Some hacktivism activities are easier for me to understand than others.
On August 16, Stephen Adams and Brandon Gray reported that the City of Killeen (Texas) website was hacked for the second time in roughly three months:
Visitors to the website were welcomed to a message of “HACKED BY llJACKSPARROWll” along with an image of a Turkish Flag and Turkey President Recep Tayyip Erdogan.
The hacker, who calls himself Jack Sparrow — Johnny Depp’s character from the Pirates of the Caribbean movies — hacked Killeen’s website on behalf of a group of hackers known as the Turk Hack Team.
Read more on KCEN, while I try to figure out why the city is sticking with a site vendor who has failed to prevent two breaches in recent months.
“Right now, we have not only the external company working to diagnose this,” Shine said. “But, we have a separate company looking into it as well, so we can upgrade our security if necessary.”
“If necessary?” You’ve been hacked twice in a few months. I’d say that qualifies as an upgrade being “necessary.”
According to KCEN, Killeen’s city leaders do not believe any personal information was compromised in either hack, something llJACKSPARROWll confirmed to DataBreaches.net in a private chat.
But why does the Turk Hack Team (@Official_THT on Twitter) bother with a small Texas city’s web site if it is not going after personal information? Are THT do-gooders pointing out vulnerable sites, or is there some other purpose or rationale for the sites they attack? I asked llJACKSPARROWll about that in our chat.
With the help of a translator, llJACKSPARROWll informed me that THT’s mission “is to hack those websites which are against our language, religion, beliefs, traditions, eternal verities etc.” So has Killeen’s government or citizenry done anything disrespectful of Turkey’s language, religion, beliefs, etc.? Why were they attacked? I really do have a possibly irrational need to have attacks either make sense or be somehow justified.
In the beginning, llJACKSPARROWll says, THT’s attacks were mostly defacements, although there were some instances where they acquired and exfiltrated databases. And from the beginning, llJACKSPARROWll tells DataBreaches.net, THT was hacking American sites, but “after 2014 it increased.”
Significantly, he claims that they do not acquire or leak/dump databases.
“Though we have access to the database, we don’t steal/dump the database since it is against our mission, we just hack it,” llJACKSPARROWll tells DataBreaches.net. “We are not working for another foundation, we are bonded to our own mission, and we work independently, so we don’t leak.”
I wonder how many Americans are even aware of these hacktivists, who not only have been around for years, but claim to have 800,000 members. They reportedly use DDoS attacks, SQL Injection, brute force method and botnets. “And we have our own methods to hack, too,” llJACKSPARROWll tells DataBreaches.net, without elaborating on what those methods are.
By now, THT has racked up over 70,000 attacks and defacements, with their work documented on sites such as Zone-H, Aljyyosh, Turk-H, and the former Zone-HC.
But have they had any impact?
“We are hackers who are bonded to our homeland and nationality, we are nationalist, and we don’t interfere to politics, we try to protect our nationality and homeland,” llJACKSPARROWll says.
But how does attacking and defacing small cities in America protect Turkey? And why tell the hacked entities that you’re doing it to show them they’re vulnerable instead of telling them you’re doing it for your homeland?
There was something about the answers I was getting that either didn’t make sense to me or got lost in the translation. Finally, I got an answer that almost made sense:
It doesn’t contribute to our mission, but like other hack groups we need to operate, and advertise/announce our name.
Well, okay then, but perhaps the defacement message could be more awareness-raising or educational?
Speaking only of his own activity, llJACKSPARROWll said he has hacked almost 20 American government websites. “But I can’t tell (you) which one has the worst security,” he tells this site, “since their security was close to each other.” When asked if there was one particular hack he was proudest of, he answered, “I can’t tell a specific one, I have hacked Russian and American government websites dozens of times.”
“I am proud of all of my Russian and American government website hacks,” he claims.
But why? What have they accomplished? I appreciate llJACKSPARROWll trying to explain it all to me, and if anyone else from THT would like to try to explain to me how these attacks help Turkey in any way, please contact me via email, Twitter, or Jabber. I really would like to understand it. I do think the attacks have some value in showing sites that they’re vulnerable to attacks, but if the mission is to support Turkey, I’ve been unable to connect those dots, I fear.