![](\"https:\/\/media.wired.com\/photos\/59d42f47f9bd7c75032230fb\/master\/pass\/Abortion_Cyberhacks-01-FA.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Rebecca Grant| Date: Thu, 05 Oct 2017 12:00:00 +0000<\/strong><\/p>\n Fatimah Gifford was <\/span>nervous the day she was scheduled to testify in front of Texas\u2019 Health and Human Services committee. Gifford is the VP of Communications for Whole Woman\u2019s Health, which operates five reproductive healthcare clinics across Texas. This wasn\u2019t her first time testifying before the state legislature, but it was her first time testifying about abortion.<\/p>\n \u201cI entered into this with eyes wide open, and knowing that I was more than likely going to be devoured up in there,\u201d she says.<\/p>\n Given her job, Gifford is no stranger to high-pressure environments, but she was unprepared for what came next. She slowly walked to the podium, introduced herself, and read her testimony against House Bill 2, a sweeping piece of legislation that laid out some of the harshest abortion restrictions in the country.<\/p>\n When she finished, a committee member laid into her. He denounced her for marketing and promoting abortion, and criticized the organization\u2019s website for its professional appearance because it helped \u201csell\u201d abortions. He also read the organization\u2019s URL\u2014 www.wholewomanshealth.com<\/a>\u2014out loud.<\/p>\n \u201cIt was like he mockingly invited people to go to our site and mess with us and made sure our web address made it into public record,\u201d says Amy Hagstrom Miller, the founder and CEO of Whole Woman\u2019s Health. Which is precisely what happened.<\/p>\n Later that day, Whole Woman\u2019s Health noticed a surge in hacking attempts through routine monitoring of web activity. A few days after, the staff couldn\u2019t log into the website. One of the intrusive efforts had succeeded, and shut the website down for a week.<\/p>\n It was just the beginning of the onslaught of cyberattacks that Whole Woman\u2019s Health would experience between June 2013 and April 2016, as the organization continued to fight a legal battle over abortion that went all the way to the Supreme Court.<\/p>\n The battle lines around abortion in the US have been clearly drawn for decades. Protesters, ranging from handfuls to hundreds, stake territory outside clinics to pray, wave signs, and yell into loudspeakers. On the legislative front, politicians have enacted hundreds of Targeted Restrictions of Abortion Providers<\/a> laws since 2010 that make it difficult for women to access abortion care, and cause clinics to close down.<\/p>\n Over the past few years, though, a new front has emerged that many reproductive healthcare organizations struggle to deal with. Cyberattacks and threats, as well as internet harassment, have escalated, aiming to disrupt services, intimidate providers and patients, and prevent women from getting the care they need.<\/p>\n After the initial <\/span>attack, Whole Woman\u2019s Health hired a cybersecurity specialist to remove the malware and repair the damage that had been done. Still, Hagstrom Miller says, the site suffered more than 500 hacking attempts each day in the wake of Gifford\u2019s testimony. About a month later, hackers found and exploited a vulnerability in the Whole Woman\u2019s Health blog, which gave them a backdoor to the entire website.<\/p>\n The second successful attack shut down the site for a month. Without it, potential patients were unable to find the clinics, make appointments, identify hours, locations, and services provided, and ask questions.<\/p>\n \u201cThe damage was awful,\u201d Gifford said. \u201cOur phones literally stopped ringing. It was devastating. Most of our patients find us online, so with no website and no Google advertising, it made day-to-day awareness nearly impossible.\u201d<\/p>\n After that attack, Whole Woman\u2019s Health switched to a more secure hosting provider, and rebuilt every single page on its website, around 100 in all. These measures allowed the organization to better track the cyberthreats as they came in, but didn\u2019t stop them. As Whole Woman\u2019s Health continued to speak out in support of abortion rights, hackers continued to strike.<\/p>\n 'The damage was awful. Our phones literally stopped ringing. It was devastating.'<\/p>\n \u2014 Amy Hagstrom Miller, Whole Women's Health<\/p>\n On April 2, 2014, the Center for Reproductive Rights<\/a> filed a lawsuit on behalf of five Texas clinics challenging HB2, and Whole Woman\u2019s Health became the lead plaintiff. The case wound its way through the lower courts until the Supreme Court issued its decision in 2016. Throughout this multi-year process, Hagstrom Miller emerged as an outspoken advocate for reproductive rights. Every time she went on MSNBC or CNN to talk about the case, Whole Woman\u2019s Health experienced a surge in hacking attempts. In one subsequent attack, hackers rerouted visitors to Whole Woman\u2019s Health website to a pornographic page.<\/p>\n \u201cIt was not only not a landing page, but it took you somewhere awful,\u201d Hagstrom Miller said. \u201cI remember being mortified.\u201d<\/p>\n The high-profile of <\/span>Whole Woman\u2019s Health may have made the organization a unique target, but anti-abortion cyber warfare is part of a larger trend. While hate speech and online harassment have long plagued abortion providers\u2014including over 42,500 incidents of hate speech in 2016 alone, according to<\/a> the National Abortion Federation\u2014actual hacking represents a serious escalation. Even organizations like Planned Parenthood, which have significant resources and manpower, struggle to prevent attacks from a loosely organized but determined group of \u201chacktivists\u201d and extremists.<\/p>\n In July 2015, Planned Parenthood\u2019s website was hacked<\/a> shortly after the Center for Medical Progress, an anti-abortion group, released secretly recorded (and discredited) videos doctored to make it seem like Planned Parenthood sold fetal tissue. The same attack also targeted the National Network of Abortion Funds and the Abortion Care Network.<\/p>\n As reported by the Daily Dot<\/a>, a group called 3301 claimed credit for the hack, and said they used a Blind SQL injection, in which an attacker queries a database in hopes that the response will reveal information or vulnerabilities.<\/p>\n "Here we are, the social justice warriors, seeking to reclaim some sort of lulz for the years and thousands of dollars that Planned Parenthood have wasted and made harvesting your babies," 3301 wrote on its site. The group then published the names and contact information<\/a> for more than 300 Planned Parenthood employees online.<\/p>\n These types of leaks can create real-world danger. Abortion providers have a long history of being stalked, assaulted, harassed, and murdered<\/a>. In communities that are hostile to abortion, it\u2019s not uncommon for staff to hide what they do, drive different routes to work, and take great pains to hide their identity. Doxxing can put their lives at risk.<\/p>\n David Cohen, a professor of law at Drexel University and the author of Living in the Crosshairs: The Untold Stories of Anti-Abortion Terrorism<\/em>,<\/a> says extremist anti-abortion groups have used tactics like this since the early days of the internet, but the vulnerability landscape has broadened and diversified. Now, for example, the risk of data breaches (which enable doxxing) is greater. According to the 2016 National Clinic Violence Survey<\/a>, published by the Feminist Majority Foundation, 13.9 percent of clinics reported that information and pictures of doctors were posted on the internet.<\/p>\n \u201cThe antis have been using every tool at their disposal to go after abortion providers and clinics for as long as they have been doing this,\u201d says Cohen. \u201cA lot of clinics did not have a website before five or ten years ago, so the antis were not going to hack anything because there was not anything to hack. As technology spreads and becomes more sophisticated, we are seeing attacks from every angle.\u201d<\/p>\n Hackers targeted Whole <\/span>Woman\u2019s Health and Planned Parenthood because they are prominent, nationally recognized organizations that advocate for abortion rights, but the threats can be localized as well. Calla Hales is the administrator of A Preferred Women\u2019s Health Center (APWHC), which operates four abortion clinics in North Carolina and Georgia. The Charlotte location attracts protesters that can number in the hundreds every week, and Hales said they are besieged by hacking attempts as well. APWHC recently experienced a DDoS attack that shut down the company\u2019s internet and phones. Hackers have shut down the website on multiple occasions as well.<\/p>\n \u201cIt happens pretty regularly and we have had to spend way too much money to fix it,\u201d Hales says. \u201cTo be honest, I\u2019m surprised by how tech-savvy they are.\u201d<\/p>\n But Craig Petronella, a cybersecurity expert who focuses on the healthcare industry, says that it\u2019s relatively easy these days for any \u201cmotivated group\u201d to wage a cyberattack, whether it\u2019s through malware, ransomware, a phishing scheme, or a DDoS attack.<\/p>\n \u201cAnyone that knows how to type a word document or a simple email can go on the dark web with malicious intent to find what they are after,\u201d Petronella says. \u201cThe simplicity of it is scary.\u201d<\/p>\n Organizations without strong protections in place face proportionally greater risk. Many hospitals, clinics, and private practices operate on older technology and equipment and have limited resources to devote to state-of-the-art IT.<\/p>\n \u201cHealthcare is such low-hanging fruit,\u201d Petronella says. \u201cHackers know their defenses are weak and they are limited on budget, without a lot of sophistication with cybersecurity. They also know that a healthcare practice needs their computer systems and are sensitive to downtime. They can do a lot of damage.\u201d<\/p>\n Providing abortion services further adds to a clinic\u2019s lure as a target, and because the attacks happen online, people can participate anonymously and from afar. Hales and Hagstrom Miller may recognize the protesters who show up outside their clinics everyday, but they have no idea where the cyberattacks are coming from.<\/p>\n There are also rules in place for dealing with human protesters that don\u2019t carry over to online interference. The FACE Act prohibits people from trespassing on clinic property and blockading entrances, and law enforcement is supposed to intervene when protesters violate those laws. It\u2019s easier to catch someone who breaks in and physically smashes equipment than a hacker who shuts down a system remotely. Cyberattacks are illegal, but notoriously difficult to police.<\/p>\n 'As technology spreads and becomes more sophisticated, we are seeing attacks from every angle.'<\/p>\n \u2014 David Cohen, Drexel University<\/p>\n And then there are the threats that exist in gray area. APWHC does not have Wi-Fi, because they ask their patients to stay off their phones for privacy purposes. Hales said one local anti-abortion group sends over a van that parks outside the clinic with a Wi-Fi node that broadcasts a network called Abortion Info. When patients connect to the network, they are taken to a website that looks like APWHC\u2019s, but isn\u2019t.<\/p>\n \u201cPeople automatically log in and the website looks exactly like our website,\u201d Hales says. \u201cIt has all these cartoon videos that say things like \u2018I\u2019m going to stick in the speculum and rip the arm off.\u2019 It\u2019s creepy as shit.\u201d<\/p>\n Geotargeting is another example. In 2016, a mobile advertising and marketing firm called Copley Advertising was hired by RealOptions, a network of crisis pregnancy centers (CPCs), and the evangelical adoption agency Bethany Christian Services, to target \u201cabortion-minded\u201d women<\/a> in Planned Parenthood clinics with anti-choice messages. Beyond the nuisance factor, the action raises legitimate concerns about anti-choice groups gaining access to personal information about patients, and sending them unwanted messages.<\/p>\n