ACTIVISM GOES VIRTUAL WITH THE ANONYMOUS COLLECTIVE
By Tom Rataj
Activism probably goes back to the days of the Neanderthals and was surely present at any given point in human history. Today's iteration takes full advantage of all modern technologies including the Internet, potentially making it more dangerous than ever.
By Tom Rataj
Activism probably goes back to the days of the Neanderthals and was surely present at any given point in human history. Today’s iteration takes full advantage of all modern technologies including the Internet, potentially making it more dangerous than ever.
It is of little surprise then that the Anonymous Collective, an online “virtual” activist network, has been all over the news recently. Its concept goes back to 2003 when a collective of Internet-connected individuals first began sharing thoughts and ideas about conducting anarchy online. In addition to the usual anarchist ideals, they often focus on freedom of speech and information and complete openness on the Internet.
Using the anonymity of the Internet, a very loose collection of like-minded individuals with no clear leadership interact through image-boards (online forums for sharing images), Internet discussion forums, wikis (a web site where users can add, delete and modify content) and Internet Relay Chat (IRC) networks (real-time text messaging). Some activities are carried out by individuals but numerous members also cooperate to accomplish an agreed upon action.
Much of their action can be classified as “hacktivism” (hacking + activism) to promote their political agenda. Primary targets are governments, police and intelligence agencies and big corporations. In some cases their activities just cause grief or embarrassment but they have also stolen confidential data and caused serious disruptions. Anonymous uses a number of tried-and-true methods to accomplish their goals.
One of the oldest and most proven hacktivist methods is shutting down a web site by organising and executing a Distributed Denial of Service (DDoS) attack. Essentially, this overwhelms a web site with constant requests for service that greatly exceeds server capacity. Overwhelmed, they stop working and the site crashes. Once the attack ends, the servers can be restarted without permanent damage.
DDoS attacks are usually executed through BotNets – thousands of computers infected with remote controlled software, usually through a virus or compromised web site viewed by an unsuspecting visitor. Some Anonymous members or sympathisers may willingly donate the use of their computer for a particular BotNet target.
Another common hacktivist strategy is to use sophisticated hacking tools to break into web sites that don’t have adequate security. As with the UK phone hacking scandal, many victim sites were successfully hacked because security was managed by very weak, easy to guess passwords such as “123456.”
For stealing data, many hackers use a technique known as a “Structured Query Language Injection Attack” (SQLIA). SQL is a programming language designed to manage relational databases and is widely used around the world. A poorly designed site can be readily compromised through an injection of specially designed computer code, causing the database behind it to produce otherwise inaccessible data for the hackers (such as usernames, passwords, credit card numbers and the like).
Some Anonymous associates use the name “Lulz” (laughing at the victim of a prank) and LulzSec (Lulz Security). They are believed to be responsible for several high-profile attacks, including compromising user accounts at Sony Entertainment’s web site in 2011. They also claimed responsibility for knocking the CIA web site offline in June 2011 in what was likely a DDoS attack.
Some computer experts have commented that while LulzSec attacks have been an annoyance, they have actually done many companies and government web site administrators a favour by highlighting poor security.
Anonymous and other hackers often cooperate by using file-sharing and peer-to-peer sites such as The Pirate Bay (TPB), a Swedish web site which also hosts bootlegged computer software, movies and other misappropriated copyrighted materials.
Anonymous has successfully attacked numerous government and police web sites around the world.
Threats against the City of Toronto web site were levelled when talk of dismantling the “Occupy Toronto” encampment intensified, because of the in-common anarchist goals of Anonymous and some of the Occupy protestors.
In late 2011, Anonymous hackers apparently managed to intercept and record a conference call between British and American investigators who were, ironically, involved in investigating their activities
In late February 2012 the Ontario Association of Chiefs of Police web site was hacked because of its support for Bill C-30 (“Protecting Children from Internet Predators Act”). Portions were apparently hacked by someone associated with Anonymous and allegedly stolen information, including e-mail addresses, passwords and user names, were later posted on another site, along with the taunt “Welcome to a database leak. First I would like to say a quote: Snoop on to them as they snoop on to you…”
Also in late February, 25 suspected members of Anonymous were arrested in “Operation Unmask,” an international sweep that included police action in Argentina, Chile, Columbia, Spain, the Czech Republic and Bulgaria. Interpol announced the arrests after its Latin American Working Group on Information Technology (IT) Crime helped break the case.
Targets had included the Columbian defence ministry and presidential web sites and Chile’s Endesa electricity utility and national library. Activities included defacing web sites, committing DDoS attacks and posting stolen police data related to security for political leaders and facilities.
Hundreds of computers and related equipment were seized. Two servers, located in the Czech Republic and Bulgaria and allegedly used by the group, were blocked.
Within hours of announcing the arrests, the Interpol web site was apparently forced off-line by a DDoS attack, presumably by Anonymous and its supporters.
The US National Security Agency (NSA) recently issued a warning that within two years, Anonymous might be able to successfully disrupt electric utilities, causing power distribution failures and very serious ramifications in affected areas.
Anonymous also threatened to attack the very structure of the Internet on March 31, 2012 by attacking the 13 root DNS servers that keep it running. Some computer and Internet security experts suggested that “Operation Global Blackout” as it was called, would be very difficult for Anonymous to carry out.
While most of their activities are bad, Anonymous claimed responsibility in October 2011 for temporarily taking down 40 hidden child pornography sites and posting a list of more than 1,500 of the sites’ user names online. It is not yet known if this helped investigators.
During “Operation Darknet” it also used a DDoS attack to disable the “Freedom Hosting” server, home to numerous sites including “Lolita City,” reported to contain more than 100GB of child pornography. It demanded that all the child pornography be removed from the sites.
Some Internet security experts rightfully pointed out that although their intentions may have been good, taking down the sites could have damaged or otherwise disrupted criminal investigations into them.
While much of Anonymous Collective’s mischief is just that, it also poses a serious threat to corporate, government and police web sites. Its threats to disrupt national infrastructure should not be taken lightly.
Any corporation, government or police agency operating a web site needs to work diligently to protect systems from any type of attack, whether by Anonymous, industrial or political espionage or counter-surveillance.
Simple passwords don’t provide anything more than rudimentary security. Computer users should always use top-quality, up-to-date security software and regularly change passwords to avoid becoming an unwitting victim or instrument of the Anonymous Collective.