Anonymous Arrests: How Do You Behead That Which Has No Head?
Jun 13, 2011 6:00 AM PT
Spanish police announced Friday they have arrested the leaders of the Anonymous hacker group in that country.
They also claim to have found a server that coordinated and implemented computer attacks on government, financial and business websites worldwide, including the Sony's PlayStation Network, at the home of one of the trio.
As news of the arrests spread, others associated with Anonymous publicly posted a message directed at the government of Spain. It asserts that DDoS attacks are a form of peaceful protest. It also claims Anonymous has no leaders, no members and is not actually a group.
On the AnonOps blog, another message to Spanish authorities was posted: "Expect us."
Spanish police said they sifted through more than 2 million lines of records, comprised of log chats and Web pages, to home in on the three.
The hackers used the LOIC (Low Orbit Ion Cannon) tool, an open source network stress testing tool that makes it easy to launch a DDoS (distributed denial of service) attack and is freely available from the Sourceforge FOSS website, Spanish police announced.
However, given the nature of Anonymous, the Spanish police's triumph may prove hollow.
"Anonymous is much like the mythical hydra -- cut off these three heads and nine more will likely replace them," Mike Murray, managing partner at MAD Security, told TechNewsWorld.
"We will only know how significant the arrest of these three suspects is after it is learned what their roles in the organization are, and then potentially what other data is obtained," Randy Abrams, director of technical education at ESET, pointed out.
"If these three had extensive information about membership and communications, it could be a significant blow to Anonymous," Abrams told TechNewsWorld.
"Anonymous is as much an idea as it is a tangible organization," suggested Christopher Harget, a director at ActivIdentity. "Since it has no official representatives, the importance, or even relevance, of these three individuals is difficult to ascertain."
Ole Policia Nacional Espana!
Spanish police began their investigation in October after Spain's Ministry of Culture complained that its website had been hit by a DDoS attack in protest against the government's passing of an anti-Internet download law known in the country as the "Law Sinde," after the Minister for Culture Angeles Gonzales-Sinde.
That attack was followed by another one on the Ministry of Culture in December.
As the investigations were proceeding, Anonymous claimed on May 18 to have attacked the website of Spain's Central Electoral Board just days before municipal and regional elections.
This led investigators to arrest one of the suspects, in the town of Gijon, who had a chat server in his house.
This server was used to coordinate and implement Anonymous attacks against the Sony PlayStation Store, banks and websites belonging to the governments of several countries, including Egypt, Algeria, Libya, Iran and New Zealand, Spanish police said.
More attacks followed: on Spain's Congress of Deputies, a labor union and the Catalan police force. That led investigators to identify and arrest two other hackers, in Barcelona and Alicante.
Who's Anonymous? Who Knows?
Anonymous consists of a loosely knit group of hackers who apparently join up ad hoc to launch attackers against targets.
They coordinate their efforts through their own IRC network called "AnonNet." This purportedly "exists to enable the free flow of ideas and communication without fear of third party interception, monitoring, intimidation, or coercion."
"Anonymous is so many things to so many people that it's hard to make a blanket statement about taking it seriously," MAD Security's Murray said. "If the authorities are focusing on group membership in Anonymous, they're going to arrest a lot of innocent people to try and find the guilty," he warned.
It's better to focus on the people who actually pull off hacks than people who call themselves members of Anonymous, Murray suggested.
Is Anonymous Doomed?
The action by the Spanish police follows similar crackdowns against hackers in the United States and the United Kingdom, and it could be a sign that the authorities are beginning to target hacktivism.
"Anonymous has garnered so much publicity that they were bound to draw attention from law enforcement agencies," ActivIdentity's Harget told TechNewsWorld. "It will eventually be taken down a peg by the authorities."
The Internet policy task force of the United States Department of Commerce on Wednesday published a report on cybersecurity, innovation and the Internet economy that proposes developing nationally recognized voluntary codes of conduct to strengthen the cybersecurity of companies.
The report also calls for education and research to improve public understanding of cybersecurity vulnerabilities, and enhancing international collaboration on cybersecurity best practices.
These actions must be accompanied by more effective law enforcement and harsher penalties against hackers, ESET's Abrams suggested.
"If the frequency of arrests, convictions and significant sentences does not improve, then the effect will be that hackers will increase attacks against companies that abuse laws for financial motivations," Abrams said.