Over the past two years around 90 people – some as young as 16 years old – have been arrested in the US, UK, and mainland Europe for online criminal activities relating to the hacktivist group Anonymous. The charges they face range from disabling commercial websites, stealing sensitive information such as credit card details, to attacking government security sites. In March 2012 one of the leaders of the spin-off group called Lulzsec was arrested and has subsequently become an informant for the FBI in exchange for leniency, which has led to more arrests. It marks a significant moment in the fight against these new breed of activists, but the story behind them isn’t a simple case of young, technologically skilled kids with malicious intent. Some of them have a cause.
Ever since the dawn of computers there have been hackers. In fact many of the advances in technology and the internet have come from people who wanted to take something apart to understand how it worked, or use technology in ways that its creators never intended. Google, Apple, Microsoft, and Facebook all were birthed in environments such as these, with Steve Jobs and Steve Wozniak famous for selling little blue boxes that hacked the US telephone system and allowed their customers to make long distance calls for free.
There are also those who use these skills to make people’s life a misery, steal information, or generally wreak havoc. These are the reason we have firewalls, virus scanners and emails from Nigerian princes who want to give you a million pounds if you’ll just hand over your bank details. Somewhere between these extremes is another class of hacker, whose motives are considered noble by some and criminal by others. They are the Hacktivists, a modern equivalent of the political protesters, who instead of picketing embassies or wielding banners outside corporate headquarters conduct their campaigns over the internet with arguably more profound results. See also: Hacktivism trumps money as motivation for Denial of Service Attacks.
What is Hacktivism?
The origins of the term Hacktivist comes from, depending which reports you believe, a hacker collective amusingly named The Cult of the Dead Cow. The name joined the words Hacker and Activist together in 1996 to describe people who had a political agenda for their digital infiltrations. Of course the name didn’t create the movements involved – there were recorded politically motivated hacks as early as 1989 – but it did give a distinction from those who attacked websites for personal gain. The causes that the early Hacktivists pursued included nuclear disarmament, a mass attack on the Indonesian government to highlight the conditions in East Timor, a series of hacks championing those murdered in the Acteal Massacre in Mexico by a paramilitary death squad, plus the Guy Fawkes day attack on the UK Government in 1994 protesting about the proposed Criminal Justice Bill, which disabled the Government’s official website for a full week.
The common weapon of the hacktivist is a Distributed Denial of Service (DDoS) attack, which bombards the target servers with thousands of page requests (similar to masses of people sitting on the site and continually pressing refresh). This then overloads and crashes the site. The idea is likened to a virtual sit-in and seen as disruptive rather than destructive because the target sites aren’t damaged, no information is stolen, but the volume of requests causes them to shut down, thus preventing anyone from gaining access.
Hacktivism: Anonymous vs Scientology
If there’s one group that has become more famous than any other then it has to be Anonymous, who first announced themselves to the world in 2008 via a Youtube video which declared war on the church of Scientology.
The motivation behind this sudden conflict related to an internal promotional video for the Church, starring Tom Cruise, which had been leaked onto the internet. The content was embarrassing for the organisation and their notoriously aggressive legal team immediately began issuing take-down orders to any site that hosted the video with threats of legal action if they didn’t comply.
This struck at the very heart of issues that hackers at Anonymous held sacred – free speech and non-censorship. Their video response threatened to destroy Scientology ‘for the good of your followers, for the good of mankind’, marking the beginning of a sustained campaign of DDoS attacks, phone pranks, and eventually culminating with a call to arms for followers to take to the streets and picket Scientology offices around the world. This seemed a potentially embarrassing move for a secretive and disparate collective of hackers. So It came as a massive surprise then when the day arrived and over 10,000 people assembled in several major cities across the globe, many wearing the adopted mark of Anonymous – a Guy Fawkes mask similar to the one that appeared in the movie V for Vendetta. Hacktivism had left the murky realms of basements and bedrooms and come out onto the streets.
Anthropologist Gabriella Coleman recently stated in the excellent documentary ‘We are Legion – the Story of the Hacktivists’ that ‘Prior to Anonymous, critics of the Church still had to be very, very careful because of the aggressive lawsuits that were launched against academics, journalists, and other critics. I would say that era is over, and Anonymous more than any other sort of intervention is responsible for that change’.
2010 saw the political whistleblower site Wikileaks release confidential communication records between the US state department and various representatives overseas. The move was highly controversial and caused condemnation from the US government. In response pressure was put on Amazon, PayPal, Visa and Mastercard to remove services from Wikileaks – in effect hiding the site, freezing assets, and preventing supporters from financially donating to the organisation. Anonymous saw this as an attempt to censor the truth, and for federal and corporate bodies to crush those that would question them. The hackers quickly launched an offensive and armed their various activists with a program called the Low Orbit Ion Cannon, which made it incredibly easy to execute DDoS attacks without the need for technical or coding ability. In no time at all the sites of Paypal, Visa, and Mastercard were shut down, causing the companies losses which Paypal recently claimed to be in the region of £3.5 million. After continued attacks PayPal released the funds that it had held back from Wikileaks, although it did not reactivate the account.
These levels of aggression, as well as their public nature, saw the FBI, Interpol and other law enforcement agencies double their efforts to hunt down members of the group. It also marked the appearance of another Hacktivist called the Jester, a self proclaimed ex-US military operative who had previously targeted anti-American sites such as those linked to the Taliban. Angered by what he/she regarded as Wikileaks ‘attempting to endanger the lives of our troops’ The Jester launched a series of Denial of Service attacks on the Wikileaks site and also crossed swords with Anonymous.
Anonymous and the Arab Spring
It was surprising then that in the midst of these turbulent days the movement had what many believe was its finest hour. After Wikileaks released the communiques the site was promptly blocked by the Tunisian government. Further investigation of events in the North African country revealed alleged incidences of censorship, Facebook hacking to alter anti-government statements and also track the identities of those speaking out against the leadership. Anonymous members, working with fellow hacktivist group Telecomix, took out several official sites, and provided Tunisians with tools to avoid detection while online. The Tunisian president Ben Ali also had his servers hacked by activists and the information sent to Wikileaks for them to display on their site. Finally the dictatorship toppled under the weight of online attack, social media broadcasts of the conditions, and powerful civil protest from the Tunisian people.
One Anonymous member who calls herself ‘Homocarnula’ said of the Tunisian uprising ‘There’s a video where they are thanking us for being involved, holding up a mask saying we were the only ones that stood by their side. For me it was awesome to hear that and feel the connection.’
This first chapter in the Arab Springs uprising gave courage to those in Egypt who were also fighting to remove their ensconced dictatorship. In retaliation the government forces tried to eliminate internet access for the whole nation so that the people would be prevented from using social media to organise themselves and bring attention of their plight to the world. Again Anonymous and Telecomix worked hard to ensure that the footage of protesters clashing with aggressive government forces in the streets reached audiences outside the country. They also created various dial-up web access points, taught Egyptians how to validate SSL keys and certificates to circumvent the imposed restrictions, and launched their own DDoS attacks on government websites. Google also showed their hacker roots when they added support to the Egyptians by creating the Speak2Tweet service which enabled them to call certain numbers and leave their stories, which were subsequently posted on Twitter. When President Mubarak eventually ceded power, those that had fought with the Egyptian people in the digital realms knew that although their role wasn’t pivotal in the overthrow, it was certainly significant.
Sadly these methods may be required again, as reports coming out of Syria at the end of November 2012, show that the failing government has adopted the same tactics of restricted internet access. Google and Twitter have already reactivated the Speak2Tweet service, only time will tell whether the hacktivists rejoin the fight. See also: Infuriated by Internet shutdown, Anonymous declares war on Syrian government websites worldwide.
One of the most impressive things about the exploits of Anonymous is that they were, and remain today, a leaderless collection of hackers and activists who come together in response to perceived injustices, then work for a time until the operation is over. They have no meet-ups, membership programs, or stated agenda. This is how they remain Anonymous. There is a bulletin-board style site at Anonnews.org where ideas for causes are posted, but that’s about as centralised as things become. This is the organisation’s strength, but it can also be a problem, as it means hackers can do things under the banner of Anonymous that might not seem quite as justifiable as the Arab Spring and Wikileaks campaigns. In 2008 a famous incident occurred were members who thought that Anonymous had grown too serious and lost its sense of fun decided to hack epilepsy forums and post animated giffs that flashed black and white and could induce seizures in sufferers visiting the site. There have also been factions within the group who have decided to follow a more destructive path.
In 2011 a splinter group of Anonymous called Lulzsec appeared and went on what they termed ‘50 Days of Lulz’ where they hacked a wide range of sites just for laughs. Targets included Sony (from whom they stole thousands of customer account details), several game companies, and porn site Pron.com from whom they stole account details which they subsequently made public. They also attacked the sites of government agencies such as the CIA, US Senate, NHS, and the Serious Organised Crime Agency, seemingly in a display of their technical abilities and to highlight the shortcomings in their target’s security. When the 50 days were over the group announced to the world that it had completed its objectives and would now disband. The attacks ceased, and as quickly as it had appeared the destructive force of Lulzsec vanished. At least until Hector Xavier Monsegur was finally caught by the FBI and revealed as the notorious hacker ‘Sabu’, a leader in the organisation. His evidence led to the arrests of five other members of the group, which was rumoured to have only seven in total. See also: LulzSec hacker faces 30 years to life.
With Lulzsec now seemingly all but gone, and Anonymous being hunted down by the authorities, you might think that this sudden escalation in coordinated attacks would begin to decline. But Anonymous isn’t such an easy enemy to dispel, and the worldwide nature of their followers and activists means that for every one the police detain there could be a hundred others to take their place. The nature of protest is changing and a growing dissatisfaction with corporate control, coupled with our continued transition to an online existence means they will be a force to be reckoned with for some time to come. As they once said of themselves ‘We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.’