backtop


Print 47 comment(s) - last by Ammohunt.. on Feb 7 at 2:37 PM


The arrests follow attacks against companies like MasterCard and Visa that cut funding to Wikileaks. Anonymous says that it is at "war" with the UK government following the arrests.  (Source: Guardian UK)
Fiery statement from Anonymous follows the arrest of several of the group's hackers

Amid the drama unfolding in Egypt, drama of a very different nature was unfolding in the U.S. over the weekend.  Hackers belonging to one of the highest profile online communities have accused the U.S. and UK governments of declaring "war" on them, and vow to fight back.

I.  The Search

The turmoil began on Thursday, when the U.S. Federal Bureau of Investigations executed 40 search warrants, raiding the houses of members of the group Anonymous, a 1,000+ member group of online enthusiasts/hackers who met on the image-board site 4Chan.

The raids followed Anonymous members coordinating and executing distributed denial of service (DDoS) and other malicious attacks on credit card companies and financial institutions.  The attacks came after those companies denied funding for controversial leaks site Wikileaks, saying that the site was supporting illegal activity.  The hackers used a DDoS program dubbed the Low Orbit Ion Cannon (LOIC) tool -- an homage to Star Wars: The Empire Strikes Back -- in their attacks.

Anonymous dubbed the attacks "Operation Payback".  The attacks were executed during the second week of December and succeeded in briefly disabling some of the targeted businesses' web portals.

Coldbood, Anonymous's unofficial spokesman described the attacks, stating:

Anonymous is supporting WikiLeaks not because we agree or disagree with the data that is being sent out, but we disagree with any from of censorship on the internet. If we let WikiLeaks fall without a fight then governments will think they can just take down any sites they wish or disagree with.

Authorities have since worked with financial institutions and antivirus software makers to weed out and block the LOIC, putting an end (for now) to the attacks.

II. The Arrests

Now international authorities are getting a bit of "payback" of their own.  In the Netherlands several arrests were reportedly made.  And in the UK five people ages 25 to 16 were taken in for questioning.  Among those arrested was the 22-year-old spokesperson, Coldblood.

Arrests may be in store in the U.S., as well, pending the results of the FBI's investigation.  As of Monday no U.S.-based arrests had been announced yet.

The FBI issued a press release, stating:

A group calling itself “Anonymous” has claimed responsibility for the attacks, saying they conducted them in protest of the companies’ and organizations’ actions. The attacks were facilitated by the software tools the group makes available for free download on the Internet. The victims included major U.S. companies across several industries.

The FBI also is reminding the public that facilitating or conducting a DDoS attack is illegal, punishable by up to 10 years in prison, as well as exposing participants to significant civil liability.

III.  Anonymous Says it is at "War"

Following the arrests Anonymous has released a statement [PDF] commenting:

Not only does it reveal the fact that you do not seem to understand the present-day political and technological reality, we also take this as a serious declaration of war from yourself, the UK government, to us, Anonymous, the people.

First and foremost, it is important to realize what a DDoS attack exactly is and what it means in the contemporary political context. As traditional means of protest (peaceful demonstrations, sit-ins, the blocking of a crossroads or the picketing of a factory fence) have slowly turned into nothing but an empty, ritualised gesture of discontent over the course of the last century, people have been anxiously searching for new ways to pressure politicians and give voice to public demands in a manner that might actually be able to change things for the better. Anonymous has, for now, found this new way of voicing civil protest in the form of the DDoS, or Distributed Denial of Service, attack. Just as is the case with traditional forms of protest, we block

access to our opponents infrastructure to get our message across. Whether or not this infrastructure is located in the real world or in cyberspace, seems completely irrelevant to us.

Moreover, we would like to take this opportunity to set the record straight on the difference between a DDoS attack and hacking, as these concepts often seem to be confounded when media and policy-makers talk about Anonymous. Hacking as such is defined by the law as ‘unauthorised access to a computer or network’, whereas a DDoS attack is simply a case of thousands of people making legitimate connections to a publicly accessible webserver at the same time, using up the entire bandwidth or processing power of the given server at once and thereby causing a huge ‘traffic jam’.

It is clear then, that arresting somebody for taking part in a DDoS attack is exactly like arresting somebody for attending a peaceful demonstration in their hometown. Anonymous believes this right to peacefully protest is one of the fundamental pillars of any democracy and should not be restricted in any way.

Moreover, we have noted that similar attacks have also been carried out against Wikileaks itself, yet so far, nobody has been arrested in connection with these attacks, nor are there even any signs of an investigation into this issue at all. Yet, we know exactly who was responsible for that attack. Anonymous believes it is unfair and hypocritical to attempt to put these 5 arrested anons to trial without even attempting to find those who DDoS’ed a website which you oppose. We can therefore only assume that these arrests are politically motivated, and were being carried out under pressure from the US government. Anonymous can not, and will not, stand idle while this injustice is being done.

What exact steps Anonymous will take to fight back in this "war" against the UK and Netherlands governments remains to be seen.  It also remains to be seen whether the group will similarly call for a war against the U.S. if it makes arrests.

The members of Anonymous arrested in the UK face up to 10 years in prison and ~$8,000 USD in fines, under the UK's Computer Misuse Act.

In related news, Anonymous is calling for internet action [video] in support of protesters in Egypt.  The announcement comes after Egyptian authorities are seeking to block communication, impairing protesters' ability to organize.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By tastyratz on 1/31/2011 12:20:30 PM , Rating: 4
http://news.techworld.com/security/3252663/anonymo...
quote:
Anonymous uses 30,000 PC strong botnet in Wikileaks campaign Volunteers joined by malware controlled systems to take down payment sites


is that a better enough explanation for you to understand?

They used a botnet.
I understand how ddos works, but a single user is not going to cause enough of an impact to even be noticed. 1000 members at once will STILL only cause a moderate impact. To say a ddos is ok because one refresh is ok is like saying taking every book in every library is ok vs borrowing just 1.
End result is that it broke a terms of service agreement with their internet provider, engaged in illegal activity with malicious intent over private property.
A sit in on the white house front lawn is a right, if your neighbors didn't like your choice of siding on your home would you tolerate them all sitting on YOUR front lawn? Do you think they have the legal right to do so?

The lines of Civil disobedience and criminal activity are often blurred by those with malicious intent.


By gcolefla on 1/31/2011 12:52:49 PM , Rating: 2
Reading other new sites shows that there is a speculative non-voluntary bot net because the amount of bandwidth consumed voluntarily is unimaginable.

quote:
"With the rate of machines engaging in this activity, we are speculating that the hacktivists are now operating using involuntary botnets – infecting unaware victims to involve them in this campaign. And operating a botnet, is of course, an illegal activity. " Shulman notes.


Read more: http://www.thinq.co.uk/2010/12/10/anonymous-botnet...

I would need more conclusive evidence that there is in fact an anonymous botnet. I feel that if there were 3000 active users of the LOIC tool using multiple computers, than you could get close to botnet efficiency.

Anyway, I agree a sit in on the lawn by the white house is legal. As well as filling the capital lawn with millions of people to promote equal rights for African Americans.

The problem with your closing argument is that we are not talking about the color of siding on homes.

We are discussing corporations that have more money and resources than most governments in the World. Corperations that use lobbying to affect our government's decisions as well as being pressured by our government to enact certain policies. These credit companies have direct impact on our daily lives. They control our ability to buy items in our western economic culture, while being protected as a person and private entity.

How do you create a discourse with paypal? This company has no real physical location representative of its global power and impact. The only way to send a message is using the internet to sit in at their 'public' site. Is the main page of a web site used by millions of people a private space, or can it be considered just as public as the mall in Washington D.C.

How would you propose a different model of getting a message as the site of this company. How would you plan a sit-in on anonymous, if they only operate from an online website as well.


By Hieyeck on 1/31/2011 1:42:43 PM , Rating: 4
Ummm... LOIC was entirely voluntary, hardly a botnet, but probably approaching botnet effectiveness. Botnets only stay effective if their bandwidth consumed doesn't become noticeable to the infected user (or the user/ISP will shut it down), so a voluntary network of people going at it are easily 10 times more effective.

1000 Users who voluntarily use ALL their bandwidth with an average down of 10 mbps is already 10gbps. That's the entire capacity of a small datacentre. I know for a fact that large datacentres (over 50k servers) push about 20gbps at peak, and capacity is usually double peak, so that's a max of 40gbps. You'd only need 4000 voluntary active users with an AVERAGE internet connection to swamp a datacentre of over 50 THOUSAND servers. And I imagine most supporters probably have more than 10mbps.


“And I don't know why [Apple is] acting like it’s superior. I don't even get it. What are they trying to say?” -- Bill Gates on the Mac ads














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki