The majority of cyberattacks we hear about nowadays are carried out by bad actors for the purpose of financial gain. There is however, a small number of hackers who put to use their skills not for financial gain, but to promote a political, social or religious agenda. This is known as hacktivism, from the combination of the word ‘hacking’ and ‘activism’, and it involves the use of computer-based techniques to exercise civil disobedience or disruption, in an effort to bring attention to a political or social issue, and encourage change. The term hacktivism was first coined in the mid-90s by Omega, a member of the hacker group Cult of the Dead Cow (cDc). In 1999, the cDc even created ‘Hacktivismo’, an affiliated group dedicated entirely to creating anti-censorship technology, in order to ensure human rights were respected on the Internet and granted to all users.
The targets of hacktivist groups typically include governmental agencies and multinational corporations who do not align with the groups’ political, social or moral position, and who are perceived as being ‘unjust’ or ‘unethical’. Other common targets can include religious organisations, terrorist groups, pedophiles, and drug dealers. Hacktivists typically launch DDoS or DoS attacks against targets in order to take down their websites by flooding them with fake traffic. Other common techniques used by hacktivists are ‘doxing’ targets by exposing their personal information, and breaching targets’ systems to steal sensitive information to then expose to the public.


When talking about hacktivism, Anonymous is typically at the forefront of the conversation. First emerging in the early 2000s from the message board 4Chan, Anonymous was initially a group of people engaging in harmless pranks, like ordering pizzas to someone’s house. At the beginning, the collective did not focus on political, social or ideological issues; that changed in 2008 when Anonymous started a campaign against the Church of Scientology which became known as Operation Chanology. This campaign was triggered by Scientology’s attempt to censor information about the organisation itself and to silence free speech, to which Anonymous responded by launching a week-long DDoS attack. For the first time, Anonymous brought the operation from the digital world to the physical one, and organised protests outside Scientology centers.
Anonymous is a decentralised community, with no formal membership, no controlling body or hierarchy. The operations and targets to attack are pitched to the group and then chosen by popular consensus. Following Operation Chanology, Anonymous has initiated campaigns against censorship by fighting the Stop Online Piracy Act, in addition to carrying out cyberattacks to stop the spread of ISIS propaganda, and to take down QAnon.


In 2012, Anonymous announced a worldwide day of cyberattacks and protests set to occur on the 5th November under the name Operation Vendetta. This date was not selected randomly, and was instead chosen to coincide with Guy Fawkes Day, the British holiday commemorating the failed plot to blow up the House of Parliament in 1605. While Guy Fawkes was not the mastermind behind the plan, he was in charge of the explosives for the plot, and when the plan failed he was taken into custody and later executed. Following this, Parliament declared 5th November a national holiday, that was first celebrated in 1606. This event was later used as inspiration for the graphic novel and movie adaptation V for Vendetta, where the protagonist fights a dystopian government wearing a Guy Fawkes mask. The mask later became popular for people to wear during protests against politicians, financial institutions and governments. It also became associated with Anonymous’ hacktivism, as it was used by the collective during the protests against the Church of Scientology in 2008. While the mask was initially used solely to protect protesters’ identity, it later became a symbolic status within the collective, representing the cause against corruption, tyranny and censorship.
The 5th November campaign launched by Anonymous reaffirmed the group’s commitment to protest against policies of austerity and corrupt governments. The operation mobilised members all over the world in order to coordinate global action both in the digital and in the physical world. On the day, a number of cyberattacks were reported, allegedly targeting several Australian government websites, Argentina’s government bank Caja Popular, the image hosting website ImageShack, NBC websites, the Saturday Night Live website, and a Lady Gaga fan site. The attacks mainly involved defacing or taking down websites, however some targets were allegedly breached and had their data stolen. In fact, Anonymous launched an attack against the Organisation for Security and Cooperation in Europe (OSCE) and released sensitive material on the hacktivists’ own leak site. In addition, the group was responsible for leaking VMware’s proprietary code, which led VMware to urge users to apply the latest security updates and security patches. The hacktivist collective also claimed to have hacked PayPal and published users’ account information. A spokesperson from PayPal denied the breach, saying there was no evidence to validate the claims. Threats of attacks made by Anonymous against Facebook and game developer Zynga in previous weeks did not materialise on 5th November 2012.
One of the main events of #OpVendetta is the Million Mask March that occurs worldwide annually, in order to protest against corruption, the abuses and malpractice of the government, the destruction of civil liberties, and the surveillance state. Anti-government protesters gather in London, Washington DC, Bangkok, Amsterdam, Chicago and cities across the world. The first Million Mask March occurred on 5th November 2012 and was most successful in London and Washington DC. In London, Anonymous supporters gathered in Trafalgar Square and marched to the House of Parliament wearing the infamous Guy Fawkes masks. According to the police over 300 people were present at the first protest, however the hacktivist group claims the number was around 1,500. While the digital side of #OpVendetta significantly slowed down after 2012, the 5th November protests in cities’ streets keep occurring annually. In 2020, the Million Mask March was held in the UK regardless of the lockdown imposed due to Covid.

Where is Anonymous now?

After peaking in the early 2010s, Anonymous mostly faded from the scenes. This was especially the case after governments started cracking down on hacktivist cyberattacks, which led to a high number of arrests of Anonymous members in all parts of the world. Hacktivism is no longer a popular way to forward political, social and ideological views, and figures suggest that from 2015 to 2019 hacktivism attacks dropped by 95%, especially since Anonymous was responsible for a high proportion of that activity. In 2020, Anonymous briefly re-entered the scene as the Black Lives Matter protests were occurring around the world. Allegedly the collective was responsible for hijacking the Chicago Police scanners and launching a DDoS attack on the Minneapolis Police department.

Reference List:

















https://securityaffairs.co/wordpress/10100/hacking/anonymous-opvendetta-115-day-of-meditation-for-information-security.html https://www.theguardian.com/technology/2008/feb/04/news










Related news

ShinyHunters, one of the most recognised threat actors among the hacking community

Over the past year, ShinyHunters has become one of the most recognised threat actors among the hacking community, by carrying out sophisticated cyberattacks on over 40 online services across the world, and by selling the stolen information for profit.

Read more
Creeper: the first computer virus

The idea of a computer virus was first theorised by the mathematician John von Neumann in 1949, when he envisioned the possibility that a “mechanical organism”, such as a program, could reproduce itself and infect multiple hosts. The title of the first computer virus in history is attributed to a program called Creeper, created by Bob Thomas from BBN Technologies in 1971.

Read more
2020 FireEye Breach

On the 8 December 2020, prominent US-based cybersecurity company FireEye announced on its blog that they had been the victims of a cyber-attack. The nature of the attack has led to experts to theorise that it was carried out by a state-sponsored hacking group, currently believed to be Cozy Bear (also known as APT29).

Read more
Juspay Data Breach

A statement released by Juspay on 5th January 2021 confirms that the Indian-based company has been the target of a cyberattack resulting in a large-scale data breach.

Read more


Let's talk

Please fill in the form below (fields with * are mandatory) and we will respond to your request as soon as possible!