Pushing Bounds And Tempting A Fight

Doug Bernard | Washington DC

If one could speak about Anonymous as a singular entity, then it’s clear that Anonymous is spoiling for a fight.

But of course, Anonymous is anything but a singular thing. It’s been called a hive of numberless drones, an amorphous hidden collective of computer hackers and even “The Borg.” By definition it’s a group that has no boundaries, and thus no members. Officially, at least.

“We are not a group. You cannot join us.  We are an idea,” taunts the computer-generated voice in one of their many online videos.

OK, “Anonymous.”  But for a group with no members, you sure have been busy of late. Consider that in just the last week or two, some tentacle of Anonymous has claimed responsibility for hacking the following people or groups:

“Ultimate Champion.” After feuding with anti-SOPA activists via Twitter, Dan White, founder of the lucrative “Ultimate Fighting Championship” found his website cracked and his personal information published online and shared via his own Twitter account. White has since gone silent on the web.

The FBI and Scotland Yard. Following the recent seizing (and freezing) of the Megaupload.com website and the arrest of its flashy owner Kim Dotcom in New Zealand, Anonymous brazenly recorded an entire conversation between FBI and Scotland Yard agents discussing last year’s arrest and prosecution of seven individuals believed connected to an earlier Anonymous hack. While the call wasn’t on a secure line, they were able to record without detection, and likely with help of cracked email files either at the FBI or Scotland Yard.

Puckett & Faraj. One of the more prestigious (and expensive) legal firms in the United States, Puckett & Farai represented U.S. marine Frank Wuterich, who was charged with dereliction of duty and convicted in a court-martial relating to the 2005 killings of 24 Iraqis in Haditha.  Segments of Anonymous felt the conviction wasn’t enough, so promptly released 2 gigabytes of private information from the law firm for public view. So thorough was the data grab that Puckett & Faraj’s business manager is on record as saying “this may completely destroy the law firm.” (The Puckett & Faraj website is still nothing but a blank screen.)

Syrian President Bashar al-Assad.  Yet another offshoot of Anonymous obtained what it calls the email addresses and passwords of hundreds of Syrian government officials, among many other documents, and predictably posted them all online, amid much smirking and self-congratulation. (As of 1900 UTC, Feb. 7, the list at Pastebin is still publicly viewable.)*

They hacked Polish government websites after that nation’s parliament passed the Anti-Counterfeiting Trade Act, as well as government websites in Italy, the Czech Republic and those of the EU.  They released personal information about top city officials in Oakland, California, after that city’s confrontation with the “Occupy Oakland” protest group. They redirected online customers of CBS and Universal to dummy sites following their support of SOPA/PIPA. They even hacked Symantec, the firm whose software is supposed to protect computers against invasion and hacking, and released its source code (albeit old code, says the company.)

All this, not even counting the 100-odd small credit card hits along the way, spells a lot of busy little hacker hands, all calling themselves “Anonymous.”

Different Names, Same Result

As we’ve noted, Anonymous calls itself a group with no membership or leadership; that’s what it says, at least. But in reality, there are leaders and core members. There must be.

In truth there may actually be many competing leaders and subgroups all operating under the umbrella cover of “Anonymous.” AnonOps, AntiSec, LulzSec, AnonymousIRC, Anon_Sexy: these and many others look and sound like separate groups, with separate messages and pet causes. They even speak with different voices: a tweet or a posting by the now disbanded LulzSec reads like that of a cocksure 12 year-old boy, while videos and “news releases” from AnonOps have what you might almost call a seriousness about them.

Swarm attacks like DDoS hacks don’t just happen, they have to be planned and timed. While no one may be leading any particular hack, every one of them must get rolling at someone’s suggestion or instigation. And the more sophisticated multipronged attacks – like those that humiliated cyber-security firm HB Gary last year – require coordinated resources and actions. By definition, someone (or a group of someones) must be orchestrating the whole affair.

Take, for example, this week’s news of a new search engine for felons. Called “MegaSearch.cc” it coordinates the many separate lists of stolen credit card numbers held by various criminals around the world into one searchable database. That kind of coordination requires someone to register the site, maintain the data set and pay the bills, even if by theft.  (By the way, a quick search of Megasearch’s registration suggests, unsurprisingly, that it is connected to a noted malware server, so readers are encouraged not to go exploring without protection.)

Part of the problem may also be the success of the Anonymous brand itself. As hacks have grown bolder and grabbed bigger headlines, unaffiliated hackers have no doubt been tempted to test their abilities for mischief and advertise their misdeeds under the “Anonymous” shadow, thus creating a new round of headlines, and on and on.  Thus it seems like the “group” is constantly growing, but in fact it’s merely getting credit for the work of others it inspired.

Either way, the end result is the same. More hacker hands mean more hacks.

How Far Is Too Far?

Anonymous has its admirers, but it also has enemies, and not just those whose websites it has broken. One of them is “th3j35t3r” – code for “The Jester” – who self-describes as a”hacktivist for good” and has frequently taken shots at Anonymous (which has shot back). As generalizations go, it’s fairly true that hackers tend not to always play well with each other, and infighting among those who claim some Anonymous connection is common.

And there are missteps as well. Earlier this year someone claiming to be Anonymous released a video threatening to take down the servers of major international banks, the United Nations, Microsoft, YouTube, Twitter, and Facebook. “Operation Global Blackout” was billed as punishment for the megaupload.com seizure, and the voice warned that unless megaupload’s servers weren’t released within 72 hours, Anonymous would darken the web.

72 hours came…and went, with no serious activity. Shortly after, in a second video release, a voice claiming to be Anonymous explained:

“Why haven’t any of the things stated in the initial video happened yet? Simple. Because this proposed idea doesn’t have a set period of time when it will go into effect, as it is an on-g0ing operation. Like I said…I explained what we can do, not what we will do.”

Critics are unconvinced. Apart from the backtracking, the two statements have a different tone. Anonymous videos almost never use “I” or its variants, but the updated video is filled with them. Was it a mistake? Or are different hacker groups within or near Anonymous fighting again?

We’ve said before and say again that the safest bet is that Anonymous will soon be linked to another high profile, highly embarrassing hack attack. Private data will be released, faces will redden and Anonymous will gloat. But is that it? Nobody has ever been physically hurt, or worse, because of an Anonymous hack; no government has fallen and no commerce has been permanently disrupted. Which begs the question: is Anonymous little more than an embarrassment machine? Will anything seriously consequential ever result from their efforts?

How far will Anonymous go before it goes too far?

The answer may come sometime soon.

*Ed. Note: beyond the seriousness of any individual or group hacking and publishing government officials pass codes, we couldn’t help but note that nearly every password used wouldn’t even pass the most basic security analysis.  “12345″ is never, ever, a smart pass word; a drunken bear could probably crack that.

Just What, If Anything, Did Wednesday’s Protest Achieve?

Doug Bernard | Washington DC

UPDATE: Friday, January 20, 2012: Not content to leave the battle un-joined, the hacker group Anonymous stepped into the SOPA fray Thursday evening by launching a massive denial of service attack on several SOPA supporters, including Universal Music, the RIAA and MPAA. Also targeted was the U.S. Department of Justice and U.S. Copyright Office; although those attacks are likely to have been prompted more by Thursday’s shutdown of the website “MegaUpload” by Justice officials. AnonOps claims that 5,635 individual machines were used to launch the coordinated attacks, the largest single effort yet by Anonymous.  As we’ve noted before, when there’s a big story that has anything to do with the Internet, expect Anonymous to step in.

Whether the protests and hacks changed minds isn’t clear; however it has changed the bills’ fortunes on Capitol Hill. Friday Rep. Lamar Smith (R-TX) announced he would shelve SOPA for the moment, while in the Senate, Majority Leader Harry Reid (D-NV) cancelled a vote on PIPA.

It had been building for days. “Twitter, join the protest,” tweeted Ben Huh, founder and CEO of the mega-successful “I Can Has Cheezburger” websites. “Go Google for blacking out logo!” read another.

For weeks Huh had been using his Twitter account and other means to encourage Internet companies of all stripes to join in a one day protest against two pieces of legislation currently before Congress. “SOPA”, for Stop Online Piracy Act, and “PIPA”, the “Protect IP Act” were designed, say its authors, to crack down on overseas copyright piracy by strengthening the U.S. government’s hand in who they could prosecute and remove from the web.

Introduced more than a year ago, the legislation has the strong support of major entertainment companies such as Sony or the Motion Picture Association of America, or MPAA. But it has equally strong opposition, centered mostly among civil libertarians, online freedom activists and Internet-based firms like Google and Wikipedia.

This back and forth has put the bills into a sort of legislative limbo – not scheduled for floor or committee markup, but not officially dead, either. So beginning early January, Huh and others proposed a protest that would grab headlines, and perhaps knock SOPA’s advocates back on their heels. Their Internet sites would go dark for 24-hours, replacing their usual content with a stark message warning about the dangers of the bills, and urging users to contact their members of Congress.

One of Ben Huh's many tweets about the dangers of SOPA

So what happened? To start, Wikipedia went dark – kind of. The online compendium of facts large to obscure was unavailable for 24 hours, offering instead a shadowy black-and-white message on why PIPA and SOPA would censor services like theirs. It was billed as a total blackout, but as mobile phone and tablet users quickly found out, there was a still a back door open for full access from mobile devices.  Ben Huh’s “I Can Haz Cheezburger?” family of 54 websites of lolcats and goofy pranks all featured a large shield that could only be removed by clicking through to a site warning about the bills, and urging users to sign letters of protest. (Once clicked, however, all the lolcats were again available.) Google slapped a large black box over its logo, although its search function continued to work, and online magazine Wired blacked out all the text on its site, which, however, became visible when you moused-over it.

“Boing Boing”, “Firefox”, “Tumblr”; these and many more sites limited services and featured ominous warnings about the bills. But many other sites did not participate. Twitter refused to join the protest, calling such a single-issue stoppage of a global company “foolish.” Amazon.com didn’t make mention of the bills either – but this perhaps was less surprising as retailers, in general, would not be as threatened under PIPA and SOPA than over content-rich sites. Even some editors of Wikipedia complained that the blackout could threaten Wikipedia’s reputation as a non-biased source of information. “My main concern is that it puts the organization in the role of advocacy,” editor Robert Lawton told the Associated Press.  “Before we know it, we’re blacked out because we want to save the whales.”

Screen grab from Wired's front page featuring SOPA-inspired blackouts

In the end, the protest garnered headlines but changed few minds. Ebay, Facebook, Yahoo!, Google, Twitter and others still oppose SOPA, while NBC Universal, Comcast, 3M, Walmart, the RIAA and others still support it. And the larger question now is: what will opponents do if and when the bills actually start moving again in Congress? A one day blackout is one thing; shutting access for an indefinite period of time will be a much harder, and costlier, sell.

For his part, SOPA author Rep. Lamar Smith (R-TX) has introduced a “manager’s amendment” – which you can read here – which represents a modification of the original bill, and one that, for parliamentary reasons, Rep. Smith may begin to move through committee as early as February. In the meantime, SOPA & PIPA proponents, such as the Creative Alliance, have announced they will soon launch an advertising campaign about the benefits of the bills.

And Ben Huh isn’t the only one taking his campaign to Twitter. SOPA supporter Rupert Murdoch tweeted yesterday: “Seems blogosphere has succeeding in terrorizing many senators and congressmen who previously committed. Politicians all the same.”

Stay tuned.