by industry and civil liberties groups, Clipper met its death. The government moved instead toward a more flexible and liberal approach to encryption export controls.

Because of the low cost of operation, individuals can run their own advocacy campaigns. For example, during the heart of the impeachment process against President Clinton, Joan Blades and Wes Boyd, a husband and wife team in Berkeley, founded and put up a Web site inviting citizens to sign a one-sentence petition: “The Congress must immediately censure President Clinton and move on to pressing issues facing the country.” In just four months, the petition gathered a half-million signatures. Another petition that read “In the Year 2000 election, I will work to elect candidates who courageously address key national issues and who reject the politics of division and personal destruction” was sent to every member of the House and Senate. received pledges of $13 million and more than 650,000 volunteer hours for congressional candidates in the 2000 election who supported their position.60 It is difficult to assess the impact of the site on the impeachment process, but it may have amplified public opinion polls, which showed the American public supported Clinton and wanted Congress to turn to other issues.

While activists can attempt to influence policy makers through e-mail, it is not clear most policy makers listen (the FDIC, which asked for comments, was an exception). Richard Davis found that “the Internet has not lived up to its promise as a forum for public expression to elected officials. In fact, while publicly encouraging e-mail, members are becoming increasingly disenchanted with it. If the most idealistic members originally envisioned e-mail as the impetus for intelligent communication with constituents, they have seen e-mail deteriorate into a mass mailing tool for political activists.” Davis concluded that “members may even discount e-mail communication.”61 According to the Wall Street Journal, Senator Charles Schumer’s office gives first priority to old-fashioned letters. Persons sending an e-mail to his account get back an automatic response telling them to submit a letter if they want a personal reply.62

The most successful advocacy groups are likely to be those that use the Internet to augment traditional lobbying methods, including personal visits to decision makers and use of broadcast media to reach the public. These operations can be time consuming and expensive, favoring groups that are well-funded. They also require a network of long-term and trusted relationships with policy makers, sponsors, and voters. This supports Davis’s conclusion that the promise of the Internet as a forum for participatory democracy is unlikely to be realized. Davis found that existing dominant players in American politics — the media, interest groups, candidates, and policy makers — are adapting to the Internet to retain preeminence; and that the Internet is not an adequate tool for public political movement.63


Hacktivism is the convergence of hacking with activism, where “hacking” is used here to refer to operations that exploit computers in ways that are unusual and often illegal, typically with the help of special software (“hacking tools”). Hacktivism includes electronic civil disobedience, which brings methods of civil disobedience to cyberspace. This section explores four types of operations: virtual sit-ins and blockades; automated e-mail bombs; Web hacks and computer break-ins; and computer viruses and worms. Because hacking incidents are often reported in the media, operations in this category can generate considerable publicity for both the activists and their causes.

Virtual Sit-Ins and Blockades

A virtual sit-in or blockade is the cyberspace rendition of a physical sit-in or blockade. The goal in both cases is to call attention to the protestors and their cause by disrupting normal operations and blocking access to facilities.

With a sit-in, activists visit a Web site and attempt to generate so much traffic against the site that other users cannot reach it. A group calling itself Strano Network conducted one of the first such demonstrations as a protest against French government policies on nuclear and social issues. On December 21, 1995, they launched a one-hour Net-Strike attack against the Web sites operated by various government agencies. At the appointed hour, participants from all over the world were instructed to point their browsers to the government Web sites. According to reports, at least some of the sites were effectively knocked out for the period.64

In 1998, the Electronic Disturbance Theater (EDT) took the concept of electronic civil disobedience a step further. They organized a series of Web sit-ins, first against Mexican President Zedillo=s Web site and later against President Clinton=s White House Web site, the Pentagon, the School of the Americas, the Frankfurt Stock Exchange, and the Mexican Stock Exchange. The purpose was to demonstrate solidarity with the Mexican Zapatistas.65 According to EDT=s Brett Stalbaum, the Pentagon was chosen because Awe believe that the U.S. military trained the soldiers carrying out the human rights abuses.@ For a similar reason, the School of the America=s was selected.66 The Frankfurt Stock Exchange was targeted, Stalbaum said, “because it represented capitalism’s role in globalization utilizing the techniques of genocide and ethinic cleansing, which is at the root of the Chiapas’ problems. The people of Chiapas should play a key role in determining their own fate, instead of having it pushed on them through their forced relocation (at gunpoint), which is currently financed by western capital.”67

To facilitate the strikes, the organizers set up special Web sites with automated software. All participants had to do was visit one of the FloodNet sites. When they did, their browser would download the software (a Java Applet), which would access the target site every few seconds. In addition, the software let protesters leave a personal statement on the targeted server=s error log. For example, if they pointed their browsers to a non-existent file such as “human_rights” on the target server, the server would return and log the message “human_rights not found on this server.” Stalbaum, who wrote the software, characterized FloodNet as “conceptual net art that empowers people through active/artistic expression.”68

EDT estimated that 10,000 people from all over the world participated in the sit-in on September 9 against the sites of President Zedillo, the Pentagon, and the Frankfurt Stock Exchange, delivering 600,000 hits per minute to each. The Pentagon, however, did not sit by idly. It struck back. When their server sensed an attack from the FloodNet servers, they launched a counter-offensive against the users= browsers, redirecting them to a page with an Applet program called “HostileApplet.” Once there, the Applet was downloaded to their browsers, where it endlessly tied up their machines trying to reload a document until the machines were rebooted. President Zedillo=s site did not strike back on this occasion, but at a June sit-in, they used software that caused the protestors= browsers to open window after window until their computers crashed. The Frankfurt Stock Exchange reported that they were aware of the protest, but believed it had not affected their services. They said that they normally got about 6 million hits a day. Overall, EDT considered the attack a success. “Our interest is to help the people of Chiapas to keep receiving the international recognition that they need to keep them alive,” said Stalbaum.69

When asked about the impact of their Web strikes, EDT’s Ricardo Dominguez responded, “Digital Zapatismo is and has been one of the most politically effective uses of the Internet that we know of since January 1, 1994. It has created a distribution network of information with about 100 or more autonomous nodes of support. This has enabled the EZLN (Zapatista National Liberation Army) to speak to the world without having to pass through any dominant media filter. The Zapatistas were chosen by Wired as one of the twenty-five most important people on-line in 1998. … The Zapatista network has, also, held back a massive force of men and the latest Drug War technologies from annihilating the EZLN in a few days.” Regarding FloodNet specifically, he said the main purpose of the Electronic Disturbance Theatre’s Zapatista FloodNet performance “is to bring the situation in Chiapas to foreground as often as possible. The gesture has created enough ripples with the Pentagon and the Mexican government that they have had to respond using both on-line and off-line tactics. Thus, these virtual sit-ins have captured a large amount of traditional media attention. You would not be interviewing us if this gesture had not been effective in getting attention to the issues on a global scale.”70

EDT has used their FloodNet software against the White House Web site to express opposition to U.S. military strikes and economic sanctions against Iraq. In their “Call for FloodNet Action for Peace in the Middle East,” EDT articulated their philosophy. “We do not believe that only nation-states have the legitimate authority to engage in war and aggression. And we see cyberspace as a means for non-state political actors to enter present and future arenas of conflict, and to do so across international borders.”71 Animal right=s activists have also used the FoodNet software to protest the treatment of animals. Over 800 protestors from more than 12 countries joined a January 1999 sit-in against Web sites in Sweden.72 And on June 18, FloodNet was one of the tools used in the anti-capitalist attack coordinated by J18.73

Whether Web sit-ins are legal is not clear. Mark Rasch, former head of the Department of Justice=s computer crime unit, said that such attacks run the risk of violating federal laws, which make it a crime to distribute a program, software code, or command with the intent to cause damage to another’s site. AIt may be an electronic sit-in, but people get arrested at sit-ins,@ he said.74 A related question is the legality of using a denial-of-service counter-offensive. In the case of the Pentagon, their response most likely would be considered lawful, as it is permissible for a nation to take “proportional” actions to defend against an attack that threatens its security.

There are a variety of methods whereby an individual, acting alone, can disrupt or disable Internet servers. These frequently involve using attack software that floods the server with network packets. During the Kosovo conflict, Belgrade hackers were credited with conducting such attacks against NATO servers. They bombarded NATO=s Web server with Aping@ commands, which test whether a server is running and connected to the Internet. The effect of the attacks was to cause line saturation of the targeted servers.75

When large numbers of individuals simultaneously attack a designated site, such as with the ECD Web sit-ins, the operation is sometimes referred to as “swarming.” Swarming can amplify other types of attack, for example, a ping attack or an e-mail bombing (discussed next).

E-Mail Bombs

It is one thing to send one or two messages to government policy makers, even on a daily basis. But it is quite another to bombard them with thousands of messages at once, distributed with the aid of automated tools. The effect can be to completely jam a recipient=s incoming e-mail box, making it impossible for legitimate e-mail to get through. Thus, an e-mail bomb is also a form of virtual blockade. Although e-mail bombs are often used as a means of revenge or harassment, they have also been used to protest government policies.

In what some U.S. intelligence authorities characterized as the first known attack by terrorists against a country’s computer systems, ethnic Tamil guerrillas were said to have swamped Sri Lankan embassies with thousands of electronic mail messages. The messages read “We are the Internet Black Tigers and we=re doing this to disrupt your communications.”76 An offshoot of the Liberation Tigers of Tamil Eelam, which had been fighting for an independent homeland for minority Tamils, was credited with the 1998 incident.77

The e-mail bombing consisted of about 800 e-mails a day for about two weeks. William Church, editor for the Centre for Infrastructural Warfare Studies (CIWARS), observed that “the Liberation Tigers of Tamil are desperate for publicity and they got exactly what they wanted … considering the routinely deadly attacks committed by the Tigers, if this type of activity distracts them from bombing and killing then CIWARS would like to encourage them, in the name of peace, to do more of this type of “terrorist activity.”78 The attack, however, was said to have had the desired effect of generating fear in the embassies.

During the Kosovo conflict, protestors on both sides e-mail bombed government sites. According to PA News, Nato spokesman Jamie Shea said their server had been saturated at the end of March by one individual who was sending them 2,000 messages a day.79 Fox News reported that when California resident Richard Clark heard of attacks against NATO=s Web site by Belgrade hackers, he retaliated by sending an e-mail bomb to the Yugoslav government=s site. Clark said that a few days and 500,000 e-mails into the siege, the site went down. He did not claim full responsibility, but said he “played a part.” That part did not go unrecognized. His Internet service provider, Pacific Bell, cut off his service, saying his actions violated their spamming policy.80

An e-mail bombing was conducted against the San Francisco-based Internet service provider Institute for Global Communications (IGC) in 1997 for hosting the Web pages of the Euskal Herria Journal, a controversial publication edited by a New York group supporting independence of the mountainous Basque provinces of northern Spain and southwestern France. Protestors claimed IGC “supports terrorism” because a section on the Web pages contained materials on the terrorist group Fatherland and Liberty, or ETA, which was responsible for killing over 800 during its nearly 30-year struggle for an independent Basque state. The attack against IGC began after members of the ETA assassinated a popular town councilor in northern Spain.81

The protestor’s objective was censorship. They wanted the site pulled. To get their way, they bombarded IGC with thousands of bogus messages routed through hundreds of different mail relays. As a result, mail was tied up and undeliverable to IGC’s e-mail users, and support lines were tied up with people who couldn’t get their mail. The attackers also spammed IGC staff and member accounts, clogged their Web page with bogus credit card orders, and threatened to employ the same tactics against organizations using IGC services. The only way IGC could stop the attack was by blocking access from all of the relay servers.82

IGC pulled the site on July 18, but not before archiving a copy so that others could put up mirrors. Within days of the shutdown, mirror sites appeared on half a dozen servers on three continents. Chris Ellison, a spokesman for the Internet Freedom Campaign, an English group that was hosting one of the mirrors, said they believe “the Net should prove an opportunity to read about and discuss controversial ideas.” The New York-based journal maintained their objective was to publish “Ainformation often ignored by the international media, and to build communication bridges for a better understanding of the conflict.”83 An article by Yves Eudes in the French newspaper Le Monde said the e-mail bomb attack against the IGC site represented an “unprecedented conflict@ that Ahas opened up a new era of censorship, imposed by direct action from anonymous hackers.”84

About a month after IGC threw the controversial Basque journal Euskal Herria Journal off its servers, Scotland Yard=s Anti-Terrorist Squad shut down Internet Freedom’s U.K. Web site for hosting the journal. According to a press release from Internet Freedom, the squad claimed to be acting against terrorism. Internet Freedom said it would move its news operations to its U.S. site.85

The case involving Euskal Herria Journal illustrates the power of hacktivists on the Internet. Despite IGC’s desire to host the controversial site, they simply could not sustain the attack and remain in business. They could have ignored a few e-mail messages demanding that the site be pulled, but they could not ignore an e-mail bombing. The case also illustrates the power of the Internet as a tool for free speech. Because Internet venues for publication are rich and dispersed throughout the world, it is extremely difficult for governments and hacktivists alike to keep content completely off the Internet. It would require extensive international cooperation and, even then, a site could operate out of a safe haven that did not sign on to international agreements.

Web Hacks and Computer Break-Ins

The media is filled with stories of hackers gaining access to Web sites and replacing some of the content with their own. Frequently, the messages are political, as when a group of Portuguese hackers modified the sites of 40 Indonesian servers in September 1998 to display the slogan “Free East Timor” in large black letters. According to the New York Times, the hackers also added links to Web sites describing Indonesian human rights abuses in the former Portuguese Colony.86 Then in August 1999, Jose Ramos Horta, the Sydney-based Nobel laureate who represents the East Timor independence movement outside Indonesia, warned that a global network of hackers planned to bring Indonesia to a standstill if Jakarta sabotaged the ballot on the future of East Timor. He told the Sydney Morning Herald that more than 100 hackers, mostly teenagers in Europe and the United States, had been preparing the plan.87

In June 1998, a group of international hackers calling themselves Milw0rm hacked the Web site of India’s Bhabha Atomic Research Center (BARC) and put up a spoofed Web page showing a mushroom cloud and the text “If a nuclear war does start, you will be the first to scream …”. The hackers were protesting India=s recent nuclear weapons tests, although they admitted they did it mostly for thrills. They said that they also downloaded several thousand pages of e-mail and research documents, including messages between India’s nuclear scientists and Israeli government officials, and had erased data on two of BARC’s servers. The six hackers, whose ages range from 15 to 18, hailed from the United States, England, the Netherlands, and New Zealand.88

Another way in which hacktivists alter what viewers see when they go to a Web site is by tampering with the Domain Name Service so that the site=s domain name resolves to the IP address of some other site. When users point their browsers to the target site, they are redirected to the alternative site.

In what might have been one of the largest mass home page takeovers, the antinuclear Milw0rm hackers were joined by Ashtray Lumberjacks hackers in an attack that affected more than 300 Web sites in July 1998. According to reports, the hackers broke into the British Internet service provider EasySpace, which hosted the sites. They altered the ISP=s database so that users attempting to access the sites were redirected to a Milw0rm site, where they were greeted with a message protesting the nuclear arms race. The message concluded with “… use your power to keep the world in a state of PEACE and put a stop to this nuclear bullshit.” John Vranesevich, who runs the hacker news site AntiOnline, said, “They’re the equivalent to the World Trade Center bombings; [they] want to get their story told and bring attention to themselves.”89′

Several Web

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.