London: In turning one of its best-known hackers into an informant and breaking open the highest profile elements of the “Anonymous” movement, authorities have dealt a serious blow to a group they found a growing irritant.
But as the broader “Anonymous” label – complete with its iconic Guy Fawkes mask imagery – is used by ever more disparate causes worldwide, it may be all but impossible to shut it down for good.
US authorities revealed on Wednesday that leading Anonymous hacker “Sabu” – real name Hector Xavier Monsegur, aged 28 – had been arrested last June in his apartment in a Manhattan housing complex.
According to a newly released court transcript, he agreed to cooperate with authorities in return for likely leniency – helping US prosecutors bring charges against five more men, including two in Britain and two in Ireland. All had also been previously arrested.
“Sabu was seen as a leader,” said Mikko Hypponen, chief research officer of Finnish security firm f-secure. “Just yesterday people were looking up to him… it’s a very serious blow. It’s probably not going to be the end of Anonymous but it’s going to take a while for them to recover, particularly from the paranoia.”
All six were said to be senior members of LulzSec, an offshoot of Anonymous that took credit for a range of hacking attacks on government and private sector websites. Targets included the CIA, Britain’s Serious Organised Crime Agency, Japan’s Sony Corpand a host of others including in Ireland and Mexico.
Taking inspiration from the hacking and Internet community as well as popular culture – particularly the 2005 film “V for Vendetta” in which a masked hero fights a dystopian government – Anonymous emerged in the middle of the last decade.
Initially focused on fighting attempts at Internet regulation and blocking free illegal downloads, it has since taken on a range of other targets including Scientology and the global banking system. Governments have been a growing target, both Western and in more autocratic states such as China and Iran. Websites have been attacked and occasionally shut down.
But Anonymous – and LulzSec in particular – leapt to much greater prominence in late 2010 when they launched what they described as the “first cyber war” in retaliation for attempts to shut down the
Wikileaks website.
They attacked websites such as MasterCard that tried to block payments to
Wikileaks after apparent pressure from the US government following the release of thousands of diplomatic cables.
“No honour among thieves”?
“This is probably the end of this particular group,” said Tim Hardy, a British activist and computer scientist who runs the blog “Beyond Clicktivism. ” But… part of the point of Anonymous is that it’s a group that anyone can say they are part of, whether they are attacking a website or wearing a mask outside the Church of Scientology.”
Those masks became an increasingly frequent sight on Western streets in 2011, increasingly adopted by more radical, libertarian and sometimes anarchist elements of European and US protest groups.
They became a frequent sight at demonstrations such as “Occupy Wall Street” and its spin-offs elsewhere in the US and Britain. They were also heavily used by the “indignados” anti-austerity protesters in Spain, where fancy dress shops ran out of stock and had to import them from abroad.
Such popular usage will likely continue, but the loss of some of the movement’s highest profile stars and technical experts will still hurt.
Web forums frequented by Anonymous were frothing with abuse and anger following the arrests on Tuesday. “Sabu” had been occasionally suspected of being a mole, but had continued to operate as an effective leader advising other hackers on the importance of maintaining anonymity and security.
“No honour among thieves,” said Tony Dyhouse, a computer security expert at UK defence firm QinetiQ who has long studied hackers. “Any further (Anonymous) actions are likely to be much more low-key. Fear is in the ranks. However, there will be many that see some of the casualties as martyrs and empty footprints to be filled.”
Computer security experts say the hackers of LulzSec appeared much more technically adept than had been usual for Anonymous, which has often relied on simple – if illegal – software that can be downloaded by any potential hacker regardless of their technical skills.
“FEATHER IN CAP FOR FEDS”
While many of its attacks – often distributed denial of service (DDOS) attacks designed to overload websites – were relatively simple, LulzSec penetrated secure commercial systems to steal highly sensitive information.
These included credit card details of users of Sony’s latest PlayStation platform as well as client details and some 5 million e-mails from US specialist geopolitical publisher and sometime private intelligence firm Stratfor. The Stratfor e-mails were then passed on to Wikileaks, which is now publishing them.
US authorities said one of those arrested this week, Jeremy Hammond – a Chicago resident who styled himself “Anarchaos” – had been charged with the Stratfor hack. Another of those arrested, 19-year-old Donncha O’ Cearrbhail, was charged with another recent high profile success – the hacking of a conference call between the FBI and London detectives discussing action against hackers.
“Undoubtedly this is a big feather in the cap for the Feds,” said QinetiQ’s Dyhouse. “But the Scotland Yard/FBI leak shows how simple mistakes can have a huge impact on any operation. Interceptions can be so easy these days.”
Ultimately, Anonymous and LulzSec in particular may have been the victims of their own success and overambition. Whatever the technical mistakes and personal weaknesses that led to their undoing, security experts say their fate was sealed once they became so high profile that authorities made them a priority.
The success of Anonymous in the last two years may also have itself driven greater emphasis on computer security and fuelled demands for regulation – the opposite of their intent.
Even for a global activist community infused with new energy and political significance in the aftermath of the financial crisis, Anonymous remains controversial and divisive.
While some members may be admired for their actions and beliefs – albeit often varied and extreme – others are seen as simply in it for the “lulz”, the plural of the Internet abbreviation LOL for “laugh out loud”.
“There are those who see them as banner carriers for the revolutionary left,” says Beyond Clicktivism’s Hardy. “But there are also those who see them just as consumerists who don’t want to pay (for)… music and videos.”
Reuters
