Article Lead Image

Illustration by Jason Reed

Why RedHack challenges Turkey’s political establishment

‘Beauty will save the world.’


Efe Kerem Sozeri


In their 20 years of operation, the hacktivist group RedHack has pulled off many high-profile breaches, such as leaking documents from Turkish National Police, penetrating the Turkish army’s Commando Brigade, wiping out electricity bills in protest of a power plant, and defacing milk companies that delivered tainted milk in primary schools.

But most of their activities go unreported in Turkey’s censored media, which aims to hide the government corruption and incapacity RedHack often reveals.

The news about their latest leak, a 17GB email archive from Turkey’s Energy Minister and President Recep Tayyip Erdoğan’s son-in-law, Berat Albayrak, is sharing the same fate—this time with the Turkish government’s expanded online censorship powers.

(“Information and Communication Technologies Authority spends working hours to protection and control. Any news items with the word ‘RedHack’ is banned…”)

What is particular about Turkey’s current crackdown on RedHack is that the attempt amounts to an all-out war against the world’s cloud services, which has only brought more attention to their leaks—an ironic twist helped along by Twitter, which suspends RedHack’s accounts at the request of the Turkish government.

To understand their motivations for the latest hack and the public leak, we sent our questions to the Marxist collective (also known as Red Hackers Association, or RHA) initially through an intermediary about two weeks ago. Despite the multiple attempts to silence the group, we eventually received answers from RedHack and confirmed the authenticity of the public data dump with that of the one provided to to us earlier.

RedHack’s answers on government abuse and public interests reflect the disciplined, politically motivated ambitions they are known for by fellow hackers and researchers alike.

But their methods to communicate with journalists and the general public shows that they have learned Turkey’s censorship machine inside out.

Daily Dot: Why did you hack Berat Albayrak’s email accounts? Why him in particular?

RedHack: We were tracking Berat Albayrak for some time. He was our target because we believed that he maintained the dirty relationships of the party in power, especially with his career that spans from his education inside the Gülen Movement to his rise within Turkey’s Justice and Development Party [formerly led by Erdoğan, known by its Turkish acronym, AKP].

There is the fact that Turkey’s Energy Ministry was using U.S.-based companies’ email services, without encryption on emails or sensitive documents, and that NSA and U.S. courts could access these information. What sort of security failures do these point out?

This is very important. We noticed the same when we hacked Minister of Interior, Muammer Güler, previously. A lot can be said about the practice of keeping all the secret correspondence of the government, also the links of the corrupted network that they themselves are in, over U.S.-based means of communication. But let us summarize in one word: “incapacity.”

From the email correspondences, and our ‘visits’ to his computers, we can say that if there would be a merit-based appointment system in Turkey, even the President would not be trusted with a light switch; they would probably leave the lights on all night.

How would you define your own acts? Do you agree that they are illegal, or do you think they are legitimate because they are political?

Certainly we are not bound by the laws of thieves, murderers and fascists who burned people in basements. [Note: This refers to the ‘Cizre Massacre’]. We do not care about the decrees they issue about us, we do not even take Erdoğan and his security forces seriously. Public interest and the history of the revolutionary struggle provide legitimacy to our actions. Let us also add this: While we try to do our best with our acts and our statements, sometimes this does not happen. But the people should not doubt our aims and the faith we have for the struggle.

There are other active hacker groups, some nationalists, others closer to the government. At times, they perform hacks of political nature as well, such as recent examples of attacks to pro-Kurdish party, Peoples’ Democratic Party [known by its Turkish acronym, HDP], leaking their private conversations. Do you find this legitimate?

While these acts would be considered political, they are never legitimate. The groups you mentioned have switched sides; even their friends question their legitimacy now. We find it a waste of time to talk about them.

After your ultimatum to the government, were you hopeful that dissidents would be released, or did you make that statement to draw attention to their case?

Of course we try to raise public awareness against the attacks of fascists; and we can say we are at least partially successful in this. Right on this point, the difference between hacking and hactivism becomes visible. We are hacktivists!

Let’s build propositions on the philosophy of hactivism; one can say that hactivist actions have not only a political meaning, but also that they are the voice of the oppressed and the excluded. This is what defines the hactivist character of the RedHack. We are actually not hackers, we are hacktivists!

The Twitter accounts that you used to announce your actions are suspended by Twitter. It is against the rules of Twitter to share personal information, but Twitter did not suspend other accounts of a similar political nature, including WikiLeaks, Guccifer 2.0, TheCthulhu and Phineas Fisher. Do you think Twitter’s censorship is also political, do you think Turkey pressures the company to censor you?

All social media companies and all spaces of information sharing, including Twitter, are owned by the hegemons. Their understanding of freedom is not defined by the truth, but is limited by the threats to their hegemony. Let alone personal data, Twitter allows ISIS members who behead people, and paedophiles, too. We do not expect Twitter to let this corrupt network to be revealed as such. But we trust upon the opposition journalists whose principles are based on liberty and facts. Being among their readers, we are certain that they will not mislead us, they never did.

Why did you limit access to Albayrak’s email archive only to the journalists, initially?

We have conducted similar hacks before. We are Socialists, and our acts can only serve as the tools of a political struggle. Sometimes we hear so many people saying “Release it all! Are you bargaining with them? Why don’t you release all the information?”

We have seen all of the immoral and crooked relations that these people in power have built upon. But we are not paparazzi. We are Marxists who put up a struggle in a Leninist organizational structure. In the emails, there could be content of private sort, but we cannot release those for the tabloids. When we filter out all such material, we will release the whole archive to the public for our strong belief in the freedom of information, and public’s right to know.

When daily Evrensel’s reporter Cemil Uğur was jailed, you threatened to release the material to the public “unfiltered,” and you did so on Oct. 8. Even if the cloud services were promptly blocked, hundreds of people downloaded the whole archive via torrent. Did you change your mind about filtering?

No, personal photographs are filtered out. These were also not provided in the leak to the journalists. As Socialists, we cannot take part in immoral acts.

But some people who downloaded the archive found email receipts from Amazon that are certainly related to his private life. How do you explain this?

We did our best to filter the emails in order to refrain from publishing the content that is of tabloid nature. We had filtered pictures of his wife, and certain correspondence he had. This shows of sensitivity regarding this matter. However, the pressure from the party in power and the 17.3GB size of the data seemingly prevented us from completing this task.

Our opposition is built upon political awareness and action capacities, not on bedroom moralities. It is unfortunate that public’s interest is currently focused on this. But they should instead demand accountability on ISIS oil trade that finances terrorism, and unjustified appointments of public employees.

How do you choose the journalists you provide access to? What do you expect from them in return?

Frankly, the public chooses these journalists, and these journalists make choices in their own will. The main dynamic of this relationship is their libertarian attitude, their choices to report about the oppressed and excluded groups, and the public’s respect to their work. Therefore, it’s not a difficult selection. We were never wrong. There are journalists with whom we lost contact because of suspended accounts; we hope they don’t resent us because of this. Under such heavy censorship and fascist attacks, these are probable outcomes.

Why did you feel the need to hack daily Sözcü’s website and publish your own news article? Don’t you think it also puts pressure on the journalists to cover your story? Will you hack other outlets as well if they also fail to cover it?

Daily Sözcü’s recent editorial line was too much of a police mouthpiece. We think our act was not only a warning but also a way to inform the people in the opposition who read daily Sözcü. However, not every hack is an aggression, this was a hack but not an attack. One should think of this as a penetration test, we just reported it in our own way.

How about a pro-government hacker group publishing a piece at an opposition daily? Would this also be a legitimate political act?

This question is similar to the one you asked above: Political acts and legitimate acts are different. Legitimate political acts cannot be against people, against those who support the oppressed. Of course, the definition of legitimacy is divisive on its own. But we would never approve actions against Socialist organizations that work for the rights of the people, we define such acts as “fascist attacks.”

Do you think there are limitations, censorship and self-censorship, about the reporting of your actions?

The general public started to hear more about us from 2012 onwards, thanks to the social media and the new means of communication, but we have accomplished many sensational hacks since 1997. So, one can easily say that we have been under censorship for the last 20 years. But this is not different from the censorship on other socialist organizations, and the independent press; their struggle went underreported just like ours. This is because the media falls under the hegemon class. Today, where thieves, rapists, and child abusers receive high honors, we would question ourselves if we wouldn’t be censored.

How do you evaluate your recent hack? Do you think it accomplished its aims?

There are three stages of hactivist acts:

1. Planning and attack
2. Propaganda and accountability
3. Retreat

We are at the second stage. All this censorship and blocking indicates that we were successful, but it would be too early to say it before it ends. When those whom the government took for being “RedHack members” are liberated from fascists, we can talk about this at a party. :)

Lawyers of those seven people in police custody claimed that their clients were ill treated and tortured. All suspects were later released due to lack of evidence. But before that, you released a very detailed statement about how you performed the Albayrak hack, starting from back in June. Was it to prove that those in custody are not the RedHack members?

The only thing the police had on them is an anonymous tip. We have absolutely no idea why these people were suspected to be linked to us. From what we have read so far, we understand that those detained share a similar worldview with us, but that’s all. It does not make any sense to detain same group of people after every RedHack action. Fascism makes no sense, that’s obvious, but we think that they try to intimidate the public this way, to force the public to self-censorship. And we believe police, too, are aware that this intimidation will not work.

How do you think you contribute to the opposition groups in Turkey with these actions? And what is your ultimate target—under which type of political regime would the RedHack stop its actions?

The founding philosophy of The RedHack is opening a digital propaganda space to the opposition groups. Therefore, RedHack is an online “self-defence movement” of the oppressed. While our action capabilities seem to popularize us, as a significant power of self-defence, we will never get spoiled by our popularity.

We are perceived to act mainly for the Socialist struggle inside Turkey, but actually we are putting up a global struggle. We are much [more] widely known in the world than in Turkey. And we will keep this struggle until the beauty rules the world, because “Beauty will save the world.”

The Daily Dot