A Pakistani hacking campaign has defaced roughly 15,000 websites since it first gained traction in 2011, making it the leading so-called hacktivist campaign in recent years, according to new research.
Cybersecurity firm Trend Micro issued a report Monday based on analysis of more than 13 million web defacement reports over nearly two decades.
{mosads}Activists have increasingly turned to the cyber realm to promote their agendas and political ideologies, compromising and defacing websites in order to send a message and gain traction with would-be supporters.
For instance, Islamic State in Iraq and Syria sympathizers defaced several Ohio government websites last June, forcing the state to take affected servers offline.
Trend Micro catalogued more than 100,000 unique defacers and nearly 10 million domains that were compromised over the last 18 years, identifying the top seven hacktivist campaigns and their origins in real-world conflicts.
According to the research, a Pakistani hacking campaign called “Free Kashmir” logged the highest number of web defacements despite having significantly fewer perpetrators than other high-profile campaigns.
“Free Kashmir” was launched in 2011 by a pair of Pakistani hacking groups to sound alarm over human rights abuses committed by India’s armed forces against residents in the disputed territory of Kashmir.
The hacking campaign #OpIsrael, triggered by the ongoing Israel-Palestine conflict, has attracted 500 attackers, according to the research, making it the most successful in netting supporters.
A hacking campaign called #OpFrance is also among the top campaigns. It was triggered by the attack on French magazine Charlie Hebdo’s Paris headquarters in 2015 and largely consisted of hackers from Muslim-majority nations targeting French websites, apparently in support of the attack.
The researchers anticipate hackers to continue to exploit websites to spread messages, noting that web defacements could become more prevalent as the ecosystem of internet-connected devices grows.
Hackers could also increasingly blend web-defacement campaigns with forms of cyber crime or cyber espionage in order to leverage the sensitive information at their fingertips, the researchers warn.
“Delineation between pure web defacement and cyber criminal or cyberespionage activity is disappearing,” the report states. “After defacing websites, the next step would seem to be capitalizing on the available information on compromised sites.”
“A troubling scenario is if these defacement groups decide to monetize their successful hacks by, for example, installing malicious redirections or exploit code in the defacement pages that would then install ransomware,” it states.