UPDATED 14:14 EDT / DECEMBER 30 2011

NEWS

Security Trends of 2011: The Shadow of Anonymous and the Year of the Internet Hactivist

Every time there is a door, you need a lock because there’s a bad guy that wants to get in and the Internet is no different. Corporations generally sit on the leading edge of new technology and in this case cybersecurity with governments often being the worst, just above everyday individuals. Of course, corporations and governments have a great deal more to lose.

In 2011 we saw the rise of entirely new security threats that nobody anticipated coming out of 2011. However, many might think that we’re seeing more security threats than before, when really what we’re seeing is a greater awareness of what threats exist and how they affect people because they’ve become far more public.

The rise of Anonymous

One example is hactivist vigilantes. Meme-built collectives like Anonymous with access to everyday security and diagnostic tools can wreak havoc and even steal information from websites even though 90% of those involved in any attack may not even be savvy enough to know what they’re doing with the tools. As a result, most hactivist actions involve simple distributed-denial-of-service attacks using Internet diagnostic tools to wash websites offline.

New movements based on old ideas such as #AntiSec have risen out of the activities of Anonymous and LulzSec (mentioned below) to strike out at brutal government regimes and strike at their infrastructure. We’ve seen various groups hit Turkey with hacks and data leaks, disrupt over 51 Malaysian governmental websites, leak e-mails from Texan sheriffs, and with #AntiSec leaking 10gb of law enforcement data from the US. These ideological hackers hit not just targets of opportunity, but targets that make them angry either due to mistreatment of their citizens—or in the case of most of the law enforcement, because they were involved in hunting down other hackers.

Of course, we also see threats emanate from these groups that go nowhere—part of the effect of Anonymous being a meme and not an actual community—such as the would-be DDoS attack against the NYSE on October 10, 2011 that went for naught.

These hacker groups bait law enforcement and governments while intruding upon their space. Factions within Anonymous have teamed up with LulzSec to release manifestos to law enforcement bearding their actions and threatening them with retaliation such as when LulzSec and Anonymous spokespersons posted an open letter to the FBI using the Anonymous motto: “Expect us.” In July, as the reign of hactivists came into power, Anonymous posted an open letter warning NATO that this was no longer their world.

No doubt, the Internet has many more anonymizing and democratizing phenomena to show us and Anonymous is only the tip of the proverbial cyber-iceberg.

LulzSec sails the seven seas of the Internet

In June, a new type of hactivist made headlines, a group that rose with the prankster Internet vigilante spirit of mayhem: LulzSec. Together they brought with them a theme of piracy and naval combat, raiding, pillaging, and firing “the lulzcannon” (what they called their version of the Low Orbit Ion Cannon an Internet diagnosis tool used to do DDoS attacks.) In short, LulzSec sailed for 50 days from April until June and did some noticeable and very public damage along the way.

LulzSec’s first headline grabbing attack happened shortly after the downfall of the PlayStation Network when hackers caused the video game company Sony to shut down the entire gaming network for almost a month. While LulzSec wasn’t related to the initial hack, LulzSec did take credit for pilfering the personal information of over 1 million users from Sony, including passwords, e-mail addresses, home addresses, birthdates, etc. The real embarrassment to Sony from this data breach is that LulzSec noted the information hadn’t been encrypted.

Next LulzSec got into their LulzBoat and started defacing websites in a most-public manner and leaking data via Pastebin.com and putting the full files onto torrents for all the Internet to download and see. No corporation and government would be safe once one of these torrents went up as thousands of LulzSec fans would have the files in mere minutes and could repost them anywhere.

Later in June, LulzSec hacked into a web hosting datacenter and dumped over 62k passwords and usernames connected to e-mail addresses; 12k of them appeared to belong to a website named WriterSpace.com—a place for aspiring writers. They then sailed into a sex industry website and pillaged over 26k user credentials and personal information. Their Internet Viking raids continued as LulzSec struck game publisher Bethesda Softworks’s forums (maker of Skyrim) and defaced the U.S. Senate website.

The group also hit the CIA.gov website with a DDoS attack, an event that finally caught the eye of the Internet security community, but mostly to the extent of coughing politely and rolling their eyes at LulzSec’s childish antics.

The erstwhile spokesperson of LulzSec, Sabu, accented to an interview with NewScientist in which he spoke about the motivations behind LulzSec’s hactivism—he explained it was less about activism and more about doing it “for the lulz” or to just do things because it was funny and because they could. He explained tha the group also wanted the world to know how vulnerable their data happens to be in the hands of these corporations. After all, if they could do it and publicize it far-and-wide, then what was happening when a breach happened and nobody in the public knew?

This rampage wasn’t all fun-and-breaches, during their reign of mayhem LulzSec hacked Nintendo’s website but didn’t leak their data—they just let them know how to fix it. Also, Sega suffered a breach and the group threatened to hunt down the hackers that hit the game maker.

Interestingly, LulzSec even sparked some discussions about free speech, anonymity, and the role of providers on the Internet. The cloud-based website caching and defense network Cloudflare, took some flack for allowing LulzSec to proxy their websites through their service—some people asked them to censor or drop the hacker group’s site because it could hide their host machines from prying eyes. Cloudflare responded in defense of the freedom of speech and against censorship. Detractors were angry at the company for “harboring” a criminal group; whilst Cloudflare argued that public opinion to censor a group didn’t the same weight as law enforcement and should a law enforcement agency bring a proper warrant they’d receive the information they wanted.

Not all fun and games: law enforcement pummels the heads of the hydra

Often these activities lead to high profile arrests as hackers are hunted down and arrested, however the new hactivist phenomenon produces an erstwhile problematic effect: most hackers caught up in law enforcement nets are often ancillary and only ran an Internet diagnostic tool during a collective social bargain to do the hacking. The actual ringleaders are often hard to identify and harder to locate and arrest often sewing confusion and discord in news media trying to get a bead on who was arrested and how they were connected to the hacks.

Law enforcement moved as best they could against LulzSec. In June, Scotland Yard began arresting hackers in connection with a DDoS attack thought connected to the hacktivist group. One arrest in Hartlepool, England was quickly denied by LulzSec as being one of their members, just someone who ran an IRC chat server they’d used to coordinate. Then July rolled around and Scotland Yard reeled in a young man thought to be Topiary of LulzSec, their apparent leader. Of course, disinformation went into full blast when people began to wonder if it was after all the “real” Topiary.

In the States, the FBI began to hunt for hackers connected with Anonymous and a DDoS attack against PayPal over the Wikileaks fiasco as well as LulzSec. They began executing warrants for searches in Ohio and New York. Arrests quickly followed across the world of likely hackers involved in the DDoS, netting 16 suspects in late July—during the same month authorities in Italy executed 32 to raids leading to arrests of suspected Anonymous-connected hackers. We continue to see arrests happening into September with another sweep of hackers thought to be linked into Anonymous during an FBI action in the US.

While groups like LulzSec might do it “for the lulz” and those who wrap themselves up in Anonymous might massively distribute their attacks, the individuals still can face very real jail time and likelihood of arrest when they’re caught. This digital mayhem is still mayhem and coming with it comes criminal damages.

The year of 2011 will be remembered as the Year of the Hactivist with LulzSec, AntiSec, and Anonymous all rising into the public vigilante hactivist vacuum generated by the democratization and anonymizing nature of the Internet.

It seems likely that 2012 will still be the year of Anonymous as the security phenomena that we’re seeing are only nascent to the social structure of the Internet and if corporations and governments don’t harden their own infrastructure to keep out scritpkiddies like LulzSec—they certainly won’t be prepared to keep out hardened, veteran cyberops hackers.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU