{"id":3581,"date":"2015-09-17T12:01:37","date_gmt":"2015-09-17T16:01:37","guid":{"rendered":"http:\/\/ncjolt.org\/?p=3581"},"modified":"2020-06-04T20:53:35","modified_gmt":"2020-06-04T20:53:35","slug":"ashley-madison-breach-hacktivists-or-criminals","status":"publish","type":"post","link":"https:\/\/journals.law.unc.edu\/ncjolt\/blogs\/ashley-madison-breach-hacktivists-or-criminals\/","title":{"rendered":"Ashley Madison Breach: Hacktivists or Criminals?"},"content":{"rendered":"

Some activists chain themselves to trees, others publicly protest, rally, and\/or march in hopes of bringing about some sort of social change. As technology continues to advance, and more and more information is being stored electronically, activism has reached new heights\u2014hacktivism, a term first coined in an e-mail by a member of the Texas-based computer hacking group Cult of Dead Cow<\/a> (cDc). In the 1990s, cDc sought \u201cglobal domination through media saturation,\u201d seeking to \u201cleverage[] technology to advance human rights and protect the free flow of information<\/a>.\u201d In the age of the Internet, hacking has been brought to the forefront of technological concerns, creating huge privacy worries for users and corporations alike. One thing is for sure, cyber breaches serve as an excellent reminder that the Internet-connected world is not some anodyne<\/a>, Disney-esque reality in which things can only be “liked.”<\/p>\n

Indeed, if the Internet came with a warning label<\/a>, it might read like this: “Caution: Internet tricksters may intercept, steal and release everything you say or do online<\/em>.\u201d<\/p><\/blockquote>\n

Hacking is certainly not a new concept, as the hacker culture \u201ccan by conveniently dated to 1961,\u201d when the Massachusetts Institute of Technology\u2019s Tech Model Railroad Club \u201cTMRC\u201d was \u201cthe first to adopt the term `hacker.’<\/a>\u201d Some notable TMRC members included Bill Gates<\/a>, Steve Jobs, and Stephen Wozniak. \u201cThe ingenuity of TMRC members in manipulating the MIT telephone system, the MIT lock system, and MIT in general, became the stuff of legend<\/a>.\u201d
\nBut what started out as a sort of practical joke among TMRC members has quickly grown into a serious global concern. In 2011, \u201cLulzSec\u201d attacked the Internet pornsite, www.pron.com, publishing \u201c26,000 email addresses and associated passwords, in an apparent attempt to embarrass users<\/a>.\u201d Another widely known hacktivist group, Anonymous, targeted the Church of Scientology, \u201cmaking prank telephone calls to the organization and sending black sheets of paper by facsimile transmission,\u201d followed by \u201csending multiple simultaneous requests for information to the target website, causing it to crash,\u201d also known as a \u201cdenial-of-service\u201d attack or DoS<\/a>. A DoS can bring about criminal charges<\/a> under the Computer Fraud and Abuse Act \u201cCFAA,\u201d \u201cas it \u2018causes damage\u2019 and can violate a website\u2019s terms of service. In addition to criminal charges, the owner of a site experiencing a DoS attack can file a civil suit<\/a> citing the CFAA, \u201cif they can prove a temporary server overload resulted in monetary losses.\u201d In 2010, Anonymous attempted a DoS attack on PayPal, Visa, and MasterCard, \u201cafter the companies refused to process donations to Wikileaks.\u201d As a result, sixteen alleged Anonymous members were arrested and charged with conspiracy<\/a> and \u201cintentional damage to a protected computer.\u201d The case is ongoing and these members could face more than ten years in prison and $250,000 in fines.
\nSo what does this mean for hacktivists today? Some activists argue that DoS attacks should be a legal form of protest, \u201cclaiming that disrupting web traffic by occupying a server is the same as clogging streets when staging a sit-in<\/a>.\u201d But is it?
\nFast-forward to 2015, a new group of highly competent cyber hackers, dubbed \u201cThe Impact Team,\u201d has taken it upon themselves to hack into extramarital websites owned by Avid Life Media, threatening to expose client information, and demanding a cease of operations in return. To understand this questionably heroic act, lets start with the basics: what is Ashley Madison and why would someone extort this website? Ashley Madison<\/a> is a site for adultery. No, I am not kidding, and it\u2019s a popular<\/em> site for adultery, hosting 37 million users. The site motto is \u201clife is short, have an affair.\u201d<\/a> I could not make this stuff up. Okay, so next question: who is Avid Life Media? Avid Life Media is the parent company, owning both Ashley Madison and Established Men. Wait, what is Established Men? I\u2019m sure you\u2019ve guessed it, but Established Men is similar website aimed at \u201cconnecting young beautiful women with successful men<\/a>.\u201d
\nNow, why is this group of hackers targeting Avid Life Media? A likely guess would be an angry spouse, but alas, The Impact Team has made it clear in its manifesto<\/a>: \u201cshutting down AM [Ashley Madison] and EM [Established Men] will cost you, but non-compliance will cost you more: We will release all customer records, profiles and all the customers\u2019 secret sexual fantasies, nude pictures, and conversations and matching credit card transactions, real names and addresses, and employee documents and emails. Avid Life Media will be liable for fraud and extreme harm to millions of users.\u201d Wait, what fraud?
\nThe hackers \u201cclaimed they did so to expose alleged lies<\/a> Ashley Madison told customers about a service that allows members to erase profile information for a $19 fee.\u201d Purportedly, Ashley Madison\u2019s \u2018full delete\u2019 feature promised \u201cremoval of site usage history and personally identifiable information from the site,\u201d providing Avid Life Media with $1.7 million in revenue<\/a> in 2014. According to the hackers, this promise was \u201ca complete lie<\/a>,\u201d demonstrating that \u201c[u]sers almost always pay with credit card; their purchase details are not removed as promised, and include real name and address<\/a>, which is of course the most important information the users want removed.\u201d Avid Life Media chose not to comply with the Impact Team\u2019s demands, and since the initial hacking and posted threat, large caches of data have been posted online<\/a>. In response to the leaking of information, the Impact Team offered no apologies, reiterating: \u201cWe didn\u2019t blackmail users. Avid Life Media blackmailed them. But any hacking team could have. We did it to stop the next 60 million. Avid Life Media is like a drug dealer abusing addicts<\/a>.\u201d Avid Life Media responded, \u201c[t]his event is not an act of hacktivism, it is an act of criminality<\/a>. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.\u201d
\nSo, the question remains: are the Ashley Madison hackers modern day heroes, or hard criminals? One thing is certain, as one journalist eloquently stated:\u201c[t]he Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils<\/a> – and promise – of our Internet-connected, hacktivist age.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Some activists chain themselves to trees, others publicly protest, rally, and\/or march in hopes of bringing about some sort of social change. As technology continues to advance, and more and more information is being stored electronically, activism has reached new heights\u2014hacktivism, a term first coined in an e-mail by a member of the Texas-based computer …<\/a><\/p>\n","protected":false},"author":1,"featured_media":3582,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[51],"tags":[],"_links":{"self":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3581"}],"collection":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/comments?post=3581"}],"version-history":[{"count":1,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3581\/revisions"}],"predecessor-version":[{"id":7312,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/posts\/3581\/revisions\/7312"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media\/3582"}],"wp:attachment":[{"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/media?parent=3581"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/categories?post=3581"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/journals.law.unc.edu\/ncjolt\/wp-json\/wp\/v2\/tags?post=3581"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}