'Anonymous' Hacking Group Threatens The Internet

Reply Sun 1 Apr, 2012 10:39 am
'Anonymous' Hacking Group Threatens The Internet
by Tom Gjelten - NPR All Things Considered
March 30, 2012

The mysterious group of hackers who go by the name "Anonymous" have threatened to take down the Internet on Saturday. Or not.

The confusion comes from the very nature of the group, which is amorphous and has no identifiable leadership. Several weeks ago, a group identifying itself as Anonymous announced "Operation Global Blackout," the effect of which would be to bring Web surfing to a halt.

Cybersecurity experts doubt the operation would have more than a limited effect, given the layers of protection built into the Internet architecture.

The Anonymous group itself, meanwhile, appeared divided over the plan. A Twitter account normally associated with Anonymous included several statements on Friday denying any effort to shut down the Internet.

"For the billionth time: #Anonymous will not shut down the Internet on 31 March," said one.

"What is this #OperationGlobalBlackout nonsense?" said another. "Stop asking us about it!"

The contradictions highlighted the difficulty of assessing whether a hacking threat should be attributed to Anonymous or to hackers merely posing as Anonymous

"They [may] declare that they're part of this group and then say that they are going to do something serious to the Internet or act out in some other way," said Richard Bejtlich, chief security officer at Mandiant, a computer security firm. "That's what's difficult about being a group that doesn't have any real membership or named leadership."

Looking For Suspicious Activity

Despite the uncertainty around Anonymous' intentions, cybersecurity experts were on the lookout Friday for suspicious hacking activity.

"I take them seriously all the time," said Bejtlich. "They are motivated, and they have skills."

In his past year, hacktivism is on the map in a big way. We see a different threat, a different adversary, and a broader range of attack techniques.

- Bryan Sartin, co-author of a Verizon report on computer hacking

Bejtlich and others were doubtful, however, that any hacktivist group would have much success disrupting Internet operations.

The plan announced by the Anonymous group was to go after the Domain Name System (DNS) that serves as the Internet backbone.

Internet websites are identified by numerical addresses, not names, so when a user types in a website name, the computer has to query a domain name server to find the corresponding Internet address number.

If Anonymous could overload the domain name servers with queries via a Distributed Denial of Service — DDoS — attack, the servers might not be able to respond correctly.

Cybersecurity experts say the number and dispersion of domain name servers would make it virtually impossible for hackers to take down the entire Internet, though they could not rule out the hackers' having a limited impact.

"If they were able to gather a lot of digital firepower and direct a lot of bogus traffic at one part of the DNS infrastructure, [they] could have an effect," said Bejtlich.

Hacktivists Become More Ambitious

Respect for the Anonymous hacking capability has grown significantly in recent months. Once known primarily for largely symbolic actions, such as temporarily taking down the CIA public website, the Anonymous hackers have moved on to more ambitious activity.

In December, the group announced it had managed to gain access to the computer files at Stratfor, a private intelligence firm, stealing credit card data and private emails. It was one of the final intrusions of a banner year for hacktivism.

A recently released study of data breaches by Verizon, the telecommunications company, reported that Anonymous and other hacktivist groups in 2011 accounted for 58 percent of all compromised records reported to investigators that year, a big increase over earlier years.

"In this past year, hacktivism is on the map in a big way," said Bryan Sartin, one of the co-authors of Verizon's Data Breach Investigations Report. "We see a different threat, a different adversary, and a broader range of attack techniques."

Cyber-intrusions by hacktivist groups are easy to distinguish, Sartin said, because the perpetrators, unlike most cybercriminals, are not motivated by a simple desire for financial gain.

"In a hacktivist attack, there are literally hundreds of ways you can hurt the victim," he said, "and in the end that's what hacktivism is about. It's about damaging a brand, it's about retaliation, it's about the public perception that an entity has been hacked. Hacktivism is the place where you see the most complexity, the most innovation and the most ingenuity on the part of the perpetrators."
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 1 • Views: 2,782 • Replies: 1
No top replies

Reply Fri 6 Apr, 2012 11:09 am
When Online Hacking Poses Real-World Dangers
April 5, 2012
by Steve Henn - NPR

In January, the hacker group "Anonymous" staged a demonstration at a BART station in San Francisco after officials turned off cell phone service in its stations.

There are a couple interesting Anonymous stories out there in the ether today. First, the news.

The group claims to have hacked a number of Chinese government websites. Last month, Anonymous China launched its own Twitter account. It was endorsed by the YourAnonNews account, which is kind of the unofficial clearinghouse of Anonymous posts on Twitter. And then the folks who are behind this project got to work.

Hundreds of Chinese government sites and companies reportedly have been defaced within the space of a few days. On some of the sites the group even posted tips on how to circumvent the Great Firewall of China.

And now the analysis:

An interesting article by Yochai Benkler on the Foreign Affairs website asks the question: What is Anonymous really? In the article, "Hacks of Valor," Benkler, a Harvard Law professor and co-director of the Berkman Center for Internet and Society at the university, makes the case that Anonymous is widely misunderstood. He writes:

"Seeing Anonymous primarily as a cybersecurity threat is like analyzing the breadth of the antiwar movement and 1960s counterculture by focusing only on the Weathermen."

It's an interesting argument.

I like Benkler's analogy. NPR's Tom Gjelten, who recent reported on Anonymous, wrote a note suggesting an interview with cybersecurity experts who are worried about these attacks. I'd love to hear that as well.

For my part, I tend to agree with Benkler. Anonymous is a broad, largely disorganized movement, built around the idea of cyber-civil disobedience. I think the China attacks speak to that.

There are dozens, probably hundreds of different types of actions talked about in Anonymous chat rooms. Some gain support, some don't.

Some might be the digital equivalent of a sit-in — a denial-of-service attack that floods a website for a while and disrupts its ability to do business. Others might be break-ins — where data is stolen with the intent to embarrass someone. And certainly, depending on the kind of information stolen, those kinds of break-ins could be dangerous. And, of course, at least theoretically some of these actions could be real attacks on physical infrastructure that have real-world consequences.

So far at least I'm unaware of any kind of hack attack led by Anonymous or any other non-state actor that falls into the latter category — what we might call the digital Weathermen.

I think the wrinkle here — the point where the analogy breaks down — is appropriately in the anonymity of these online actions. If I went to a sit-in I faced arrest. I knew that going in. It was part of the deal. Cyber activism and its false promise of anonymity can lure people into believing their actions may not have real-world consequences. That can perhaps lure some into reckless or irresponsible behavior.

But I don't think that's why we are more vulnerable now to hacking — or the potentially disastrous effects of online attacks.

The real problem is that powerful and potentially disruptive tools have become much more widely spread. Many hacks today are relatively easy and cheap. And there are more people who can do greater damage by hacking than ever before. But that's not because of the growth of groups like Anonymous or any other political movement.

Much of it has to do with the kinds of networked cellphone technology that is being built into more kinds of devices — from factory valves to medical equipment to chips used to track cattle in fields. Yes, you can hack cows. All of it can be hacked and manipulated from afar. If you can get in, you can do damage — and new digital doorways are being built into almost everything.
0 Replies

Related Topics

  1. Forums
  2. » 'Anonymous' Hacking Group Threatens The Internet
Copyright © 2023 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 02/02/2023 at 01:21:21