Current News



'Hacktivists' increasingly target local and state government computers

Jenni Bergal, on

Published in News & Features

WASHINGTON -- Early last year, hackers launched a cyberattack against the state of Michigan's main website to draw attention to the Flint water crisis. In May, they targeted North Carolina government websites to protest a controversial state law requiring transgender people to use bathrooms that match the sex on their birth certificate. And in July, they took aim at the city of Baton Rouge's website after the fatal police shooting of a black man.

It's called "hacktivism," a blend of hacking and activism for a political or social cause, and state and local governments are increasingly finding themselves targets. Unlike cyber criminals who hack into computer networks to steal data for the cash, most hacktivists aren't doing it for the dollars. They're individuals or groups of hackers who band together and see themselves as fighting injustice.

"It's digital disobedience. It's hacking for a cause," said Dan Lohrmann, chief security officer for Security Mentor, a national security training firm that works with states.

Hacktivists have gone after everyone from foreign governments and corporations to drug dealers and pedophiles. Police departments, hospitals, small towns, big cities and states also have come under attack. Online activists have successfully frozen government servers, defaced websites, and hacked into data or email and released it online.

"Some take this as being harmless and think it's another form of protest," said Doug Robinson, executive director of the National Association of State Chief Information Officers (NASCIO). "But it can be highly disruptive. It's criminal trespassing."

Robinson said he has seen a "significant growth" in the number and severity of hacktivist attacks on state and local governments in the past five years. For the public, it can mean being unable to log on to government websites to get information or conduct business. And for taxpayers, it can mean having to pick up the tab for staff time and additional technology needed to combat such attacks.

When Baltimore was rocked by protests over Freddie Gray's death from injuries sustained while in police custody in April 2015, for example, hacktivists knocked out the city's main website that gives the public information about government services for at least 16 hours.

"Hacktivists are almost like vigilantes. They're looking to disrupt," said Brian Calkin, a vice president of the Multi-State Information Sharing and Analysis Center, a federally funded group that tracks cybersecurity issues for states and local governments.

Calkin said his group tracked 65 hacktivist incidents involving state and local governments in 2015; the number jumped to 160 last year. And a 2014 survey of state information technology security officials listed hacktivism as one of their top three cyber concerns.

"Hacktivism is becoming more and more of a serious issue," said Srini Subramanian, a state cybersecurity principal at the consulting firm Deloitte & Touche LLP.


swipe to next page


blog comments powered by Disqus