I was asked the other day on my opinion of the latest round of cyber attacks from anonymous and their apparent new rivals, The Patriots. And what I think is happening in regards to all of the DDoS attacks against Mastercard and PayPal which have been caught in the cross-hairs.
(Not sure if this is what they wanted… but it is the
most accurate portrayal of what I think is happening.)
To put it simply, Operation Payback is just a form of protesting, been thrown
into the digital world. Anonymous is basically a collection of bored internet
users, passing time and often feeling incriminated by politics going on around
them. How does an individual protest, or make a change when you are… just a bored internet user?
When they started the DDoS campaigns against companies protecting copyright, it
was because it was something that impacted them. Each individual that ‘signed up’ to this payback campaign was personally affected. It was basically ‘the man’ taking away their freedoms. The freedoms of being a bored internet user (censorship and piracy are the big players here).
People often go on 4chan and ask ‘Anonymous’ to attack someone, or something. But this doesn’t work unless it is something that affects the majority of people. It is something which has started a ‘hive mind’ in which Anonymous operates.
Enter Julian Assange, the founder of Wikileaks. He has come along as the poster boy of sticking it to the American government and has been glorified as the Che of the cyber world. He is the Malcom X of the digital age to the players which operate within it. This is exactly the sort of figure which the masses of Anonymous see within themselves with trying to fight for their internet freedoms. Just like throughout history, you have minorities of like minded people feeling their rights and freedoms are being taken away, so they bind together and protest. It happened in the 60’s and 70’s with so called ‘Hippies’ protesting the Vietnam War. It happened in the 90s when ‘depressed teenagers’ would lock themselves in their rooms, smoking drugs whilst they listen to Nine Inch Nails thinking the world was against them and that they thought they couldn’t make a difference. It is this minority of young minds that feel the world is against them, that forms this ‘hive mind’, or a movement.
In current times of political turmoil, wars, economic collapses and
authoritarian figures telling the youth of the world what they can and can’t do, this mind-set is born. The ‘bored internet user’ of today (which is seemingly now referred to as ‘hacker’) is the label which is applied to them and ‘Anonymous’ is the flag they protest under (or fight for). It is parallel to
like minded groups throughout history. How do you protest when you are a ‘bored internet user’? The answer is what we are witnessing right now in terms of these groups of civilians launching cyber attacks on one another. It is the idea they are fighting for.
How could all of these cyber attacks be coordinated by a depressed group of
‘bored internet users’? Well it isn’t. You have different layers, a sort of
hierarchy in this ‘hive mind’. You have very smart, sophisticated and
technological people with the same ideals within this group. These are the
people that coordinate, and tell the masses what they should do if they believe in whatever it is they are fighting for.
The tool used in the latest DDoS attacks against rivals to Wikileaks are tools
developed by the higher up in the hive mind, and given to followers which
support the same goal.
LOIC (Low Orbit Ion Canon) is a user-friendly, easy to use piece software
developed to send large amounts of internet traffic to a designated host. So
basically, if you get enough people on board with your ideals, you tell them to enter an address (or website) into LOIC at a certain time (and with enough
followers) random bits of data on a mammoth scale will be directed towards an online service or site rendering it inoperable. What happens next? Front page news. Is that not achieving a successful protest?
Therefore, what happens when the pin-up boy for anti establishment gets
arrested, gets his web presence removed, and gets his funding abilities stripped away from him? The mass of ‘bored internet users’ relate to the what-they-see as unfair treatment and with the direction of a few within the ‘hive mind’, point their Low Orbit Ion Canons towards the Wikileaks’ rivals, bringing fourth a new era in Information Warfare. I saw somebody on twitter post the other day that this point in history will be known as ‘World Infowar 1’. And it is true.
Enter ‘The Patriots’. I don’t believe The Patriots are of the same ‘hive mind’
mentality. The controversy surrounding Wikileaks brought to the forefront a lot of different opinions. Some for, and some against. But something this
controversial and something that inflames so much emotion within different
groups can’t go un-noticed.
There has been debate whether The Patriots are state sponsored actors, trying to shut down Wikileaks and anyone defending them. Similar to the hacker named ‘The Jester’ who claimed to knock off the Wikileaks website with a ‘slow HTTP request’ attack (not a DDoS). This single hacker was not state sponsored, but he believes that he is fighting for something. He believed that Wikileaks would endanger lives, so what did he do? He protested by the only means he thought he could make a difference, and that is through cyber warfare. This is exactly what the hive mind of Anonymous is doing.
People like The Jester, people like Adriam Lamo (who was the hacker who
disagreed with Bradley Manning releasing confidential information and turned him in to the FBI) and any other person out there that believes that Wikileaks is destroying the ideals that they believe in will stand up to protest. But why are The Patriots so unknown, where is the publicity? It is because The Patriots aren’t thousands (if not millions) of ‘bored internet users’ like Anonymous. The Patriots would be small groups of sophisticated people protesting back in their own right. (Here is the Jester’s public twitter page, he claims responsibility for taking down Wikileaks, and more recently attacks against Anonymous http://twitter.com/th3j35t3r)
Anonymous relies on (in more cases than not) average people that do not
understand the consequences of their actions. Two Dutch teenagers
recently arrested for taking part in Operation Payback by using LOIC to take
down PayPal’s blog and Mastercard’s website. It’s the thousand’s of bored
internet users which take part, which can be caught, arrested and charged with cyber related criminal offences. It’s the higher up in the hive that get away un-noticed. These are the people that direct other (and less sophisticated) users to use LOIC. The Patriots on the other hand, I see them as a group of hackers (if you could call them that) which are retaliating for what they believe in. Botnets are easy to acquire or hire if you have the know-how. And botnets aren’t even required with the recent spate of ‘slow HTTP’ request attacks which have become popular. Could this possibly be how The Patriots work? Probably. You don’t need an army of ‘bored internet users’ to blindly click a button without knowing the implications. The Patriots are smaller in numbers, but on the cyber warfare plains, this point is irrelevant.
To summarise, the battle raging between Anonymous, The Patriots, Wikileaks and the US government is just a point in history. A point where jaded individuals banded together with the same ideals, and decided to protest in the only (and most effective) ways they know how. And we (you and me) are the unsuspecting, politically neutral civilians being caught up in the middle of this new era of cyber warfare. As like traditional civilians in the midst of a conflict, we all get affected one way or another.
—- ADDITION —-
Since I wrote this post, there has been a flurry of posts from security experts dismissing that this whole fiasco isn’t a cyber war…
One thing I’d like to point out. These experts mention that this isn’t a cyber war, as the numbers of individuals and the sophistication of attacks are minor. My point would be that you don’t need the sophistication for it to be a war. One or more groups of individuals fighting against another group of individuals who are equally fighting for something would be classed as war. Look at gang war, turf wars and tribal wars. They don’t need sophistication, or governments involved. So how is this not ‘cyber war’? We have seen players from all around the world joining into these recent attacks.
It is true that we haven’t seen anything yet in terms of large scale cyber war,
where countries and institutions are knocked offline and millions of people are affected (which an article in SC Magazine is referring). But this could be a
start of a worrying trend. What’s happening right now with Anonymous, Wikileaks and the retaliatory DDoS is definitely a cyber war. Being that which it is, a civilian war, we definitely don’t want to see state sponsored groups getting involved. Just have a look at the South Osetia War in 2008, where Russia crippled Georgia’s telecommunication and data networks before invading. Look at something like Stuxnet, the first weaponised computer worm which has disrupted Iran’s nuclear processing plants. Look at April 2009, where China performed a Man in the Middle attack on a massive scale and intercepted 15% of the world’s internet traffic for 18 minutes without anybody realising.
Right now, these battles are being fought with sticks and stones (in Internet
Speak). But many battles have been fought with sticks and stones. It is just
evolution. The more we rely on technology, the more weaponised it will become.
Roughly a month after I wrote this, I stumbled upon a similar article. It is authored by an individual of the same mindset of the people I speak of. So for some additional insight, the article can be found here: http://theworldexposed.wordpress.com/2011/01/02/warriors-in-battle/