It's been a busy news week for Anonymous. The hacker collective fueling the Occupy movement openly declared war
on the United States earlier in the week, just as thousands of emails obtained through their Christmas hack of global intelligence think tank Stratfor
were dumped to Wikileaks and splattered across front page news.
And on Friday, Anonymous decided to attack one of America's most basic freedoms - religion.
But the week was not all back pats and blue ribbons for the hacktivists. It seems some in America are finally fighting back against the misguided anarchy that is Anonymous.
Earlier this year, the hacking collective attacked numerous government and recording industry websites, including the Department of Justice, the FBI, Recording Industry Association of America and UniversalMusic.com. The coordinated distributed denial of service (DDoS) attacks were in response to the Department of Justice investigation into content sharing website Megaupload.com.
News sites are reporting this weekend that Anonymous supporters became victims themselves while launching that attack in January. MSNBC reports:
Anonymous supporters who willingly enlisted their personal computers to launch denial-of-service attacks against the groups' enemies may have unwillingly donated their personal banking information in the process.
After the Jan. 20 raid on Megaupload, a law enforcement sting that drew the immediate anger of Anonymous hackers, an unnamed attacker took a distributed denial-of-service (DDoS) attack tool called Slowloris, popular with Anonymous supporters, and rigged it to include the Zeus Trojan, a devious piece of malware used to siphon victims' online banking credentials.
That same day, an Anonymous-backed list of several different DDoS attack tools hit the Web. Backed by numerous Anonymous-affiliated blog postings and tweets, supporters were urged to download one of the tools, which would enable them to launch DDoS attacks from their own computers against big-name Anonymous targets, including the U.S. Department of Justice, the FBI, Universal Music Group and the Recording Industry Association of America.
And all the while, Anonymous' loyal hackers may have been transmitting their own bank account data to a remote server.
It's important to understand why individuals and companies are not only taking Anonymous seriously now, but are fighting back against the collective of hackers.
I have been watching Anonymous closely since their involvement in the 2009 Iran elections, when a small, focused group of hacktivists helped encourage the cyberworld to open up the internet to Iranians struggling for their own freedoms under the censorious rule of brutal leaders. As someone with family who immigrated to the US from Iran, I personally held those members of Anonymous in relatively high regard. My views of the "lulzy" 4chan hackers who mostly played silly pranks began to change as I witnessed the positive difference that others in Anonymous made in Iran.
But over time, as the popularity of Anonymous has developed into something of a pop-culture theme, a darker side has taken hold, and the more popular the collective becomes, the more opportunity that develops for power to corrupt.
In 2011, after the arrests of individuals associated with the Anonymous splinter groups "People's Liberation Front" and "LulzSec" for a string of 2010 attacks on various government entities and corporations, that potential for abuse and corruption of power began to become more evident to the public. And as the Occupy movement kicked into high gear, so did Anonymous. After clashes between protesters and police in New York, Anonymous conducted a "Day of Vengeance" to protest the NYPD – they added the Atlanta, Georgia police department to that event, vowing to avenge the execution of Troy Davis. This followed a series of leaks of authorities' sensitive information from factions of Anonymous. As Forbes reported:
Death-row inmate Davis was executed in Jackson, Georgia last night after being convicted of the fatal shooting of an unarmed policeman in 1989. The case became controversial after several eye-witnesses changed their testimonies and evidence against Davis appeared to be lacking.
Not long after the execution, the Twitter account @AnonymousIRC, which has more than 150,000 followers, said, ”So, U.S. Govt, you murder innocent people. We will now continue to expose your ‘Law Officers,’” then added, “U.S. Police Officers and Law Authorities Personnel: QUIT YOUR JOBS NOW. YOU ARE TARGET,” with the hashtag #Antisec and #TroyDavis.
Supporters of Anonymous have stolen and leaked sensitive data from the authorities in the past. In late June, its splinter group LulzSec released hundreds of contact details for officers with the Arizona Police Department along with sensitive documents, while before that the group had released internal data from the FBI affiliate, Infragard. In July, hackers with Anonymous broke into defence contractor Booz Allen Hamilton and released what supporters claimed were 90,000 email addresses and hashed passwords for agencies including the U.S. Air Force, Marines and U.S. Central Command, on what it called “Military Meltdown Monday.”
In December 2011, another well-known faction of Anonymous, CabinCr3w, posted the personal information of members of the Los Angeles Police Department in retaliation for the officers' perceived handling of the Occupy LA eviction. Of the over 40 officers targeted, only nine were actually involved with the eviction, according to KPCC Southern California Public Radio.
The hacker group @CabinCr3w sent out a Twitter message Dec. 5 that police said provided information on officers' backgrounds, home addresses, campaign contributions, property records, and in some cases, the names of family members, including children.
Police initially said the list included 25 members of the LAPD, but a review by KPCC showed that 44 officers had information posted on them that ranged from minimal information such as an email address or their rank, to more personal details including family members names, a person's online resume, home values and phone number.
Two weeks ago, the same faction hacked into the LA County Sherriff's databases, gaining access to "the names and addresses of over 1000 officers, over fifteen thousand police warrants, hundreds of thousands of court summons, over forty thousand social security numbers of citizens…anonymous tips of criminal informants pertaining to narcotics, criminal informant information and thousands of online police reports." Most notable and unfortunate however, was the information the group obtained from the Los Angeles County Police Canine Association, relative to a female airport officer. CabinCr3w claimed to have "posted a series of nude photos, available for download, that they allegedly found in her inbox."
One InfoSec blogger who writes under the name Robin Jackson witnessed the harassment that ensued online.
They hacked the officers' Gmail accounts and proceeded to read and post all of their personnel information, to accuse one officer of being a pedophile and to post the personal intimate photos of a female officer for all the world to see.
As if this weren't enough, @ItsKahuna then proceeded to log in to the female officer's personal web site, and to deface her site by posting an embarrassing intimate photo of her on the front page. After he was done, he proceeded to degrade and humiliate her via his Twitter account for all of his friends to see. Of course the tag #f**kthepolice was sewn throughout his missives.
I could outline countless other incidents that illustrate just how far various factions and individuals claiming association to Anonymous have departed from the occasional well-intended good deed, as in the days of the Iran elections. For many weeks now, I've been interviewing groups and private citizens who say they have been victimized by people and/or groups claiming to be with Anonymous, simply for holding different political or religious beliefs. We've also seen in recent months the tightening of the apparent alliance between many supporters of Anonymous and Wikileaks with the Occupy movement and with the anti-war movement on the left. While Anonymous once had very little to do with politics, there are now elements of the collective that operate solely for political purposes - sometimes with good intent, sometimes not.
In my assessment, I believe we are witnessing today the reinvention of the "institutional left." While labor unions and the ACORNs of the world will always remain cogs in the wheel of the Democratic Party machine, there is a new world of activism that stands to become even more powerful, if left unchecked. As plans for the American Spring progress this season, it's important that we turn a vigilant eye to this new machine, and that we pay attention to the tactics that are modernizing this movement for today. When power goes unchecked, Americans lose more freedoms. If the infrastructure that's in place to help protect our freedoms and our safety should find itself under attack, it will fall upon the many Thomas Paines of our day to stand ready to protect one another's freedoms - with our camera in one hand, pen in the other, and truth in our voices.