Sony cyberattack highlights rise of the hacktivist

The recent cyberattack on Sony Pictures, which is still under investigation, has led many commentators to point the finger at North Korea as the likely culprit. The secretive Communist state is alleged to have carried out the attack in retaliation against the upcoming Sony film The Interview, in which James Franco and Seth Rogen portray journalists hired by the CIA to assassinate North Korean leader Kim Jong-un.

The North Korean government described the film as "an act of war" in a letter to the UN. This week, Pyongyang said it was not involved in the attack, but described it as a "righteous deed" that may have been the work of "supporters and sympathisers".

Whichever organisation is ultimately found to be behind the attack, it serves as a reminder of the wide array of motivations - personal, political, religious and nationalistic - driving hackers to carry out attacks. Clearly, there are actors at work who do not fit the widely held image of the hi-tech bank robber, driven only by greed.

This latest cyberattack comes at a time when high-profile credit-card data breaches at several US retailers and banks have focused the attention of IT security professionals on the growing value of personal and financial data. Less attention has been paid to those hacktivists harbouring other, often non-financial, motivations. By their nature, ideological hackers often display a greater appetite for damage and destruction in order to maximise publicity for their cause.

In contrast, cybercriminals who target companies for financial gain typically seek to remain undetected inside a company's systems for as long as possible to extract the most value. With no cause to promote, they have no interest in publicising their successes. In many countries, particularly in Asia, there are often no reporting obligations on businesses that fall victim to these attacks, and hackers wishing to escape the attention of law enforcement are often abetted by their own victims, who choose not to report an incident to the authorities in order to avoid embarrassing headlines.

Attacks linked to geopolitical events are on the rise, whether prompted by a conflict like the one raging in eastern Ukraine, diplomatic disputes with Iran, protests like Occupy Central, or events such as the Olympics or leadership summits like Asean or the G20. The unpredictable currents of global events make such attacks harder for authorities or businesses to predict and defend against. Such attacks can also escalate in unusual ways. Last year, the hacktivist group, Anonymous Indonesia, responded to claims that Australia had spied on the Indonesian government by hacking numerous government and business websites, including that of the Australian Secret Intelligence Service, replacing their websites with the message: "Stop spying on Indonesia!"