The Million Mask March: protesting for change

The Million Mask March takes place in major cities around the world on 5 November each year. The event was originally started by Anonymous activists in the wake of the 2011 Occupy protests.

Supporters of the Anonymous ideals use the Million Mask March as an opportunity to demonstrate against a range of issues: these include government corruption and oppression, elitism, the capitalist economic system, social and economic poverty, human rights abuses, animal rights, child abuse and environmental causes.

5 November – the day celebrated in commemoration of Guy Fawkes’ failed attempt to blow up the Houses of Parliament in 1605 – provides protesters with an opportunity to gather together in solidarity. Importantly, one unifying aim of the event is the desire to fight against ‘the system’ and state control.

In the UK, the main Million Mask March traditionally takes place at 18.00 in Trafalgar Square. This year, however, activists have also been advertising a three-day ‘Special Event’ when they will camp outside Harrods department store in South Kensington. It is not clear if they will also move on to Trafalgar Square on 5 November.

While thousands of people may attend these street protests around the world (many sporting the traditional Anonymous Guy Fawkes masks), others have chosen to demonstrate their opposition to ‘the system’ in a different way, by participating in online operations aimed at disrupting the activities of governments or businesses.

When the Million Mask March movement began in 2013, we initially saw a range of cyber attacks as part of #OpVendetta, which was the name given to the accompanying cyber operation taking place at the same time.

However, those attacks seem to have decreased in frequency and importance over the last couple of years, with fewer hacker groups involved in them. In 2017, the only notable attacks we saw as part of the operation comprised 73 Israeli domains being hacked and defaced by Giantsps. The same group also targeted government sites in India and the Philippines. Other hackers appeared to ignore the operation altogether.

This year, we have seen just one group really focusing their energies on 5 November, and this time not as part of #OpVendetta. Instead, at the end of October, LulzSecITA hacktivists launched their own Italy-centric operation called #OpBlackWeek, and promised to hack and leak data from various Italian websites on a daily basis.

True to their word, they have released details about their breaches of healthcare organisations, trades unions, media companies and educational institutes. The group also threatened Italian utility provider Acque Veronesi, and it is possible they have already stolen data from that organisation and are planning to publish it – perhaps on 5 November.

As usual, the Million Mask March is being promoted on social media sites such as Facebook and Twitter, with some accounts attracting a vast number of ‘likes’ (over 283,000 on the main Facebook page alone). The number of protesters likely to turn out on the streets will of course be much lower. Nevertheless, these demonstrations do tend to attract thousands of participants. Businesses located in the centre of major cities such as London, Paris or New York are therefore advised to exercise vigilance; mass protests can and do sometimes end in violence and damage to company property.

In the cyber realm, it is also important to remain aware that hacktivists may suddenly launch attacks against corporations seen as being part of ‘the problem’. Again, vigilance is required.

A list of planned events can be seen here.

Scroll to Top