SAN FRANCISCO—When the Electronic Frontier Foundation’s John Perry Barlow tweeted last December, “The first serious infowar is now engaged. The field of battle is WikiLeaks. You are the troops,” many in the mainstream media rolled their eyes and dismissed his words as hacker hyperbole.
But the events of the past few days, in which the hacktivst “group” Anonymous launched a major campaign called Operation Anti-Security, show that many more Julian Assanges are indeed waiting in the wings—ready, willing and able to continue what the embattled WikiLeaks founder started when he released a trove of classified State Department cables on the Internet last year. And governments and corporations will find these leakers far more difficult than Assange to capture or control.
The first new batch of classified documents leaked last Thursday came from Arizona law enforcement and Border Patrol, in protest of Arizona’s anti-immigration policies. The next day, Operation Anti-Security released massive amounts of information from NATO, the U.S. Navy, the FBI, and AOL.
Anonymous has successfully leaked information before, including more than 10,000 “top secret” emails from Iran’s Ministry of Foreign Affairs on June 3 and emails from Bank of America in March, but the new campaign will be exponentially larger.
As law enforcement and news organizations raced to identify the main instigators, LulzSec, a highly active six-person splinter group, announced that it was disbanding, though its members remained active under the Anonymous banner. The move was seen as an attempt to shift attention away from members’ identities so that the contents of the leaked documents would instead become the story.
Over the weekend, meanwhile,60,000 people joined Anonymous’s Twitter feed in 24 hours (the total was up to 100,000 by 3 p.m. Sunday). Anonymous “has gone from the background of hacker culture to the forefront of global politics,” writes Kris Notaro, from the Institute for Ethics and Emerging Technology. “They demonstrate the power that is ours to have if we have the ambition to grasp it.”
Motives Remain Misunderstood
Though the hacktivists are no longer underestimated, they’re still misunderstood. They are often depicted as a nefarious cabal of criminal masterminds, but in reality they are young political activists who have found a way to use their tech skills to make a serious impact on a global scale. In the process, they have taken traditional protest methods, such as civil disobedience, shock tactics and mass coordinated action, to new levels of effectiveness.
“You're a poor guy behind your computer with other people you don't even know, and all together, we can fucking DDoS [distributed denial-of-service attack] any organization,” explains “hayop,” an Anonymous member who runs Operation Leakspin, a project aimed at raising awareness of potentially important and previously overlooked WikiLeaks cables. “NATO considers us a ‘global threat’ and the biggest cyber-attack danger after Iran. No one can stop a DDoS attack, even the CIA.”
Hayop adds, “You feel very powerful when you're asking yourself, ‘Which bastard am I gonna fuck up? Monsanto? Bayer? or Tepco?’”
Perhaps the closest parallel to Anonymous is the anarchist Black Bloc Movement, best known as the black-clad protestors who smashed windows at Seattle’s World Trade Organization demonstrations in 1999. Both groups operate under a leaderless resistance model, maintaining anonymity, and bring a “by any means necessary” approach to protests.
When they take down Sony PlayStation’s website or expose government officials’ personal information, they have a much bigger impact and notoriety than when they smash a Bank of America branch window, the hacktivists have learned. A secret IPO address is more effective than bandanas over their faces. The media pays attention. People get scared.
How scared? Gregory Evans, a former apolitical hacker–turned–security expert, told London’s Channel 4 News, “Anonymous is more dangerous than Al Qaeda.”
Anonymous would tend to agree. “'#DearGovenment There's nothing more dangerous than someone who wants to make the world a better place. #antisec' a member" tweeted last week.
In Defense of WikiLeaks
Anonymous first gained fame for coming to the defense of WikiLeaks by crashing the websites of Visa, MasterCard, PayPal and Amazon when those companies blocked Assange’s supporters from making contributions to pay his legal bills and keep WikiLeaks operating.
The hacktivists have since thrown themselves into an array of issues, including censorship and privacy, racial profiling, the revolutions in the Middle East, and the global financial collapse.
Anonymous has brought down government and financial websites around the world, including in Australia, Malaysia, as well as Iran, Tunisia, and Egypt. They have hacked Monsanto, Bank of America, and Koch Industries, one of the largest funders of right-wing political causes and candidates, including union-busting Wisconsin Gov. Scott Walker.
When Bradley Manning, the U.S. soldier accused of supplying WikiLeaks with much of its classified content, was tossed into solitary confinement and treated in a way that some equate with torture, Anonymous threatened to hack Quantico military prison’s website and release employees’ personal information. Members recently warned Federal Reserve Chairman Ben Bernanke that if he didn’t resign, he’d be targeted, too. Meanwhile, LulzSec crashed the CIA website and hacked websites of Fox.com, the U.S. Senate and Infragard, an FBI affiliate.
There have been countless smaller cyberattacks as well. To protest arrests of Food Not Bomb members in Florida, last week Anonymous crashed Orlando’s Chamber of Commerce website and posted “Boycott Orlando" on a Universal Orlando Resort site.
A Leaderless Revolution
Anonymous members joke that journalists’ first misguided question is usually: “Take me to your leader.” But there is no official hierarchy, though some members are obviously more active and influential than others.
“It's a concept that anyone can use to organize an operation,” emailed hayop, whose operations have included cyberattacks on chemical companies and the Algerian government. “However, there is one common goal: protect freedom, human rights and privacy.”
The leaderless resistance model makes it more difficult to disband the organization through individual arrests. “Anonymous is like an hydra. When you cut off one head, ten grow instead. No one can stop Anonymous,” hayop says.
“You cannot arrest an idea, neither a movement,” tweeted Anonymous on Saturday.
Members—mostly young males in their teens to their 30s—are estimated to number in the low hundreds in slow periods to thousands during peak activity. “There is a very big turnover,” hayop says. “People join for one cause and they leave after.”
New members are constantly being recruited. The Operation New Blood project encourages anyone “from computer users who are constantly searching for the 'any key', to users who build and design supercomputers (ie Watson)” to join. The project posted a downloadable DIY kit including step-by-step tutorials and a “Handbook for Bloggers and Cyber-Dissidents.”
Meanwhile, in its announcement of Operation Anti-Security last week, the group said, “We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. If you're aware of the corruption, expose it now.”
Too Much Traffic
Anonymous’s main tactic is the DDoS attack, which crashes websites by overwhelming them with traffic. Though Anonymous compares such actions to peaceful mass demonstrations, the attacks are punishable under federal law by up to ten years in prison.
Anonymous also leaks private information, including classified documents and usernames and passwords. Members often leave messages on websites they’ve hacked.
Press and members of the public tend to focus on the financial risks that can result when Anonymous posts usernames and passwords that others can then use for things like credit card fraud. LulzSec’s Sony hack on June 2, perhaps the largest in history, gained media attention, but caused a rift within the movement.
As the group’s efforts have heated up, so have government attempts to crack down. Recently proposed U.S. legislation would provide 20-year sentences for hackers who "endanger national security.
In the past seven months, 40 suspects, including some minors, have arrested in the Turkey, Spain and the United Kingdom. The FBI launched an ongoing investigation in November. Last Tuesday, federal agents conducted a raid on a Virginia-based server warehouse in which they mistakenly also took down unrelated websites, including DigitalOne. The FBI has refused to comment on Anonymous or its activities.
Fear of arrests has caused some to leave the movement, if only temporarily. But for others, the threat of arrests—and the media attention that results—has fueled their determination.
The chatrooms are filled with bravado and taunts at journalists, analysts and the FBI for their incompetence. As Anonymous members see it, they’re engaged in a battle of brains and they are winning.
Last Saturday, members in the public IRC chatroom, where they suspected FBI agents were lurking, discussed whether the arrests represented a true threat.
<dontpartyvanme> @SnowHunter scared is one thing, but with lulzsec being on the crosshairs this will get archived for sure and could one day bite people in the ass when they least expect it
<AntiVigilante> The govt won't come after me —I would make a spectacle of my persecution