writes: For John Chase, the breaking point came on Jan. 7, when al Qaeda-linked militants gunned down 12 people at the Paris office of Charlie Hebdo. Subsequent attacks by a gunman affiliated with the Islamic State would take five more lives. Watching triumphant jihadi messages bounce across Twitter, the 25-year-old Boston native was incensed. They needed to be stopped.
Although Chase’s formal education ended with high school, computers were second nature to him. He had begun fiddling with code at the age of 7 and freelanced as a web designer and social media strategist. He now turned these skills to fighting the Islamic State, also known as ISIS. Centralizing other hacktivists’ efforts, he compiled a database of 26,000 Islamic State-linked Twitter accounts. He helped build a website to host the list in public view and took steps to immunize it against hacking counterattacks by Islamic State sympathizers. He even assumed an appropriately hacker-sounding nom de guerre, “XRSone,” and engaged any reporter who would listen. In doing so, Chase briefly became an unofficial spokesman for #OpISIS — and part of one of the strangest conflicts of the 21st century.
For more than a year, a ragtag collection of casual volunteers, seasoned coders, and professional trolls has waged an online war against the Islamic State and its virtual supporters. Many in this anti-Islamic State army identify with the infamous hacking collective Anonymous. They are based around the world and hail from every walk of life. They have virtually nothing in common except a passion for computers and a feeling that, with its torrent of viral-engineered propaganda and concerted online recruiting, the Islamic State has trespassed in their domain. The hacktivists have vowed to fight back.
The effort has ebbed and flowed, but the past nine months have seen a significant increase in both the frequency and visibility of online attacks against the Islamic State. To date, hacktivists claim to have dismantled some 149 Islamic State-linked websites and flagged roughly 101,000 Twitter accounts and 5,900 propaganda videos. At the same time, this casual association of volunteers has morphed into a new sort of organization, postured to combat the Islamic State in both the Twitter “town square” and the bowels of the deep web.
Chase, who has since shifted his focus to other pursuits, boasts a story typical of those volunteers who work to track and counteract the Islamic State’s online propaganda apparatus. Few of these hacktivists are hood-wearing, network-cracking, Internet savants. Instead, they are part-time hobbyists, possessed of a strong sense of justice and a disdain for fundamentalists of all stripes. Many, but not all, are young people — some are more seasoned, former military or security specialists pursuing a second calling. The oldest is 50. These hacktivists speak of a desire to “do something” in the fight against the Islamic State, even if that “something” may sometimes just amount to running suspicious Twitter accounts through Google Translate.
This is something new. Anonymous arose from the primordial, and often profane, underground web forums to cause mischief, not to take sides in real wars. The group gained notoriety for its random, militantly apolitical, increasingly organized hacking attacks during the mid-2000s. Its first “political” operation was an Internet crusade against the Church of Scientology following its suppression of a really embarrassing Tom Cruise video.
In time, however, Anonymous operations became less about laughs and more about causes, fighting the establishment and guaranteeing a free and open Internet. [Continue reading…]
Daniil Turovsky writes: Around 10am on 14 August 2014, an unremarkable man walked into a café near Tishinskaya Square in Moscow. He ordered a coffee, sat down, opened up a cheap laptop and launched a few applications: a text editor, an app for encrypted chat, and a browser.
Then, he opened Twitter and wrote: “I’m resigning. I am ashamed of this government’s actions. Forgive me.”
The tweet immediately appeared on prime minister Dmitri Medvedev’s official Twitter account, visible to his 2.5m followers.
Taking a sip of his coffee, he wrote a few more tweets: “I will become a photographer. I’ve dreamed about it for some time”; “Vova [Putin]! You are wrong!”
The tweeter is a member of Anonymous International, better known as Shaltai Boltai (Humpty Dumpty in Russian), arguably the most famous hacker group in the country after claiming responsibility for a series of high-profile leaks.
In the past two years, they’ve gained access to documents detailing the Russian state’s game plan for a supposedly “grassroots” demonstration in Moscow in support of its actions in Crimea; details about how the Kremlin prepared Crimea’s secessionist referendum; and private emails allegedly belonging to Igor Strelkov, who claims he played a key role in organising the pro-Russian insurgency in Donetsk, Ukraine. [Continue reading…]
Michael Hughes writes: The hacktivist group called Anonymous told jihadists worldwide it would avenge the attack on the offices of the French satirical magazine, Charlie Hebdo. Yet it’s fair to question the feasibility of such an endeavor, given the group’s typical mode of operandi is disrupting websites, not conducting counterterrorist operations. Even if they could, some are asking if they should, for fear it might beget more violence and escalate a fringe culture war.
“We will track you down — every last one — and will kill you,” a spokesperson wearing the signature Guy Fawkes mask said, in French, in a YouTube video posted on Thursday.
“You will not impose your sharia law in our democracies, we will not let your stupidity kill our liberties and our freedom of expression. We have warned you; expect your destruction,” the Fawkes character added, while calling out the Islamic State (IS) and Al Qaeda by name, and mocking their sensitivity over derogatory images of The Prophet depicted in Hebdo cartoons. [Continue reading…]
Adrian Chen writes: This past August, as the outcry grew over the killing of Michael Brown, the unarmed black teenager who was shot by a police officer in Ferguson, Missouri, the hacktivist collective Anonymous took up the cause. On August 14, an Anonymous member posted a YouTube video calling for a “National Day of Rage” to protest the shooting. A computerized voice warbled over an ominous Carl Orff–ripoff score: “We call upon the citizens of the United States to collectively gather in support for those who are suffering in Ferguson.” News sites heralded the heroic arrival of Anonymous. Initially, few of these reports noted that the exact time, date and locations of Anonymous’s National Day of Rage corresponded with a previously planned protest, the National Moment of Silence, spearheaded by black feminist blogger Feminista Jones. Jones was dismayed by Anonymous’s attempt to co-opt her peaceful demonstration and the media’s eagerness to help. “I was bothered that they chose this moment to be destructive, but it showed people just how little they care about the safety and well-being of Black people,” she later told the blog Visual AIDS. “As a Black woman, I’m also used to the historical erasure of our work and theft of our labor.” It only went south from there, after Anonymous’s dramatic claim to have identified the police officer who shot Brown turned out to be wrong.
Ferguson was a hit to Anonymous’s reputation as masked Internet superhero that saves the day. Luckily, Anonymous’s own hero came to the rescue: the anthropologist Gabriella Coleman. In an interview with The Washington Post, Coleman cast the fiasco as a rare misstep. She was “really surprised” that Anonymous released the name of the wrong officer, since the group had been “pretty precise” in leaking “important data” in previous operations. Coleman suggested the error was either an unfortunate product of Anonymous’s “whimsical, experimental” nature, or else the entire operation was a “false flag” by an enemy meant to make Anonymous look bad. “I think both are completely plausible,” she said. A more obvious interpretation was not considered: the Anonymous mystique had allowed a group of incompetents to hijack, then discredit, an important grassroots movement in the eyes of national media. The absurdity of the Ferguson debacle is overshadowed only by the fact that somehow we are still expected to take Anonymous seriously. How did we get to a point where people expect a gang of young geeks with nanosecond attention spans wearing masks from an action movie, who write manifestos in faux-revolutionary prose and play amateur detective in chat rooms, to help a fraught social cause like Ferguson? [Continue reading…]
Mother Jones reports: The shadowy hacker collective known as Anonymous has announced it will launch a round of cyber-attacks this Friday against the Israeli government, in retaliation for Israel’s ongoing military intervention in Gaza. This onslaught would add to a wave of cyber assaults staged in recent weeks by hackers largely from the Middle East, Asia, and South America, who are supporting “OpSaveGaza,” an Anonymous-backed campaign targeting Israeli government websites that has succeeded in temporarily taking down the sites of the Israeli defense ministry and the Tel Aviv police department.
This isn’t the first time Anonymous has zeroed in on Israel; the collective has been launching cyber-attacks against the country for several years, with mixed results. “As a collective ‘Anonymous’ does not hate Israel, it hates that Israel’s government is committing genocide & slaughtering unarmed people in Gaza to obtain more land at the border,” an Anonymous spokesperson, using the Twitter handle @YourAnonCentral, tells Mother Jones. The spokesperson notes that there has never been any Anonymous action taken against Palestinian targets, including Hamas, the outfit governing Gaza and launching rocket attacks against Israel.
The most recent round of cyber-attacks began in early July, and the Anonymous spokesperson claims that collective members sabotaged “thousands” of Israeli websites. Several of the sites targeted were indeed down recently. The International Business Times reported last week that “numerous Israeli government homepages have been replaced by graphics, slogans, and auto-playing audio files.” On Monday, hackers leaked a list of log-in details they claim belong to Israeli government officials, but the government hasn’t confirmed this. [Continue reading…]
Raw Story reports: The Internet hacktivist group Anonymous is calling for protests against author and civil liberties advocate Glenn Greenwald because of his relationship with eBay founder Pierre Omidyar.
In a release posted to Pastebin, the secretive activist group is calling for members to attend and disrupt scheduled book signings where Greenwald will be promoting his new book, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State.
The point of contention between Greenwald and the group stems from his relationship with First Look founder and eBay billionaire Pierre Omidyar.
eBay purchased PayPal in 2002.
Representing the “PayPal 14,” — a group charged under the Computer Fraud and Abuse Act after they attempted to disrupt PayPal’s operations in retaliation for PayPal’s refusal to process donations to WikiLeaks — Anonymous stated that the 14 are “struggling to raise more than $80,000 in court-ordered restitution” that must be paid to eBay/PayPal.
Anonymous claims that, while the 14 face jail and fines, Greenwald and Omidyar have been cashing in on the “digital information war.” [Continue reading…]
NBC News and Glenn Greenwald report: A secret British spy unit created to mount cyber attacks on Britain’s enemies has waged war on the hacktivists of Anonymous and LulzSec, according to documents taken from the National Security Agency by Edward Snowden and obtained by NBC News.
The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous.
According to the documents, a division of Government Communications Headquarters (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder — and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.
The existence of JTRIG has never been previously disclosed publicly.
The documents also show that JTRIG infiltrated chat rooms known as IRCs and identified individual hackers who had taken confidential information from websites. In one case JTRIG helped send a hacktivist to prison for stealing data from PayPal, and in another it helped identify hacktivists who attacked government websites.
Intelligence sources familiar with the operation say that the British directed the DDOS attack against IRC chat rooms where they believed criminal hackers were concentrated. Other intelligence sources also noted that in 2011, authorities were alarmed by a rash of attacks on government and corporate websites and were scrambling for means to respond.
“While there must of course be limitations,” said Michael Leiter, the former head of the U.S. government’s National Counterterrorism Center and now an NBC News analyst, “law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online.”
“No one should be targeted for speech or thoughts, but there is no reason law enforcement officials should unilaterally declare law breakers safe in the online environment,” said Leiter.
But critics charge the British government with overkill, noting that many of the individuals targeted were teenagers, and that the agency’s assault on communications among hacktivists means the agency infringed the free speech of people never charged with any crime.
“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said Gabriella Coleman, an anthropology professor at McGill University and author of an upcoming book about Anonymous. “Some have rallied around the name to engage in digital civil disobedience, but nothing remotely resembling terrorism. The majority of those embrace the idea primarily for ordinary political expression.” Coleman estimated that the number of “Anons” engaged in illegal activity was in the dozens, out of a community of thousands. [Continue reading…]
The Guardian reports: The Anonymous hacktivist sentenced on Friday to 10 years in federal prison for his role in releasing thousands of emails from the private intelligence firm Stratfor has told a Manhattan court that he was directed by an FBI informant to break into the official websites of several governments around the world.
Jeremy Hammond, 28, told a federal court for the southern district of New York that a fellow hacker who went under the internet pseudonym “Sabu” had supplied him with lists of websites that were vulnerable to attack, including those of many foreign countries. The defendant mentioned specifically Brazil, Iran and Turkey before being stopped by judge Loretta Preska, who had ruled previously that the names of all the countries involved should be redacted to retain their secrecy.
Within a couple of hours of the hearing, the three countries had been identified publicly by Forbes, the Huffington Post and Twitter feeds serving more than a million followers. “I broke into numerous sites and handed over passwords and backdoors that enabled Sabu – and by extension his FBI handlers – to control these targets,” Hammond told the court.
The 28-year-old hacker has floated the theory in the past that he was used as part of an effective private army by the FBI to target vulnerable foreign government websites, using the informant Sabu – real name Hector Xavier Monsegur – as a go-between. Sabu, who was a leading figure in the Anonymous-affiliated hacking group LulzSec, was turned by the FBI into one of its primary informants on the hacker world after he was arrested in 2011, about six months before the Stratfor website was breached. [Continue reading…]
Aarti Shahani reports: With online relationships, it’s complicated.
The billionaire founder of eBay, Pierre Omidyar, is bankrolling a new media company with reporters who have used WikiLeaks to break giant stories.
But the eBay-owned subsidiary PayPal is working with the Justice Department to prosecute a handful of WikiLeaks supporters. The defendants could serve decades in prison, and their convictions could decide if “hacktivism” is free speech or a felony offense.
On Oct. 31, 14 defendants are scheduled to walk into a federal court in San Jose, Calif. They are known as the PayPal 14, and prosecutors will ask them to plead guilty to attacking PayPal, the online payment service based in that city.
In December 2010, PayPal, Visa, Mastercard and major banks became targets of a spate of cyberattacks, but not by criminals who wanted to steal credit card numbers.
When the companies stopped processing online donations for WikiLeaks founder Julian Assange, supporters — some associated with the hacker group Anonymous — responded with a novel form of protest.
In the case of PayPal, they sent thousands of packets of data to the company’s servers at such a speed, its system nearly crashed.
“It was serious,” said PayPal spokesman Anuj Nayar, who recalled that deflecting the traffic felt like a chess game.
PayPal estimates the attacks cost $3.5 million in technology upgrades. The company gave prosecutors a list of the top 1,000 attackers. From that list, the Department of Justice indicted a handful as part of its ongoing crackdown against Anonymous.
The DOJ cannot comment on pending cases but relies on prosecution guidelines that consider how likely a person is to repeat an alleged offense. Attorney Peter Leeming, who represents one of the defendants, says the selection “seemed arbitrary to me.”
Leeming, based in Santa Cruz, Calif., has represented political protesters for decades and is developing a boutique practice around hacktivism, or online attacks that are politically or socially motivated and not driven by financial gain.
“They’re a relatively new creature,” he said. “Is demonstrating and shutting down a street any different from shutting down a line of commerce on the Internet?” [Continue reading…]
Salon: When Anonymous posted some 40,000 emails of the HBGary’s computer security executive Aaron Barr — as detailed in this story — the emails revealed a proposed campaign by several security firms to take on Wikipedia and its supporters on behalf of Bank of America. The campaign also included a plan to pressure and attack journalists, including Salon’s Glenn Greenwald. Read Glenn on the proposed smear campaign here, and PowerPoint slides detailing the specifics of the attack can be seen here.
Excerpted from “WE ARE ANONYMOUS: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency” by Parmy Olson.
Across America on February 6, 2011, millions of people were settling into their couches, splitting open bags of nachos and spilling beer into plastic cups in preparation for the year’s biggest sporting event. On that Super Bowl Sunday, during which the Green Bay Packers conquered the Pittsburgh Steelers, a digital security executive named Aaron Barr watched helplessly as seven people whom he’d never met turned his world upside down. Super Bowl Sunday was the day he came face-to-face with Anonymous.
By the end of that weekend, the word “Anonymous” had new ownership. Augmenting the dictionary definition of being something with no identifiable name, it seemed to be a nebulous, sinister group of hackers hell-bent on attacking enemies of free information, including individuals like Barr, a husband and a father of twins who had made the mistake of trying to figure out who Anonymous really was.
The real turning point was lunchtime, with six hours to go until the Super Bowl kickoff. As Barr sat on the living room couch in his home in the suburbs of Washington, D.C., dressed comfortably for the day in a T-shirt and jeans, he noticed that his iPhone hadn’t buzzed in his pocket for the last half hour. Normally it alerted him to an email every 15 minutes. When he fished the phone out of his pocket and pressed a button to refresh his mail, a dark blue window popped up. It showed three words that would change his life: Cannot Get Mail. The email client then asked him to verify the right password for his email. Barr went into the phone’s account settings and carefully typed it in: “kibafo33.” It didn’t work. His emails weren’t coming through.
He looked down at the small screen blankly. Slowly, a tickling anxiety crawled up his back as he realized what this meant. Since chatting with a hacker from Anonymous called Topiary a few hours ago, he had thought he was in the clear. Now he knew that someone had hacked his HBGary Federal account, possibly accessing tens of thousands of internal emails, then locked him out. This meant that someone, somewhere, had seen nondisclosure agreements and sensitive documents that could implicate a multinational bank, a respected U.S. government agency, and his own company.
One by one, memories of specific classified documents and messages surfaced in his mind, each heralding a new wave of sickening dread. Barr dashed up the stairs to his home office and sat down in front of his laptop. He tried logging on to his Facebook account to speak to a hacker he knew, someone who might be able to help him. But that network, with his few hundred friends, was blocked. He tried his Twitter account, which had a few hundred followers. Nothing. Then Yahoo. The same. He’d been locked out of almost every one of his Web accounts, even the online role-playing game World of Warcraft. Barr silently kicked himself for using the same password on every account. He glanced over at his Wi-Fi router and saw frantic flashing lights. Now people were trying to overload it with traffic, trying to jam their way further into his home network.
He reached over and unplugged it. The flashing lights went dead. [Continue reading…]
The Associated Press reports: The website of a U.S. company whose tear gas has been used against demonstrators in Egypt is the latest to be broken into by the Anonymous movement, hackers claimed Tuesday.
In a statement posted to the Internet, hackers accused Combined Systems of being war profiteers who sell “mad chemical weapons to militaries and cop shops around the world.”
The company did not respond to calls and emails ahead of U.S. business hours Tuesday.
Anonymous has claimed a series of Web attacks worldwide and has increasingly focused on security companies, law enforcement and governmental organizations. The group has often worked in tandem with the Occupy protest movement in the United States and has expressed solidarity with the pro-democracy protests across the Arab world.
On Tuesday, Anonymous said it had targeted Combined Systems because it was supplying weaponry used to “to repress our revolutionary movements.”
The hackers also claimed to have stolen and published personal information belonging to clients and employees of the Jamestown, Pennsylvania-based firm. Allegedly intercepted emails were pasted onto the bottom of the statement; one of them appeared to be a warning that Combined Systems’ site had been sabotaged.
“Looks like our web hosts got hacked,” the email says.
Neither the hackers’ claims nor the authenticity of the emails could be immediately verified, although the website was down Tuesday. Messages left for half a dozen employees and technical support staff were not immediately returned.
The company says sells a variety of security wares, including aerosol grenades, sprays and handcuffs. Journalists and activists have reported finding the company’s tear gas canisters at Egypt’s Tahrir Square, where authorities have repeatedly cracked down on demonstrators with deadly force.
On Friday, Anonymous accused Israel of engaging in “piracy on the high seas” after the Israeli navy intercepted the latest flotilla heading for Gaza and warned that it would “strike back”.
Today the following Israeli government websites crashed: Shin Bet, Mossad, IDF, IDF Spokesperson’s Unit, Health Ministry, Justice Ministry, Construction and Housing Ministry, Science and Sport’s Ministry, the President’s Residence, Immigration Authority, the Israel Land Administration and Israel Atomic Energy Commission.
The Deputy Director of the Israeli government’s Information Technology Unit, Ziv Slater, said: “It has nothing to do with an attack, no threat and no hacking. It’s just a systems malfunction.”
“If you continue blocking humanitarian vessels to Gaza or repeat the dreadful actions of May 31st, 2010 against any Gaza Freedom Flotillas then you will leave us no choice but to strike back. Again and again, until you stop,” Anonymous has warned.
Is today’s “system’s malfunction” the first of what will become many?