Cyber Incident Victim: sgtbilko420
Date:
Sep 2015
Location:
United States of America
Summary
An anonymous hacker using the alias "sgtbilko420" conducted distributed denial-of-service (DDoS) attacks against racist websites and entities, including the Ku Klux Klan, the Westboro Baptist Church, an Islamic State-affiliated site, and a former Canadian prime minister's platform, motivated by opposition to racism. The attacker claimed responsibility via social media, disabling approximately 20 targets by overwhelming them with traffic and threatened further disruptions to additional racist sites. Operating independently without ties to organized hacking groups like Anonymous, the individual offered a financial reward for anyone who could reveal their identity, though they remained unidentified despite public challenges. Some affected websites resumed operations, but the hacker continued to announce impending attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The incident involving the hacker known as "sgtbilko420" began on September 15, 2015, with a series of distributed denial-of-service (DDoS) attacks targeting websites affiliated with racist organizations. The hacker publicly claimed responsibility through a Twitter account (@sgtbilko420), announcing intentions to dismantle platforms promoting racial hatred. Primary targets included websites linked to the Ku Klux Klan (KKK), online stores selling racist merchandise, the Westboro Baptist Church, a site associated with the Islamic State, and a personal site belonging to former Canadian Prime Minister Stephen Harper. The attacker employed DDoS methodology—overwhelming target servers with traffic from botnets—to force sites offline. By October 21, 2015, twenty websites had been disrupted. The hacker framed the campaign as a vigilante effort against racism, explicitly stating in social media communications that "it was time for all racism to come to an end" and emphasizing that "this is not the 1800s anymore." No affiliation with established hacktivist groups like Anonymous was declared during these operations.
sgtbilko420 maintained an active Twitter presence to taunt targets and amplify threats, posting messages such as "how does it feel knowing one man is taking you all down one by one?" On October 21, 2015, the hacker issued a warning of escalated attacks scheduled for Halloween, threatening to disrupt twenty additional racist websites. Concurrently, they offered a $5,000 bounty to anyone who could reveal their real identity ("dox" them), challenging adversaries to retaliate. Despite this provocation and reported threats against the hacker, no successful identification occurred during the documented timeline. Several targeted websites restored functionality after initial outages, indicating either mitigated attacks or temporary disruptions. The campaign's confirmed impact remained limited to service availability, with no evidence of data breaches or permanent infrastructure damage disclosed in available reports. The hacker's actions drew media attention but elicited no documented responses from law enforcement or victim organizations within the source material's scope.