Article Thumbnail

The Hacktivists Behind the Recent Cyber Attacks on Anti-Abortion States Say They’re Not Done Yet

‘We mostly do things for the lulz, to have fun. However when we saw the situation of Roe v. Wade, we thought action was needed and so we decided to help with what we can’

On Saturday, June 25th, the day after the Supreme Court deemed Roe v. Wade defunct, a group of hackers dubbed “SiegedSec” published a bold claim on their Telegram page: They had seized and leaked “internal documents and files retrieved from Kentucky’s and Arkansas’ government server.” 

The leak had personally identifiable information on state employees, the group wrote. “Like many, we are also pro-choice, one shouldn’t be denied access to abortion,” read the message, which concluded with a declaration: “THE ATTACKS WILL CONTINUE! Our main targets are any pro-life entities, including government servers of the states with anti-abortion laws. KEEP PROTESTING, KEEP YOURSELF SAFE, FUCK THE GOVERNMENT.” 

On Thursday, July 7th, SiegedSec followed up on its promises, claiming to have crashed a number of industrial control systems across the U.S. in the name of “Operation Jane,” a reference to a series of hacking attacks targeting anti-abortion forces in America. “The more pressure on the government, the merrier!” the group wrote on Telegram. “As time goes on, more systems will be affected. REMEMBER TO CONVINCE YOUR FRIENDS TO CAUSE MAYHEM!” 

SiegedSec isn’t exactly a renowned hacker collective with devotees around the globe, a lá Anonymous. Rather, the group is seemingly small and very new, having been formed early in 2022, according to an analysis from the darknet data provider DarkOwl. It has leaked various dumps of stolen data from weak and compromised networks, including an Indian media outlet, a Taiwan-based telecommunications company and an insurance company based in Puerto Rico, among others. 

All along, the group has cracked jokes about how they want to “hack the planet” for the “lulz,” identifying themselves as black-hat hackers — i.e., those with malicious intent to infiltrate and agitate — and encouraged people to seek their own autonomous actions against the government. They repeatedly refer to themselves as “gay furries,” including in passages where they mock their targets (“Imagine getting fucked by furries on the internet,” one Telegram message notes). 

In other words, SiegedSec feels a little like a group of self-aware shitposters, practicing their craft and aiming for low-hanging cybersecurity fruit. In a conversation on Telegram, SiegedSec member “YourAnonWolf” tells me that things only shifted once the team considered the impact of abortion rights falling. “We mostly do things for the lulz, to have fun. However when we saw the situation of Roe v. Wade, we thought action was needed and so we decided to help with what we can. We crashed the control systems as more pressure to anyone who can change anti-abortion laws,” they say. “If they change laws, we will stop attacks on control systems and more government targets.” 

YourAnonWolf couldn’t explain the practical impact of their recent attack, only to note that it likely disrupted a number of government and private business operations. The extent of the Kentucky-Arkansas server attack was also disputed by some state officials, who claimed that the leak had revealed far less private information than initially feared. 

Nonetheless, SiegedSec is a new and intriguing player in the ever-evolving landscape of hackers who are choosing to join social battles, including the wave of volunteer hacktivists working against Russian targets in the Ukraine conflict

Some have been in the hacktivism world for years, helping launch attacks on foreign governments, corporations, police departments, hospitals, right-wing militias and any other entity deemed deserving of punishment. And others, like SeigedSec, are more recent outfits with long-term motives that have less to do with justice and altruism and more the anarchic power of hacking, especially when aimed at governments and businesses. 

Countless institutions, including the federal government, have glaring vulnerabilities in their networks and servers. In the eyes of “black-hat” hackers, the tactic of small-scale autonomous action, especially under the veil of anonymity and decentralized communication, is well-suited to striking those vulnerabilities. 

“They remind me of people active on [sites like] RaidForums or BreachForums, based on what I’ve read about SiegedSec. Like money-motivated threat actors who are now wanting to get into activism,” says Lorax B. Horne, a writer who works with the transparency collective Distributed Denial of Secrets. “There has been a lot of cross-pollination between these worlds. We’ve even seen big money-making enterprises, like ransomware operators, picking sides in the Russia-Ukraine crisis. I think it’s unavoidable in the sense that business is related to politics, and those interests can collide.” 

Roe has been an inciting factor for a number of hacking attacks. Anonymous claimed to have deleted data from period-tracking apps, although the impact was disputed by a Daily Dot report, which notes that no serious security breaches have been announced. A group reportedly took down the webpage of the advocacy group National Right to Life on June 27th, while the Texas Right to Life site went down earlier this week, on July 5th.

These efforts recall the rush of hacktivism and attention in the summer of 2021: A team of women-led hackers and their allies trolled the abortion-snitching site ProLifeWhistleblower.com, then hacked the website of the Texas GOP, wrecking it with Rick Astley memes and withering criticisms of the state’s newly implemented six-week abortion ban. It also may have opened the door for a massive breach by Anonymous as part of the wide-ranging Epik hacks, which revealed details about far-right extremists and their ties to government officials.  

Of course, hacktivism can work for any political ideology. Anti-abortion activists have also exploited digital vulnerabilities, shutting down the websites of abortion-rights groups, stealing patient information and using location data to seek out visitors to family planning clinics and shill anti-abortion materials to them. In 2012, a British man who claimed to be a member of Anonymous was sentenced to 32 months in prison for stealing the person details of more than 10,000 women from the British Pregnancy Advisory Service, with the intent of publishing private info in a blow against abortion access.

So what will become of an outfit as new as SiegedSec? They could grow into infamy, like the four young British men (ages 18 to 26) behind Lulzsec. That group began as a jokey black-hat operation but gained mainstream relevance after breaching the CIA, PBS, Westboro Baptist Church and Sony. Ultimately, the group was hunted down and prosecuted, with the hackers serving between 20 to 32 months in jail. 

Or it could just evolve, too: Hacking groups often split and warp as members develop their own abilities, convictions and strategies. DarkOwl’s data analysis noted a link between SiegedSec and a previous group dubbed GhostSec, which was so successful that it splintered into a traditionally autonomous “Anonymous” faction and a legitimate counter-terrorism consulting firm known as Ghost Security Group. In that same way, it’s likely that a young generation of hackers will trickle into all manner of activist spaces, even if they begin their careers in cells like SeigedSec, focused on the lulz more than anything else in particular. “We’ll probably return to black-hat activities very soon, but nothing has been planned for certain yet,” YourAnonWolf replies when ask about the future. 

For now, though, there’s nothing to choose. To these hackers, harassing and disrupting the foundations of anti-abortion entities is worth a laugh — it just happens to be principled, too.