June 1, 2012

TSG IntelBrief: Hacktivism and the Case of Anonymous

        As of early June 2012, the ability to wage information warfare — generally understood to mean the application of destructive force against information and communication assets in order to influence the decision-making process of an adversary — is no longer the sole province of governments. Encompassing strategic attacks on information infrastructure, including financial and banking, telecommunications, transportation and electric power, this new form of warfare in the information age targets the increasing number of nation-states and corporations that have grown intractably dependent on information technology. At the same time, the low cost and widespread availability of Internet tools have empowered non-state actors, terrorist organizations, criminal syndicates — and even individuals — with weapons that can not only directly influence state policies, but could also potentially have the same crippling effect now attributed to weapons of mass destruction.


Anonymous: A Case Study

The Internet collective known as "Anonymous" is arguably the best known among non-state entities that have demonstrated considerable power in the cyber realm. Variously described as a criminal enterprise, a terrorist group, and simply an informal confederation of online activists, Anonymous combines traditional hacker techniques — such as web defacement and denial of service attacks — with political activism, a phenomenon known as "hacktivism." While security experts differ on how to precisely categorize Anonymous, it seems to operate in accordance with two fundamental tenets: a devotion to personal privacy and the commitment to defend the free flow of information. As the cyber-equivalent of an insurgent group, the organization's goal may be to foment a grassroots revolution to keep governments from controlling the Internet, thereby preserving what some have described as "cyber anarchy." Yet members of the collective likely maintain very different interests and motivations for participation, and its loose, decentralized structure allows for voluntary action in a single campaign or in a variety of protest activities — legal or illegal.

Anonymous rose to prominence in 2008 in a multi-pronged campaign against the Church of Scientology that included denial of service attacks, prank phone calls, and hosting websites that revealed proprietary information. Anonymous has since been involved in a number of high-profile incidents that promote various social and political agendas, to include:

• In December 2010, it launched "Operation Avenge Assange," a series of denial of service attacks against PayPal, MasterCard, Amazon, and others as retaliation for their having withdrawn services for WikiLeaks, which had publicly released a cache of classified American diplomatic cables. (Note: The Australian-born Julian Assange is the founder of WikiLeaks.)

• In February 2011, the security firm HBGary, which provides governments and corporations with services designed to protect assets from cyberterrorism and cyberespionage, had reportedly uncovered the identities of Anonymous' leaders and was planning to release this information to the FBI when the collective hacked into servers and published the company's e-mail online.

• In October 2011, after the website hosting service, Freedom Hosting, ignored warnings from Anonymous to remove links to illegal child pornography, the group infiltrated the server, took down child porn sites, and exposed the names of nearly 1,600 users (all part of the group's reported "Operation Darknet").

• In December 2011, Anonymous again teamed with WikiLeaks when it hacked into internal servers of the intelligence and analysis firm Stratfor and obtained potentially damaging emails to be published on the WikiLeaks site. The group also obtained credit card information of Stratfor subscribers.

Earlier this year, Anonymous turned its attention to the U.S. Government when it indirectly entered the congressional legislative process by calling for an Internet blackout and threatened the destruction of companies that had shown support for proposed anti-piracy bills. The legislation was put on hold as a result of the outcry. Most recently, Anonymous breached servers for the U.S. Department of Justice's Bureau of Justice Statistics, which analyzes crime data to include computer security incidents.


Worldwide Targets

Foreign governments and organizations have also been targets of the collective's wrath. Anonymous has claimed credit for attacks on government websites in Russia and Iran, apparently in response to the repressive Internet policies espoused by both of these countries. Operatives have also done their part to facilitate the Arab Spring, launching cyber campaigns against the governments of Tunisia, Algeria, Egypt, and Yemen, while also aiding activists in getting information to the outside world despite government crackdowns. Following a NATO report that discussed Anonymous' ability to hack into sensitive government, military, and corporate files, the group hacked into NATO's databases and stole approximately 1GB of information. Meanwhile, the head of the U.S. National Security Agency — the organization responsible for collecting signals intelligence and protecting sensitive computer networks — has reportedly warned that Anonymous could soon develop the cyber attack capability to shut down the power grid in pursuit of its political aims. Likewise, the Department of Homeland Security has noted that, although it is not currently capable of attacking critical infrastructure, Anonymous could be rapidly heading in that direction.

To date, the U.S. government has primarily treated the collective as a criminal entity and has made several arrests on charges of specific computer crimes. In March 2012, for example, the Department of Justice indicted six people for hacking and other crimes, citing the December 2011 hacking of Stratfor and the January 2012 hacking of international law enforcement e-mail. Previously, the FBI made 16 arrests in July 2011 on allegations of links to Anonymous' attack on PayPal. Given the breadth of its activities, the number of victories it has claimed, and the difficulties in attribution, these arrests may have done little to deter the group from future attacks.

As government and private sector agencies struggle to precisely define the nature of organizations such as Anonymous — and to design effective deterrent strategies — the frequency and seriousness of cyber assaults by non-state actors will assuredly increase. As they do, the fog of war described by the strategist Carl von Clausewitz as inherent to all land battles will grow even more impenetrable in the cyber battles ahead.

. .    


Also available: TSG Specialized Reports: The Soufan Group's world-class network of intelligence analysts produces specialized geopolitical and risk assessment products tailored to the unique needs of our clients in the public and private sectors. We welcome the opportunity to discuss your requirements and explore how our intelligence services can assist you in achieving your strategic objectives. For more information, please contact us at:

 Screen Shot 2013-10-21 at 9.32.42 AM