Skip to main content
SearchLogin or Signup

“I Did What I Believe Is Right”: A Study of Neutralizations among Anonymous Operation Participants

Published onOct 01, 2019
“I Did What I Believe Is Right”: A Study of Neutralizations among Anonymous Operation Participants


Our knowledge of online activists or hacktivists is growing, but it is still far from complete. The reasons why some of these individuals violate computer laws or how they justify their behavior remains elusive, yet one particular framework that lends itself to understanding a hacker or hacktivist’s belief system is Sykes and Matza’s (1957) neutralization theory. The present study involved a content analysis of publicly available commentary found online and made by participants in Anonymous operations against United States targets from 2008-2013. Over 13,000 words were analyzed, and of the 384 passages of text and phrases, roughly 62% of passages contained some type of neutralizing statement, whereas 38% of passages were coded as containing no neutralization technique. Among the 238 passages and phrases of neutralizations, over half contained neutralizations that reflected condemnation of the condemners, appeal to a higher moral principle, and denial of the victim. Another important finding was that several participants in Anonymous operations justified their actions as simple acts of protest or civil disobedience. While this study sheds light on how hacktivists may justify their behavior, it also paves the way for exploring other neutralizing techniques and signals the need for developing crime-specific neutralizations.


In 2008, in an authorized video, actor Tom Cruise is shown boasting the efforts of fellow Scientologists. The video was leaked and posted on YouTube among other websites (Barkham, 2008; Dibbell, 2009). Gawker Media, who allegedly posted the clip, was subsequently issued a cease and desist letter to remove the video, since it was copyright protected by the Church (Kushner, 2014). Word spread quickly, and many of those who were using 4chan1 were infuriated claiming that the Church of Scientology did not have the right to censor what was posted on the Internet. Considering this to be a threat to free speech, members of Anonymous took action and launched Project Chanology, which began with a wide-scale series of trolling2 attacks on the Church’s website. For example, Distributed Denial of Service (DDoS)3 attacks were used to strain the Scientology website to the point of crashing, and “Google bombs” were emitted where simply searching the term “Scientology” on the Internet would yield “dangerous cult” on the results page. In addition, several mischievous acts or “lulz”4 were carried out, some of which included ordering numerous pizzas to the Church and sending all-black faxes to diminish the ink supply of fax machines. Moreover, serious death threats were issued against Church members (Kushner, 2014).

The movement was heightened by a video message directed at the Church of Scientology on January 21, 2008. It included imagery of ominous clouds and a digitally-altered voice recording. The message contained in the video was as follows:

Over the years, we have been watching you. Your campaigns of misinformation; suppression of dissent; your litigious nature, all of these things have caught our eye. With the leakage of your latest propaganda video into mainstream circulation, the extent of your malign influence over those who trust you, who call you leader, has been made clear to us. Anonymous has therefore decided that your organization should be destroyed. For the good of your followers, for the good of mankind—for the laughs—we shall expel you from the Internet and systematically dismantle the Church of Scientology in its present form. We acknowledge you as a serious opponent, and we are prepared for a long, long campaign. You will not prevail forever against the angry masses of the body politic. Your methods, hypocrisy, and the artlessness of your organization have sounded its death knell …

You cannot hide; we are everywhere.

We cannot die; we are forever. We're getting bigger every day—and solely by the force of our ideas, malicious and hostile as they often are. If you want another name for your opponent, then call us Legion, for we are many …

Knowledge is free.5

We are Anonymous.

We are Legion.

We do not forgive.

We do not forget.

Expect us.

(Jacobsen, n.d., para. 8)

Protests at various Scientology centers around the world took place in February and March of 2008 (Coleman, 2012; Dibbell, 2009; Kushner, 2014). Thousands of members claiming an affiliation to Anonymous appeared in Guy Fawkes masks, in reference to the movie, V for Vendetta (Penny, 2011). What was notable about this first Anonymous operation, according to Coleman (2012), was that the common lulz-based activities or simple mischief of 4chan users shifted to what could be called a newfound culture of not just hacking, but of hacktivism. However, hacktivism began in the 1990s and was embedded in anti-neo-liberal-globalization movements well before Anonymous took center stage (Jordan & Taylor, 2004). Nonetheless, this protest against the Church of Scientology gave rise to the group, Anonymous, which had “emerged from its online sanctuary and set to improve the world” (Coleman, 2012, p. 87), and in many ways, brought the term “hacktivism” back to the attention of mainstream media (Barkham, 2008; Coleman, 2012; Dibbell, 2009).

This marked another important turning point for hackers, as in the 1980s they were commonly viewed as misfits and pranksters with a keen knowledge for the computer (Halbert, 1997; Jordan & Taylor, 2004). According to Coleman (2011), hackers tend to be “skilled programmers, security researchers, hardware builders, and system administrators,” who often share a liberal vision and sensibilities about the Internet (p. 512). Hacker culture is further supported by Steven Levy’s hacker ethic, which contains five main tenets:

(1)  Access to computer-and anything which might teach you something about the way the world works-should be unlimited and total. Always yield to the Hands-On Imperative!, All information should be free, (3) Mistrust authority-Promote Decentralization, (4) Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position, and (5) You can create art and beauty on a computer. (Levy, 1984, pp. 28-31)

However, this hacker ethos has not meshed well with federal law, namely the Computer Fraud and Abuse Act (CFAA), which was enacted by Congress in 1984 and codified as 18 U.S.C. § 1030 (Clifford, 2011). The act was modeled after the 1952 wire-fraud statute, which penalized phone-phreakers6 and mail fraudsters, and was the first piece of federal legislation to target fraudulent activities in connection with government computers (Tuma, 2011). In the years that followed, the act was amended to impose criminal liability not only for those who targeted a government-operated computer, but computers that were privately maintained. In essence, both criminal and civil charges can be applied, protecting not only federal computers, but those of banks, and any other computer connected to the Internet (Doyle, 2014). The act used today outlines seven computer crimes (i.e., computer trespassing in a government computer; computer trespassing resulting in exposure of government, credit, financial, or protected information; damaging a government or bank computer using worms or viruses or DDoS attack; committing fraud involving unauthorized access to a government computer or bank computer; threatening to damage a government or bank computer; trafficking in passwords for a computer; and accessing a computer to commit espionage) and their penalties. Penalties range from one year to ten or more years in federal prison, including sizable fines.

Since the image of the hacker is debated as one of mischief maker to mere criminal, researchers must move away from a myopic understanding of the hacker or even the hacktivist, and in turn, embrace the complexities beholden to these online subcultures (see Holt 2007; Holt, 2010; Holt & Copes, 2010; Jordan & Taylor, 2004; Steinmetz, 2015). Not only is there great complexity when defining and describing the different types of hackers, which is beyond the scope of this paper (see Rogers, 2006; Steinmetz, 2015), the reasons why individuals participate in such acts or how they justify their behavior still remain elusive. One particular framework that lends itself to understanding the cognitive mechanisms used by a hacker or hacktivist is Sykes and Matza’s (1957) neutralization theory. While this theory has been used to examine a variety of crimes and behaviors such as white collar crime (Piquero, Tibbets, & Blankenship, 2005), identify theft (Copes & Vieraitis, 2012; Copes, Vieraitis, & Jochum, 2007), human trafficking (Antonopoulos & Winterdyk, 2005), hate crimes (Byers, Crider, & Biggers, 1999), and animal rights activists (Liddick, 2013), only a handful of studies have applied neutralization techniques to individuals who have committed computer crimes or participated in online activism (Chua & Holt, 2016; Hindjua, 2007; Hutchings & Clayton, 2016; Ingram & Hindjua, 2008; Morris & Higgins, 2009; Smallridge & Roberts, 2013, Turgeman-Golschmidt, 2009; Walkley, 2005). Moreover, this study uses a qualitative and content analysis-based approach, as survey research has not been able to adequately capture the neutralization process and often relies on measures that are mere abstractions rather than reality (Maruna & Copes, 2005). The primary purpose of this study was to examine the types of neutralizations used among individuals who participated in Anonymous operations against United States targets from 2008 to 2013. It is important to note that we use “Anonymous operations” in this study as an umbrella term to refer to the operations that were carried out by members of Anonymous and in some cases participants who were once affiliated with Anonymous or an Anonymous operation in some capacity.

Literature review

Neutralization theory

Introduced by Gresham Sykes and David Matza (1957), neutralization theory is based on the idea that offenders will use verbal or nonverbal utterances prior to committing an act in violation of laws or values to which they claim to follow. Essentially, neutralizations allow the offender to temporarily suspend judgement or deflect blame in order to commit an act they would normally consider wrong. As stated by Copes (2003), offenders can, and frequently will, use these techniques to justify their actions and cleanse their conscious, casting aside any possible feelings of guilt or to avoid a negative self-image.

In their original work, Sykes and Matza (1957) presented several ways an offender may justify his/her behavior. First, offenders may thwart negative appraisals by using a technique known as denial of responsibility. Here, the offender may excuse their actions by claiming it was unintentional or the act was caused by outside factors beyond one’s control. Denial of injury also allows the offender to relinquish their responsibility for committing a deviant act. However, for this technique, the offender does not view the victim as suffering from any real injury. Instead the injury is simple mischief or harmless in nature. The next technique of neutralization, denial of the victim, is when the offender acknowledges the harm as retaliation and/or views the harm as deserved or even as punishment for something the victim may or may not have done (i.e., victim blaming). Condemnation of the condemners, the fourth technique of neutralization, occurs when the offender justifies the act by moving the attention away from themselves onto those passing judgement. In this case, an offender accused of a crime may instead turn the focus toward the criminal justice system and those in charge of the judicial process, asserting that they too are corrupt and deviant individuals themselves. The last technique, appeal to higher loyalties, occurs when an individual may feel the need to commit a deviant act in order to demonstrate loyalty to a personal subgroup by violating social norms or laws.

Over the years, additional neutralizations have been developed. For example, Klockars (1974) conducted a life history study on a professional fence, that is, a person who knowingly sells stolen merchandise. The neutralization, metaphor of the ledger, was created, which allowed the “fence” to put his behavior in perspective with the totality of all his past behaviors. In other words, the person views themselves as having done more good than bad in their lifetime. In similar research about fencing stolen goods, Henry (1978) derived that adult offenders may use a claim of normality, which follows the idea that “everyone is doing it.” This neutralization is particularly similar to diffusion of guilt, as explained by Coleman (1989) in the context of white collar criminals. The idea here is that it is unfair to criminalize the behavior of just one individual when “everybody’s doing it.” Additional research in the 1970s on white collar criminals brought to light that they may employ the defense of necessity, a neutralization where illegal activity is not perceived as really illegal, but “standard business practice” (Minor, 1981, p. 298) and in some ways a necessity to being a successful business person.

In a different vein, the claim of relative acceptability is a neutralization that was used among illegal gun owners, who used this justification to appeal to a larger audience that their misconduct was relatively moral or the lessor of two evils (Moss, 1989). Among students using bottle rockets to prank others, the neutralization, denial of negative intent, was used (Moss, 1989). The claim here is that the act was just to have fun and no harm or ill-will was intended. Conducting interviews with misdemeanant shoplifters, Cromwell and Thurman (2003), established two additional neutralizations-justification by comparison and postponement. Shoplifters who used the justification by comparison neutralization, claimed that their crime paled in comparison to more serious acts such as robbery. Postponement, on the other hand, allowed shoplifters to put aside any feelings of guilt momentarily, much like Scarlet O’Hara in Gone with the Wind, who remarked, “I can't think about that right now. If I do, I'll go crazy. I'll think about that tomorrow.”

Neutralization theory was originally written to explain juvenile offending but has included adult offenders, spanning many different types of crimes. However, despite its many applications, empirical support for neutralization theory can be best characterized as mixed (Maruna & Copes, 2005). Maruna and Copes (2005) suggest that limited support for the theory is because neutralizations are difficult to test and those who have attempted to test it have used it for causal explanations for crime when in fact it “plays a role in persistence in or desistance from criminal behavior” (p. 221). Moreover, testing the theory has been plagued by a time order issue. Sykes and Matza (1957) claimed that neutralizations can precede the behavior, while others have claimed that neutralizations can come after the act (Hindelang, 1970; Hirschi, 1969; Maruna & Copes, 2005).

Hacking and computer crimes as explained by neutralization theory

As mentioned, some notable studies have been conducted to further examine hackers or computer criminals’ use of neutralizing the techniques, and it is upon which the current study is situated within this body of literature. For one, while a few studies have relied on qualitative methodologies to examine hacker motivations and techniques of neutralization (Turgeman-Goldschmit, 2009), most others have issued self-report surveys with a set of pre-defined responses (Chua & Holt, 2016) or open online surveys (Hutchings & Clayton, 2016). Second, most studies have utilized younger and college-aged populations (Hindjua, 2007; Ingram & Hindjua, 2008; Morris & Higgins, 2009; Smallridge & Roberts, 2013). Last, the extant literature has captured hackers and hacking behaviors in general (Turgeman-Goldschmit, 2009), Internet fraudsters (Walkley, 2005), malicious software virus writers or distributers (Chua & Holt, 2016), digital pirates (Hindjua, 2007; Ingram & Hindjua, 2008; Moore & McMullan, 2009; Morris & Higgins, 2009; Smallridge & Roberts, 2013) or those who market DDoS attack services (Hutchings & Clayton, 2016). Indeed, the present body of literature has clearly evolved to examine hackers and other types of computer criminals using techniques of neutralization as a framework, but it has not delved deeply into specifically examining the neutralizations of hacktivists. Hacktivists are known to employ the same tactics as hackers such as website defacement, launching DDoS attacks, theft of information, or sabotage, yet, they use these tactics for political or social reasons, whether it be promoting a social cause, addressing some form of injustice, or revealing abuses of power (Karanasiou, 2014). Thus, the current study attempts to broaden the existing framework by examining hacktivists and by using qualitative methods to provide greater explanatory power of the neutralizations that may be used among them.

The existing research demonstrates that hackers, virus writers, and digital pirates, among other computer criminals, use various neutralizations. For example, Turgeman-Goldschmidt (2009) conducted 54 in-depth, unstructured interviews from 1998 to 1999 with Israeli hackers who engaged in crimes, such as software piracy, hacking into computer accounts, distributing viruses or DDOS attacks, and phone phreaking, and found the use of five different neutralizing techniques. Many hackers believed issuing a computer virus harbored no ill will or malicious intent [denial of injury] and that among those who stole and download information, hackers did not believe any real damage was caused. Denial of the victim also came into play as many hackers viewed Microsoft as the enemy and one who deserved to be attacked. They similarly condemned their condemners, such as Microsoft and other software giants, who were viewed as the “‘real’ criminals of the computer world” (Turgeman-Goldschmit, 2009, p. 327). Evidence of appeal to higher loyalties was found in a different sense where it was tied to a hacker’s desire for freedom of information. Additionally, the neutralization, self-fulfillment, identified by Scott and Lyman (1968) was used by hackers to express the sense of joy, thrill, and excitement that hacking provided them. Interestingly, the Israeli hackers did not use the technique denial of responsibility; however, Walkley’s (2005) research on Internet fraudsters yielded the most support for denial of responsibility, but very little support for the others.

Chua and Holt (2016) filled yet another research gap by taking not only a comparative approach that involved distributing a self-report survey to a sample of 713 students in the United States, Taiwan, and South Africa, but also focused on those who created and distributed malicious software. The authors found that denial of injury, denial of responsibility, and appeal to higher loyalties correlated with simplistic hacking behaviors as well as the creation of malware or distribution of malware to intentionally harm another’s computer.

In contrast, the research on digital piracy is somewhat more abundant, but mixed results abound. On one hand, Morris and Higgins (2009) found a moderate level of support among digital pirates (i.e., college students) using neutralizations, yet their study revealed stronger support where retrospective neutralizations appeared more often than prospective ones. Hindjua (2007) cited weak support for neutralizing techniques among online software pirating college students, yet Ingram and Hindjua (2008) described that neutralizations such as denial of responsibility, denial of injury, denial of the victim, and appeal to higher loyalties were employed among college students who engaged in online music piracy. This was true for Moore and McMullan (2009), who also noted that among college students who shared files via peer to peer networks, the most commonly used neutralizations were denial of injury and denial of the victim. When examining music, movie, software, and gaming piracy, Smallridge and Roberts (2013) found mixed support for some neutralizations such as a s metaphor of the ledger, condemnation of the condemners, claim of future patronage, and denial of responsibility, but found stronger support for defense of necessity, appeal to higher loyalties, the claim of normality, and digital rights management software defiance, a new neutralization that was found mostly among gaming pirates.

Aside from digital piracy, which is seen as a low-skill computer crime, Hutchings and Clayton (2016) narrowed in on the neutralizing techniques among a small surveyed group of individuals who operated or used booter services, which provided customers with DDoS attacks against targets of their choosing. They found that most neutralized their actions with the claim that they were motivated by the provision of stressor tests for networks and were therefore contributing to the common good of improving network security. This motivation of “the common good” was then interpreted by Hutchings and Clayton as an appeal to higher loyalties.


Anonymous originated from the 4chan image board known as /b/, where users simply posted under the name “Anonymous.” To some, defining Anonymous borders on the absurd, much like trying to pin down a cloud (Coleman, 2014). In many ways, it may be easier to define what it is not. For one, not all users of /b/ or 4chan, for that matter, can be labeled as members of Anonymous. And for those who have participated in Anonymous operations, not all of them claim to be hackers or hacktivists. Second, add to this the complexity of understanding the sheer number of Anons. Coleman (2012) states that participation in Anonymous is fluid, and membership is global, so it is difficult to identify an exact number. Third, there is no hierarchy or leader, and by all means, the group is not a united front. Last, while the group is comprised of an assortment of members, ranging from hackers and human rights advocates to geeks, not all of them engage in illicit activities. On the other hand, others have caused real damage and have been charged with violating federal computer protection laws.

What is better understood is that prior to the move to Internet relay chats (IRCs)7 for Anonymous communications, 4chan initially provided the necessary platform to hold world-wide assemblies. Even though /b/ board is most widely known for seedy mischief and lulz, some trolling attacks evolved into taking political and social action by way of the Internet or in-person protest (Coleman, 2012). It is also important to recognize that not all operations have involved illegal activity; some were certainly legal and other activity drifted into legally gray areas (Coleman, 2014). Nonetheless, conversations through chats and memes8 made many Anons come to the realization that as a collective, they are disenfranchised with the government and the corporate elite, a sentiment that has been echoed by other online activists before Anonymous garnered so much attention (see Jordan & Taylor, 2004). Many pride themselves on exposing the truth and for protecting free speech (Penny, 2011). This has been demonstrated via numerous operations over the years following the group’s first steps into online activism. The list of such operations is substantial and may continue exponentially into the future. For the purposes of this paper, however, only operations from which data was collected for this study are described in the following section.9

Anonymous operations

Roughly two years after Project Chanology, the next major campaign under the banner of Anonymous began in September 2010 after The Pirate Bay, a file-sharing website, was brought down by a DDoS attack. Anonymous claimed that the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) hired Aiplex Software, an Indian firm often employed by the film industry to use DDoS actions against file-sharing websites (Grubb, 2010), to carry out the attack (Sauter, 2014). The MPAA and RIAA are the major trade organizations representing the American content industry and have a history of opposing file-sharing websites, like The Pirate Bay, by initiating law suits against both users and providers. Sauter (2014) explains that the organizations’ actions were not only viewed by Anonymous as a threat to freedom of information and sharing on the Internet, but also as a form of hypocrisy and abuse of corporate power. The group argued that while DDoS tactics were used against The Pirate Bay without penalty, Anonymous members had been convicted for using the same methods against the Church of Scientology. Though it is unclear whether Aiplex was actually hired by the MPAA and RIAA, Anonymous nonetheless perpetuated and used this narrative to launch a collective DDoS campaign against anti-piracy organizations as part of Operation Payback (Coleman, 2014; Sauter, 2014). The websites of the RIAA, the MPAA, the International Federation of Phonographic Industry, Aiplex, and a British law firm, ACS: Law, were all taken offline for various lengths of time (Coleman, 2014).

In November of the same year, WikiLeaks, a prominent whistle-blowing website founded by Julian Assange, published 220 of 251,287 classified U.S. diplomatic cables that were obtained and fully leaked the rest to various news organizations (Coleman, 2014; Leigh, 2010). The disclosures revealed a multitude of sensitive details, such as questionable U.S. intelligence gathering methods, candid discussions between U.S. diplomats regarding foreign leaders, and U.S. criminal dealings with corrupt foreign officials (Coleman, 2014). After the U.S. government condemned the acts of WikiLeaks (Shane & Lehren, 2010), PayPal and several other financial corporations buckled under political pressure and refused to process donations to the website (Coleman, 2014). Members of Anonymous considered WikiLeaks’ mission of providing truth to the public (WikiLeaks, 2011) to be in alignment with their own values and goals and were incensed by the backlash. Viewing this treatment of the website as a form of censorship, the group launched Operation Avenge Assange in December as the second stage of Operation Payback (Coleman, 2014). Thousands of participants downloaded and used Low Orbit Ion Cannon (LOIC)10 software to contribute to the DDoS campaign against the websites of not just financial companies like PayPal and Mastercard, but any other parties that acted against or criticized WikiLeaks (Coleman, 2014; Mansfield-Devine, 2011a). As a result, several of the targeted websites experienced downtime and service outages (Sauter, 2014).

While Anonymous was being investigated for the Operation Payback attacks, Aaron Barr, the CEO of the computer security firm HBGary Federal, publicly boasted in 2011 that he had infiltrated the organization, identified key members of the group, and planned to expose them (Dysart, 2011). Anonymous mocked Barr’s inaccurate claims and decided to teach him a lesson by hijacking his Twitter account and using it to post offensive comments and his personal details (Wisniewski, 2011). The group next hacked into the HBGary Federal website and its email servers. The website was defaced to taunt the security company’s failure to protect its own network, employee passwords were changed, a large amount of data was wiped, and over 70,000 private company emails were downloaded and published (Coleman, 2014; Dysart, 2011; Zetter, 2011).

A few months later, the Anonymous offshoot group LulzSec11 initiated a mayhem-filled hacking campaign that included publicly exposing security vulnerabilities of companies entrusted with personal information (Coleman, 2014). In one such operation, the group gained access to the computer systems of Sony Pictures in 2011 through an SQL injection12 attack on the company’s website and subsequently published the confidential data of thousands of Sony customers (Broadhurst, Grabosky, Alazab, & Chon, 2014). LulzSec mocked Sony for its website’s vulnerability to rudimentary attacks and the company’s poor security practices regarding customer information (Albanesius, 2011).

After disbanding in June 2011, LulzSec became AntiSec when the motive of sowing chaos shifted toward a more serious hacktivist stance while cooperating with Anonymous in Operation AntiSec (Coleman, 2014). Mansfield-Devine (2011b) states that the group “focused on alerting the world to security weaknesses – particularly on the part of government entities and corporates – and what AntiSec [saw] as dishonesty and ineffectiveness on the part of the information security industry” (p. 5). The group set its sights on the global intelligence firm Strategic Forecasting, Inc., or Stratfor, as a major target for potential exposure. By late 2011, according to Coleman (2014), AntiSec had infiltrated Stratfor and downloaded nearly five million company emails, collected over 50,000 credit card numbers−30,000 of which were used in attempts to make various donations, wiped entire data servers, and eventually leaked both the emails and credit card numbers.

In the following year, 2012, a sexual assault case in Steubenville, Ohio drew the attention of Anonymous. Two high school students were facing trial for the rape of their classmate and there was suspicion that that the juvenile suspects were being protected by the town due to their status as football players (Kushner, 2013). Named after the slogan on the school’s sports website, Operation RollRedRoll was initiated to seek justice for the victim (Vaas, 2013). It began with the release of an ominous video that threatened to dox13 all parties complicit in protecting the accused athletes unless the suspects came forward and publicly apologized to the victim (Kushner, 2013). The school’s sports website was hacked and defaced with the Op RollRedRoll video, rallies were organized outside the Steubenville courthouse, and incriminating social media evidence that had been previously overlooked by police was gathered and publicized (Kushner, 2013; Vaas, 2013). Both suspects were later convicted for the rape (Vaas, 2013).

Acting on behalf of another individual, Anonymous commenced an additional operation between 2012 and 2013. Aaron Swartz, a renowned hacktivist and proponent of free information, committed suicide when he was faced with a hefty fine and 35 years in prison for allegedly downloading a large number of academic journal articles (Coleman, 2014). Viewing Swartz’s death as a line that had been crossed, Anonymous launched Operation Last Resort against federal websites. The group specifically hijacked the website of the U.S. Sentencing Commission (USSC) and defaced it with a video in which they expressed anger over the arrests and disproportionate sentencing of hacktivists. The message called for a reform of what the group considered to be overly broad and outdated computer legislation that is abused by prosecutors, a reform of computer crime sentencing to make punishment proportional to the harm done, and a governmental commitment to the freedom of information on the Internet (Aarons ArkAngel, 2013). Anonymous also transformed the website into an interactive video game at one point (Blue, 2013) and exploited flaws in Adobe’s Coldfusion software to infiltrate multiple U.S. government systems, including those of the U.S. Army and U.S. Missile Defense Agency, from which they stole vast amounts of personal and intelligence data (Department of Justice, 2013). The group threatened to disclose the obtained government information if their demands were not met.


The methodology employed in this study consisted of three phases. First, a list of Anonymous operations that took place against targets in the United States and individuals affiliated with each operation was created. Publicly available information was gathered from a variety of Internet sources (i.e., online newspapers, websites, LexisNexis, etc.) using open source intelligence techniques (Bazzell, 2016). Because the information was publicly available and did not involve human participants, internal review was not required. Arrest information was also obtained from the U.S. Department of Justice’s news release website, which explicitly named the alleged offenders who were charged. Sources from online news websites that publicized the trials or cases were also downloaded and systematically reviewed regarding the types of offense(s) for which each participant in each Anonymous operation was charged, and if known, the sentence that was issued post-conviction. Demographic information such as age, gender, and state or country of residence, was obtained if available. All gathered information was placed into a database.

The initial challenge with this study was identifying and obtaining information from actual Anonymous participants. After all, these individuals are often able to escape identification and, as reiterated by Coleman (2012), no one can really calculate the number of participants for any given operation. Given the complexities of “sampling” true Anonymous participants, the best method for the purpose of this study was to trace and identify Anonymous participants by way of publicly available documents (e.g., news stories, U.S. federal indictment news releases, or video media) on the Internet in which the participant had been named. The limitation of such a method is forthright and recognizable. That is, the results may be skewed by including only those who were found to be linked to these operations, yet this method was determined to be the best alternative to identify “real” and “genuine” participants who would have otherwise remained “anonymous.”

The first phase of the study yielded a list of 47 members, who participated in one or more Anonymous operations, over the time period of 2008-2013. The average age and median age of participants in these Anonymous operations was 26. The youngest member was a minor (age 16), but because minors are a protected population, and further information was unattainable, the youngest in this study was 18. In contrast, the oldest member of Anonymous was 65. In terms of gender, the majority were male (95.7%, n=45). As expected, there was no real geographic pattern regarding where participants lived. Eleven lived in the United Kingdom and the remainder were from the United States. Among those who lived in the United States, at least four of them resided in California, four resided in New York, and the remaining individuals lived in seventeen different states.

Thirty-six participants in the United States were charged with intentionally damaging a protected computer (18 U.S.C. § 1030(a)(5)) and in a few cases some were additionally charged with conspiracy (18 U.S.C. § 371). The remaining individuals were arrested and charged in United Kingdom. In the majority of cases in the United States, a plea deal was made and not all resulted in federal incarceration. For example, after pleading guilty, charges were reduced for 11 of the 14 individuals who participated in Operation PayPal/Avenge Assange, with most of them paying $5,600 in fines and serving probation. Only a few were penalized with serving time in federal prison, ranging from one year to ten years.

Using the list of participants in Anonymous operations, the second phase of the study involved scouring the Internet for all comments that each individual made publicly about these operations and their involvement. Again, open source intelligence techniques were used to glean data from online news articles, video interviews, documentaries, and other forms of publicly accessible content. Only relevant quotes and text communications made by participants about the operations were copied verbatim and pasted into a document file. In the cases of video sources, the audio content was transcribed and placed into the same document file. If the quotes exceeded the scope of the study by not involving any reference to Anonymous or an Anonymous operation, it was excluded. The web address or media source where the content was located or recorded was entered into the document file as well.

During this phase, passages were found for 31 (66%) of the 47 Anonymous operation participants. With that said, this process yielded over 55 pages of relevant and pre-selected text and over 13,000 words for analysis. The majority of retrieved text was generated by very outspoken individuals involved in HB Gary and Stratfor. Smaller amounts of text, albeit still meaningful, were found for those who participated in Project Chanology, RollRedRoll, and Operation Sony.

Latent coding marked the third phase of the study (Neuendorf, 2017) using a document file where all passages were assigned alpha and numerical identifiers. To begin, coding involved using Sykes and Matza’s (1957) five techniques of neutralization (i.e., the denial of responsibility, the denial of injury, the denial of the victim, the condemnation of the condemners, and the appeal to higher loyalties), in addition to other pre-defined neutralizations such as the defense of necessity (Minor, 1981), diffusion of guilt (Coleman, 1989), justification by comparison (Cromwell & Thurman, 2003), postponement (Cromwell & Thurman, 2003), metaphor of the ledger (Klockars, 1974), claim of normality (Henry, 1978), denial of negative intent (Moss, 1989), and the claim of relative acceptability (Moss, 1989). There were several passages that were deemed as “non-neutralizations” or not germane to the purpose of the study. For example, one hacker remarked, “The day my indictment went public my name trended on Twitter." Such text was not indicative of any neutralizing techniques and was coded as a “99.” Moreover, the coders marked certain passages as a “98” if there was some evidence that the statement contained a neutralization, but for which there was no neutralization code. Among these passages, the theme of moral high ground and protest took shape, and from that point forward such passages were coded as a “14.”

With any content analysis, validity and reliability are always a major concern. To strengthen the coding process, an iterative process of coding and recoding was used among three coders. Training for each of the coders involved a thorough review of each neutralization and its meaning. A small sub-set of the document file was selected (about 20 passages) and coded by each researcher to pre-test the coding process. The coders met to assess how passages were coded, which warranted further discussion about the interpretation of each neutralization (the initial inter-rater reliability coefficient using Krippendorff’s alpha was a .80). For instance, key words and phrases were discussed as ways to more definitively identify certain neutralizations over others. Then, the document file was split in half and each of the researchers coded all of the passages independently. Several meetings were arranged to discuss and compare the passages of coded text. In some cases, disparities of the coded text were reconciled or a consensus was reached about the type of neutralization that was expressed in the text. Coding and analysis continued until the point of saturation (Strauss & Corbin, 1988). Krippendorff’s alpha was used to calculate inter-coder reliability for all the passages (including those not germane to the study), which yielded a reliability coefficient of .94 (Krippendorff, 2004). In addition, Krippendorff’s alpha was calculated for just the passages containing neutralizations, resulting in a reliability coefficient of .92.

One final step was employed to ensure correct coding. All passages that represented a particular neutralization were copied and pasted into a separate document file. For example, all quotes and phrases that were coded as “condemnation of the condemners” were grouped separately into one document, then all quotes and phrases that were coded as “denial of responsibility” were copied into another, etc., allowing the researchers to compare and determine whether each passage clearly represented that neutralization technique. This was an additional layer of the process to assess validity and internal consistency and proved to be a very valuable final check of the assigned codes.


With a few exceptions, Sykes and Matza’s (1957) five neutralizing techniques were most evident in this study. Over 13,000 words were analyzed, and of the 381 passages, roughly 62% of passages contained some type of neutralizing statement, whereas 38% of passages were coded as containing no neutralization or as not germane to the study. Among the 238 passages and phrases of neutralizations, condemnation of the condemners accounted for most of the coded passages, followed by appeal to a higher moral principle, and denial of the victim. Appeal to higher loyalties, “other” neutralizations, denial of responsibility, and denial of injury comprised the remaining most common neutralizations used by participants in Anonymous operations.

There were fewer neutralizations such as justification by comparison, postponement, metaphor of the ledger, claim of normality, and claim of relative acceptability, ranging from 3.7% to .4% of passages. Of the 31 participants in Anonymous operations, for which text and passages could be found, 84% made some type of neutralizing statement.

Condemnation of the condemners

Participants in Anonymous operations were most likely to neutralize their behavior by using the condemnation of the condemners technique (26%, n=62). In several cases, participants in Anonymous operations deflected blame by focusing on the injustices carried out by law enforcement officials. One individual commented,

Should police, having obtained a reason to acquire information but lacking any overt evidence of criminality sufficient to bring prosecution, be allowed to withhold private data?

Another participant, who was involved in Stratfor, listed several reasons pertaining to the injustices of not only law enforcement, but of the military and security firms.

I targeted law enforcement systems because of the racism and inequality with which the criminal law is enforced. I targeted the manufacturers and distributors of military and police equipment who profit from weaponry used to advance U.S. political and economic interests abroad and to repress people at home. I targeted information security firms because they work in secret to protect government and corporate interests at the expense of individual rights, undermining and discrediting activists, journalists and other truth seekers, and spreading disinformation.

One participant expressed disdain for the government, turning the blame away from himself to the wrongful act committed by the government instead.

My government used a DDoS attack against servers I owned, and then convicted me of conducted DDoS attacks.

Appeal to a higher moral principle

The second most common neutralization used by participants in Anonymous operations was not one created by Sykes and Matza in 1957, but by Liddick (2013), known as appeal to a higher moral principle. Liddick found this neutralizing technique among communications by animal rights activists. Among those who adopt this neutralization, “in certain situations, manmade law is superseded by a higher moral principle” (Liddick, 2013, p. 628). Liddick remarked that this ties into ideology, and for the present study, it can be argued that hacktivists may follow their own set of ideological values. Hacktivists see the act as having a deeper meaning and purpose to achieve some political goal or end (Jordan & Taylor, 2004; Kopstein, 2013). To them, the act is altruistic in nature even if it means launching DDoS attacks, defacing a website, or publishing classified government documents. As Penny (2011) asserts, “… one person’s cyberterrorist is another person’s digital freedom fighter, and for many, that’s precisely what hacktivists are” (p. 3).

In the early stages of the coding process, these passages were originally identified as 14s for which there was no preset code. The common denominator was that these expressions contained the theme of righteousness, morality, and moral high ground. Once the coding process was complete, it became clear that these passages reflected the sentiment of appeal to a higher moral principle by Liddick (2013). Yet, adopting this neutralization had to be reconciled with the neutralization, appeal to a higher loyalty. Looking back at Sykes and Matza’s (1957) work, appeal to a higher loyalty was referenced as “scarifying the demands of the larger society for the demands of the small social group to which the delinquent belongs such as the sibling pair, the gang, or the friendship clique” (p. 669). For the delinquent, the resolution of this dilemma between the dominant normative system to the norms of one’s friendship group, are met by siding with the friend or buddy. Whereas here, the neutralization being made by Anonymous participants were uniquely describing a higher call or sense of duty, not necessarily devotion to one’s peer-group or even to the group Anonymous, for that matter. In sum, 14% (n=33) of the neutralizations conveyed this principle as shown in the following excerpts. 

Would I do it again? And, honestly after thinking about it, I felt that I did what was right. I had a belief, I still do, that what I did was the right thing, and hopefully someone got some good out of it.

Now that I have pleaded guilty it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites. Those others included military and police equipment suppliers, private intelligence and information security firms, and law enforcement agencies. I did this because I believe people have a right to know what governments and corporations are doing behind closed doors. I did what I believe is right.

Though misguided, I truly acted out of a hope to live in a world less fraught with violence and war.

Among the passages that embodied the spirit of appealing to a higher moral principle, there are two subthemes that also emerged. That is, some of the participants in Anonymous operations framed their behavior as online protest or civil disobedience.

All I did was leave the LOIC [Low Orbit Ion Cannon] software running on my computer because I viewed it as a way of ‘donating’ to support the cause that I believed in, which was protesting against Visa, MasterCard, and PayPal for the unjustified—and ultimately ruled illegal in Icelandic court—financial blockade of WikiLeaks.

I was on the Internet, reading the news. I saw something about PayPal shutting down payments to Wikileaks, and I clicked on some other site and joined a protest. And next thing I knew, my house was surrounded by guns.

[I] chose to participate in a mass online protest run under the guise of Anonymous—which is not a group, it’s just an idea—in which thousands of people on the Internet agreed and organized to protest in defense of freedom of speech and freedom of information.

I broke the law, but if you look at history, there’s a place for civil disobedience … My civil disobedience was for the greater good, for transparency; the government was not being truthful, the leaks showed, and so I felt compelled to maintain moral integrity by taking action.

Yes I broke the law, but I believe that sometimes laws must be broken in order to make room for change.

Denial of the victim

Almost 12% (n=27) of neutralizations were indicative of the technique, denial of the victim. Following the original work of Sykes and Matza (1957), responsibility is accepted for the actions taken and the harm caused, but neutralization occurs through the insistence that the injury is not wrong and is instead a form of rightful punishment dealt to a deserving target. For participants in Anonymous operations, the same line of thinking is evident. The victim, whether it was a global intelligence corporation, such as Stratfor, deserved the harm that was inflicted.

I spent some time researching Stratfor and reviewing the information we were given, and decided that their activities and client base made them a deserving target.

It was further observed that the technique allowed a participant to move “into the position of an avenger and the victim is transformed into a wrong-doer” (Sykes & Matza, 1957, p. 668). Here, participants neutralized the harm of their actions by viewing and presenting themselves as seekers of justice outside of the law.

I am happy with what I was part of because I helped stand up to a bully.

Like I said, they incriminated themselves. There’s clear-cut evidence and a jury of their peers is what they are entitled to. And are we not their peers?

Interestingly, even a member of LulzSec justified the prankish group’s activities with the purpose of punishing targets for what they considered to be wrong-doing.

I think what was more important, for Lulzsec at least, was showing the world how these major corporations weren’t following basic security.

The appeal to higher loyalties

The fourth most common neutralization in the dataset was appeal to higher loyalties (8.5%, n=20). First, it must be noted that while this neutralization has sometimes been interpreted to include morality or the common good (Hutchings & Clayton, 2016), the interpretation within this study strictly adhered to Sykes and Matza’s (1957) original definition of appeal to higher loyalties. That being said, the researchers expected to find more evidence where participants justified their behavior as part of their devotion and allegiance to Anonymous. However, it became clear that this was not the case. In fact, Anonymous solely served as the vehicle in which to carry out the act. For instance, one participant in Operation Sony remarked,

When your friend asks you to do something, saying he needs your help, and he offers, ‘You want to be as good as me? This is the way to do it,’ younger self is more than accepting of those terms. Younger stupid self is happy to oblige.

Another participant more explicitly expressed higher loyalty to Anonymous. Again, this was not common among the passages that were analyzed.

We [Lulzsec] actually started because one of the hacks ... and it was a security company [HBGary] and they threatened to attack Anonymous, or release information relating to Anonymous members, and I got upset.

Other neutralizations

During the coding process, several passages were identified as containing some type of neutralizing statement, but that did not fit any of the original preset codes. Among these passages three themes were evident but not overwhelmingly abundant. These are not statements that justified the behavior per se, but certainly seem like an attempt to diminish culpability.

The first theme was among a set of expressions in which the individual did not view themselves as a criminal or deviant, but as a normal everyday citizen. It may have been that the participant was experiencing some type of cognitive dissonance once they were formally charged with criminal hacking.

I'm normal. I have a garden, I'm a person.

They pulled me out and said, ‘We’re looking for anti-American propaganda’ ... I was like, ‘You’re in Kentucky! I live on a farm and drink Bud Light!’

The second theme among these general neutralizing statements pertained to the idea of becoming involved in the act and reaching a point from which there was no stopping or turning back.

But there’s a point where you’re past the point of no return.

After you're hacking for so long you reach a point of no return. Regardless if you fear that they're gonna get you one day, it's too late.

Last, participation in the Anonymous operation was depicted as some form of excitement or like a game. This finding was very similar to one of Turgeman-Goldschmidt’s (2005, 2009) findings involving Israeli hackers, many of whom were involved in behaviors such as software piracy, virus writing and distribution, stealing credit card information, and phone phreaking. Turgeman-Goldschmidt labeled these neutralizations as self-fulfillment and described how these hackers spoke freely about how computer crimes provided them with genuine excitement and enthusiasm. It is important to note that self-fulfillment as a neutralization stemmed from the work of Scott and Lyman (1968) involving LSD users who regarded their drug use as expansion of the mind and homosexuals who regarded their existence as part of an enlightened experience to become a more complete person.

I wouldn’t use the term ‘joyride' ... I’d be lying if I said it wasn’t exciting. As a kid, if you’re with computers, you think it’d be really cool to be a super-cool hacker …

It was sort of like solving a puzzle or problem-solving. You find that you complete the problem and you do get quite a sense of achievement.

Denial of responsibility

Denial of responsibility was not a common neutralizing technique (5.4%, n=13). As shown earlier, most participants explicitly denounced the actions of those they were hacking. Conversely, there were a few participants who claimed no wrong-doing or involvement. However, diminishing and denying culpability may have come after the act and as a way for the participant to avoid prosecution. For instance, one participant in Operation Payback remarked,

I left this software running in the background on my computer at my off-campus home at UConn as I went to class throughout the day and largely had little to no interaction with how things went down. I allowed others to control my computer for me and specify targets during that time, and that was all I provided.

An Operation Sony participant minimized his contributions by denying that his role involved anything beyond gaining server access and passing it along.

… and once I got in I didn’t really care for the server. I never maintained access. I just passed the shells on to someone else and let them do whatever they want with it.

The Stratfor hack involved a participant who also avoided disapproval by claiming ignorance.

I never knew those [credit card] numbers were in there. It’s very clear from the transcript [from] the IRC chat that I didn’t know that they were in there.

The denial of injury

In addition to explaining that delinquents may evaluate the wrongfulness of an act by whether anyone was clearly harmed by it, Sykes and Matza (1957) noted that juveniles may neutralize their deviant behavior as simple mischief or pranks. Here too, it can be observed among participants in Anonymous operations. However, this neutralization did not appear as commonly as the others (5.2%, n=12). This is unexpected, as part of the backbone of hacking culture is pulling pranks or doing something “for the lulz.”

… those ccs [credit cards] and financial mayhem is definitely the most lulzy and newsworthy element of this attack.

And at this point I was just a spokesperson, I didn’t actually hack anything, or do anything – it was just jokes and tweets, and a radio show.

One participant appeared to neutralize the wrongfulness of the behavior by viewing it as simply embarrassing targets and not as actual injury to the victims.

[T]he motivation was the ability to use basic technology to embarrass major corporations and people in authority. …

Others denied that they would intentionally harm others through their behavior, or simply denied the injury completely.

I never would even dream of hurting anybody. It’s just not me. I never harmed society …

Additional findings

A unique finding was that there were a few expressions of guilt and remorse by the participant in the operation. Sykes and Matza (1957) point out that “there is a good deal of evidence that many delinquents do experience a sense of guilt or shame, and its outward expression is not to be dismissed as a purely manipulative gesture to appease those in authority” (pp. 664-665). While a number of participants in Anonymous operations were passionate about standing up for what they felt was right and just, there were still those that upon reflection, bemoaned the wrongdoing or acknowledged the harm that was caused to others. A deeper analysis into the subculture may also reveal that these participants are “partially committed to the dominant social order” (Sykes & Matza, 1957, p. 666) and that they follow some patterns of conformity (i.e., drift).

All this [Sony data hacks] is illegal and thinking back to it. ... I do regret a lot of it.

I realize that I released personal information of innocent people who had nothing to do with the operations of the institutions I targeted. I apologize for the release of data that was harmful to individuals irrelevant to my goals. 

Conclusion and discussion

The purpose of this study was to examine the neutralizations used among participants in Anonymous operations against U.S. targets from 2008-2013. The findings suggest that not only did the majority of participants use neutralizing techniques in these operations or suboperations, but that most deflected attention to the wrongfulness of others. By condemning the condemners, such as the police, big business, or the government, participants in Anonymous operations showcased who in their minds was the real villain or wrongdoer. Following the use of this technique, it made sense for the second most common neutralization to be an appeal to a higher moral principle (Liddick, 2013). Here, the present study offers what could be a possible crime-specific neutralization (Sykes & Matza, 1957). Further study is certainly needed, but it could be argued that this neutralization is where the ideology among hacktivists is embedded. Some participants outwardly stated their desire to fight for the common good and to be the vehicles for justice. It became clear that fighting for a cause to better society or to help others was also construed as an act of protest or civil disobedience (Jordan & Taylor, 2004; Karanasiou, 2013) and could be characterized more so as expressive hacking and not criminal hacking (Hampson, 2012). The denial of the victim was the third most common neutralization. This hinges on the previous neutralizations where, to the participant in the operation, the wrongdoing was deserved. Interestingly, there were fewer cases in which participants used neutralizations such as appeal to higher loyalties, denial of responsibility, and denial of injury. Replication of this study using other hacktivist or online activist groups, however, may show otherwise.

The present study is not without limitations. While these passages were primary sources or the spoken word of the participant in an Anonymous operation, passages were extracted from the Internet, documentaries, online news sources, and online magazines, etc. Moreover, the researchers were sometimes unable to determine whether the neutralization occurred before or after the commission of the act. The context of the documentaries and the newspaper interviews suggests that the participant in the Anonymous operation had some time to reflect on the behavior and the pending investigation and charges, which may have altered the original neutralization used when the act was committed. Another related limitation was the inability to find commentary from all operation participants. Again, passages were found for 31 of the 47 (66%) individuals. It is possible that other neutralizations would have surfaced, so the results should be interpreted with some caution.

Neutralization research about hacking and hacktivism is still in its infancy, although the current study attempts to move us forward in grasping at a better view of the cognitive mechanisms used by hacktivists. McQuade (2006) provides unwavering support for its use in studying certain types of cybercrimes, as the lack of physical interaction with the victim allows the offender to become detached and to more easily neutralize his or her actions. He explains that “since they cannot see the Internet or the people who create content, victims, if they are contemplated at all, become faceless entities, computer systems, or perhaps corporations rather than real people whose livelihoods and wellbeing are compromised” (McQuade, 2006, p. 160). Despite the apparent value of this type of research, however, it is important to tread carefully here as a few issues when using a neutralization theory as a framework to examine hackers and hacktivists still need to be considered.

For one, the issue of teasing out the hacker from the hacktivist is not an easy task. As stated by Jordan and Taylor (2004), “it is difficult to identify where hacking ends and hacktivism begins” (p. 2). Not all hackers are hacktivists, so choosing a sample population must be done with considerable care. Online hacktivist groups like Anonymous may appear, disappear, or reappear, adding another layer of complexity to better understanding these groups. For Anonymous, hacktivism peaked with operations from Chanology through the hack of Strafor in December 2011. As the hacks grew larger with each operation, Anonymous gained more attention from the mainstream press, more chatter reverberated on the Internet, and more data was created to analyze in the current study. Anonymous members were energized by the attention, and the call for addressing many forms of injustice ensued until the veil was removed and some members found themselves facing federal computer crime charges. Because social online activism and groups like Anonymous are global, this study also puts forth the importance of examining hacktivists using a comparative approach.

The second issue on the radar is the need to carve out crime-specific neutralizations or in this case, neutralizations that may explain not only hackers but hacktivists. The neutralization, appeal to a higher moral principle, that arose may just be the inauguration of this, yet it implores greater examination and scrutiny. Liddick (2013) in his research on animal rights activists called for this neutralization to be added to the already existing body of neutralization techniques and even mentioned that this technique may be a variation of appeal to a higher loyalty. In pursuit of neutralizations used by hacktivists, this study also calls for turning to socio-political explanations. As stated by Karanasiou (2014), “hacktivism is found to be consistent with the philosophy of civil disobedience” (p. 101) where the intent is to call attention to and repair injustices.

The third issue requiring further investigation, as Maruna and Copes (2005) point out, is that neutralization theory alone cannot fully explain the etiology of criminal behavior. Instead, it offers some understanding of how individuals engage in criminal or deviant acts and how they suppress feelings of resentment or shamefulness in order to continue to commit an illicit act. The case is not fully closed on this issue, however. Liddick (2013) disagrees and suggests that cognitive processes are at work and that neutralization has greater value in explaining crime causation, especially among ideologically based crimes. For example, if animal rights activists follow and are motivated by a certain ideology, then that ideology or set of beliefs sets in motion the appropriate neutralizations before a crime is committed. In this study, the ideology that is swirling around Anonymous, and for many hackers for that matter, is the hacker ethic or perhaps even The Hacker Manifesto written by The Mentor in 1986 (Yar, 2005). Future studies should therefore provide a smaller lens on how ideology may or may not play a role in offending.

Similar to the conclusion brought on by Cromwell and Thurman (2003), this study may not definitively provide any answers as to what causes hacking or hacktivism, but in turn, it sheds light on the process of how a person frees themselves from constraint and a damaged self-concept. Even though the Anonymous movement is currently simmering, acts of hacktivism and online protest are not likely to cease anytime soon. Future research is necessary and narrative approaches or qualitative interviews are favorable along with studies that widen the scope of data to include international targets and ones that develop crime-specific techniques, which potentially hinge on some form of ideology.


Aarons ArkAngel. (2013, January 26). Anonymous operation last resort [Video file]. Retrieved from

Albanesius, C. (2011). Sony LulzSec hack: What you need to know. PC Magazine.

Antonopoulos, G. A., & Winterdyk, J. A. (2005). Techniques of neutralizing the trafficking of women: A case study of an active trafficker in Greece. European Journal of Crime, Criminal Law & Criminal Justice, 13(2), 136-147.

Barkham, P. (2008, February 4). Hackers declare war on Scientologists amid claims of heavy-handed Cruise control. The Guardian.

Bazzell, M. (2016). Open source intelligence techniques (5th ed.). Lexington, KY: Michael Bazzell.

Blue, V. (2013). Feds stumbling after Anonymous launches ‘operation last resort’. ZDNet.

Broadhurst, R., Grabosky, P., Alazab, M., & Chon, S. (2014). Organizations and cyber crime: An analysis of the nature of groups engaged in cyber crime. International Journal of Cyber Criminology, 8(1), 1-20.

Byers, B., Crider, B. W., & Biggers, G. K. (1999). Bias crime motivation: A study of hate crime and offender neutralization techniques used against the Amish. Journal of Contemporary Criminal Justice, 15, 78-96.

Chua, Y. T., & Holt, T. J. (2016). A cross national examination of the techniques of neutralization to account for hacking behaviors. Victims & Offenders, 11, 534-555.

Clifford, R. D. (2011). Cybercrime: The investigation, prosecution and defense of a computer-related crime. Durham, North Carolina: Carolina Academic Press.

Coleman, G. (2011). Hacker politics and publics. Public Culture, 23(3), 511-516.

Coleman, G. (2012, January). Our weirdness is free, The logic of Anonymous—Online army, agent of chaos, and seeker of justice. Triple Canopy.

Coleman, G. (2014). Hacker, hoaxer, whistleblower, spy: The many faces of Anonymous. Brooklyn, NY: Verso.

Coleman, J. W. (1989). The criminal elite: The sociology of white collar crime. New York: St. Martin’s Press.

Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030

Conspiracy to Commit Offense or to Defraud United States, 18 U.S.C. § 371

Copes, H. (2003). Societal attachments, offending frequency, and techniques of neutralization. Deviant Behavior: An Interdisciplinary Journal 24(2), 101-127.

Copes, H., & Vieraitis, L. M. (2012). Identity thieves: Motives and methods. Lebanon, NH: Northeastern University Press.

Copes, H., Vieraitis, L., & Jochum, J. M. (2007). Bridging the gap between research and practice: How neutralization theory can inform Reid interrogations of identify thieves. Journal of Criminal Justice Education, 18(3), 444-459.

Cromwell, P., & Thurman, Q. (2003). The devil made me do it: Use of neutralizations by shoplifters. Deviant Behavior, 24, 535-550.

Department of Justice. (2013). Alleged hacker indicted in New Jersey for data breach conspiracy targeting government agency networks. The United States Attorney’s Office: District of New Jersey.

Dibbell, J. (2009, Sept. 21). The assclown offensive: How to enrage the Church of Scientology. Wired.

Doyle, C. (2014, October). Cybercrime: An overview of the Federal Computer Fraud and Abuse Statute and related federal criminal laws. Congressional Research Service.

Dysart, J. (2011, December). The hacktivists: Web vigilantes net attention, outrage and access to your data. Retrieved from n_outrage_and_access

Grubb, B. (2010). Film industry hires cyber hitmen to take down internet pirates. The Sydney Morning Herald.

Halbert, D. (1997). Discourses of danger and the computer hacker. The Information Society, 13, 361-374.

Hampson, N. C. N. (2012). Hacktivism: A new breed of protest in a networked world. Boston College International and Comparative Law Review, 35(2), 511-542.

Henry, S. (1978). The hidden economy. Oxford: Martin Robertson.

Hindelang, M. J. (1970). The commitment of delinquents to their misdeeds: Do delinquents drift? Social Problems, 17, 502-509.

Hindjua, S. (2007). Neutralization theory and online software piracy: An empirical analysis. Ethics and Information Technology, 9(3), 187-204.

Hirschi, T. (1969). Causes of delinquency. Berkeley: University of California Press.

Holt, T. J. (2007). Subcultural evolution? Examining the influence of on- and off-line experiences on deviant subcultures. Deviant Behavior, 28(2), 171-198.

Holt, T. J. (2010). Examining the role of technology in the formation of deviant subcultures. Social Science Computer Review, 28(4), 466-481.

Holt, T., & Copes, H. (2010). Transferring subcultural knowledge on-line: Practices and beliefs of persistent digital pirates. Deviant Behavior, 31(7), 625-654.

Hutchings, A., & Clayton, R. (2016). Exploring the provision of online booter services. Deviant Behavior, 37(10), 1163-1178.

Ingram, J. R., & Hindjua, S. (2008). Neutralizing music piracy: An empirical examination. Deviant Behavior, 29(4), 334-366.

Jacobsen, J. (n.d.). We are legion: Anonymous and the war on Scientology. Retrieved from

Jordan, T., & Taylor, P.A. (2004). Hacktivism and cyberwars: Rebels with a cause? London, Routledge.

Karanasiou, A. P. (2013). The changing face of protests in the digital age: On occupying cyberspace and Distributed-Denial-of-Service (DDoS) attacks. International Review of Law, Computers, & Technology, 28(1), 98-113.

Kaspersky Lab. (2018). What is SQL injection? Kaspersky Lab.

Klockars, C. B. (1974). The professional fence. New York, NY: The Free Press.

Kopstein, J. (2013, November 21). Hacker with a cause. The New Yorker.

Krippendorff, K. (2004). Content analysis: An introduction to its methodology. Thousand Oaks, CA: Sage.

Kushner, D. (2013). Anonymous vs. Steubenville. Rolling Stone.

Kushner, D. (2014, September 8). The masked avengers: How Anonymous incited online vigilantism from Tunisia to Ferguson. The New Yorker.

Leigh, D. (2010). How 250,000 US embassy cables were leaked. The Guardian.

Levy, S. (1984). Hackers: Heroes of the computer revolution. New York: Doubleday.

Liddick, D. (2013). Techniques of neutralization and animal rights activists. Deviant Behavior, 34(8), 618-634.

Maruna, S., & Copes, H. (2005). What have we learned from five decades of neutralization research? Crime and Justice, 32, 221-320.

Mansfield-Devine, S. (2011a). Anonymous: Serious threat or mere annoyance? Network Security, 2011(1), 4-10.

Mansfield-Devine, S. (2011b). Hacktivism: Assessing the damage. Network Security, 2011(8), 5-13.

McQuade, S. C., III. (2006). Understanding and managing cybercrime. Boston, MA: Pearson.

Microsoft. (2017). Flooder:Java/loic. Windows Defender Security Intelligence.

Minor, W. W. (1981). Techniques of neutralization: A reconceptualization and empirical examination. Journal of Research in Crime and Delinquency, 18(2), 295-318.

Moore, R., & McMullan, E. C. (2009). Neutralization and rationalizations of digital piracy: A qualitative analysis of university students. International Journal of Cyber Criminology, 3(1), 441-451.

Morris, R. G., & Higgins, G. E. (2009). Neutralizing potential and self-reported digital piracy: A multitheoretical exploration among college undergraduates. Criminal Justice Review, 34(2), 173-195.

Moss, L. (1989). Guns and bottle rockets. In Henry, S. (Ed.). Degrees of deviance: Student accounts of their deviant behavior. Aldershot, England: Avebury.

Neuendorf, K. A. (2017). The content analysis guidebook. Thousand Oaks, CA: Sage.

Oikarinen, J., & Reed, D. (1993). Internet relay chat protocol. RFC 1459.

Penny, L. (2011, October). Rise of the digital natives: How the battle for the internet politicized prankster cybercollectives like Anonymous. The Nation, 18, 20-22.

Piquero, N. L., Tibbetts, S. G., & Blankenship, M. B. (2005). Examining the role of differential association and techniques of neutralization in explaining corporate crime. Deviant Behavior, 26, 159-188.

Rogers, K. (2019). Meme: Cultural concept. Encyclopædia Britannica.

Rogers, M. K. (2006). The development of a meaningful hacker taxonomy: A two dimensional approach. Digital Investigations, 3, 97-102.

Sauter, M. (2014). The coming swarm: DDOS actions, hacktivism, and civil disobedience on the internet. New York, NY: Bloomsbury Academic.

Scott, M. B., & Lyman, S. M. (1968). Accounts. American Sociological Review, 33, 46-62.

Shane, S., & Lehren, A. W. (2010). Leaked cables offer raw look at U.S. diplomacy. The New York Times.

Smallridge, J. L., & Roberts, J. R. (2013). Crime specific neutralizations: An empirical examination of four types of digital piracy. International Journal of Cyber Criminology, 7(2), 125-140.

Steinmetz, K. F. (2015). Becoming a hacker: Demographic characteristics and developmental factors. Journal of Qualitative Criminal Justice & Criminology, 3(1), 31-60.

Strauss, A., & Corbin, J. (1998). Basics of qualitative research techniques and procedures for developing grounded theory. London: Sage.

Sykes, G. M., & Matza, D. (1957). Techniques of neutralization. American Sociological Review, 22, 664-670.

Tuma, S. E. (2011). What does CFAA mean and why should I care?" - A primer on the Computer Fraud and Abuse Act for civil litigators. South Carolina Law Review, 63(1), 141-172.

Turgeman-Goldschmidt, O. (2005). Hackers’ accounts: Hacking as a social entertainment. Social Science Computer Review, 23(8), 8-23.

Turgeman-Goldschmidt, O. (2009). The rhetoric of hackers’ neutralizations. In F. Schamalleger & M. Pittaro’s (Eds.), Crimes of the internet (pp. 317-335).

Vaas, L. (2013). Hacker who helped to expose Steubenville attack could face more prison time than rapists. Naked Security.

Walkley, S. (2005). Regulating cyberspace: An approach to studying criminal behaviour on the Internet Doctor of Philosophy). The Australian National University. Retrieved from the National Library of Australia.

WikiLeaks. (2011). What is Wikileaks? WikiLeaks.

Wisniewski, C. (2011). HBGary Federal hacked and exposed by Anonymous. Naked Security.

Yar, M. (2005). Computer hacking: Just another case of juvenile delinquency? The Howard Journal, 44(4), 387-399.

Zetter, K. (2011). Anonymous hacks security firm investigating it; Releases e-mail. Wired.


Kimberly A. DeTardo-Bora is a Professor of Criminal Justice and Criminology at Marshall University in the School of Forensic and Criminal Justice Sciences. She received her Ph.D. in Criminology from Indiana University of Pennsylvania (2003). Her research interests include action research, cyber-criminology, women and the justice system, juvenile justice, corrections, and theoretical criminology. She is the lead author of the book, West Virginia’s Criminal Justice System, now in its second edition. Dr. DeTardo-Bora’s research has been published in scholarly venues such as Action Research, Corrections Compendium, Security Journal, and Women and Criminal Justice. 

Erica N. Clark is a recent graduate from the Criminal Justice & Criminology program at Marshall University, from which she received her Master of Science in Criminal Justice in 2018. She graduated Magna Cum Laude from Marshall University in 2016 with a Bachelor of Arts in Criminal Justice, a minor in Integrated Science and Technology, and certification in Information Assurance. Erica interned with Marshall University’s Open Source Intelligence Exchange (OSIX) program where she took part in the collection and analysis of open source intelligence for law enforcement and other clients. She is currently pursuing a career in corrections. 

Bill Gardner is an Assistant Professor at Marshall University, where he teaches in the Digital Forensics and Information Assurance Degree Program. Gardner is the Cyber Security Chair of the Appalachian Institute of Digital Evidence and the co-author of two books, Building an Information Security Awareness Program: Defending Against Social Engineering and Technical Threats, and Google Hacking For Penetration Testers.


No comments here