The Red Star: RedHack

← Home·Gallery·Techniques

Threat Intelligence Tarot

wands · 9

Turkey (Marxist-Leninist hacktivist group)

★★★★★

risk 2/5

✦ The Red Star ✦

RedHack

Kizil Hackerlar

Turkish governmentTurkish policeTurkish militaryErdogan administration

Active since ~2012 · Anti-government disruption, Turkish government corruption exposure, Political opposition

Founded by Turkish leftists, prosecuted under anti-terrorism laws, and undeterred. The Red Star leaks what the Turkish government wishes stayed hidden - police files, ministerial emails, municipal contracts. It is political opposition conducted through exfiltration.

Tactics & Techniques

RCN

RDV

INI

EXC

PRS

PRV

EVA

CRD

DSC

LAT

COL

EXF

IMP

T1530

Data from Cloud Storage

Collection

T1491.002

External Defacement

Impact

T1078

Valid Accounts

Initial Access

T1213

Data from Information Repositories

Collection

Notable Operations

◆Turkish government email leak - corruption documents published (2013)
◆Police database breach exposing officer identities
◆Ankara municipality email archive released
◆Classified Turkish military documents leaked

Defenses

▸
Internal email system access controls and DLP
CIS Control 3 ↗
▸
Privileged account monitoring for government systems
CIS Control 5 ↗
▸
Cloud storage access logging and anomaly detection
NIST CSF: DE.CM ↗

Reversed: Their Weakness

Turkish authorities have prosecuted multiple RedHack members successfully under broadly-applied terrorism statutes - illustrating how domestic hacktivist groups operating against their own governments face a fundamentally different legal risk than groups targeting foreign states.

Share this adversary profile

← → arrow keys to browse

swipe to browse

← PreviousThe Fractured Flag Next →The Jungle Eye

Related Adversaries

Data sourced from MITRE ATT&CK. For educational purposes.