Hacktivism is a modern security trend that sits at the intersection of computer hacking and social activism. A "hacktivist" is an individual or a member of a group who uses their technical expertise to gain unauthorized access to systems or disrupt digital services to promote a specific political, social, or ideological agenda. Unlike traditional cybercriminals who are typically motivated by financial gain, or state-sponsored actors seeking geopolitical intelligence, hacktivists act as "digital protesters." Their goal is often to draw public attention to perceived injustices, government policies, or corporate misconduct.

Common tactics used by hacktivists include Distributed Denial of Service (DDoS) attacks to take down a target's website, "defacing" web pages with political messages, or leaking confidential internal documents (often referred to as "doxxing") to embarrass or expose the target. High-profile groups like Anonymous or WikiLeaks are frequently cited as examples of this phenomenon. While the hacktivist might believe their actions are morally justified by their cause—be it environmental protection, free speech, or human rights—their actions remain illegal under most international and domestic computer crime laws because they involve unauthorized access or disruption of service.

From a defensive standpoint, hacktivism represents a unique threat profile. Organizations must monitor the social and political climate to gauge if they might become a target of a hacktivist campaign. For instance, a company involved in a controversial project might see a sudden surge in scan attempts or phishing attacks. Understanding hacktivism is essential for modern threat intelligence, as it requires security teams to look beyond technical vulnerabilities and consider the reputational and ideological factors that might drive an attack. This trend highlights how the digital realm has become a primary battlefield for social discourse and political conflict in the 21st century.