09:56 AM
Connect Directly

Anonymous Must Evolve Or Break Down, Say Researchers

The movement started as an Internet meme and grew into a complex and chaotic community. Security experts argue that the Anonymous brand is now in danger of imploding

SOURCE Boston -- Boston -- Anonymous is a complex and chaotic movement: It is the heroic free speech efforts that helped protesters in Tunisia and Egypt; it is the lulz -- oddball, and sometimes vicious, pranks -- pulled to prove a point; and it is the AntiSec movement that compromises companies and critics to show that no one is beyond reach.

But Anonymous is also a brand, and one that is in danger of being overwhelmed by its own chaotic nature, argued two security professionals in a keynote at the SOURCE Boston conference this week. Brian "Jericho" Martin, a former hacker and current security expert, and Josh Corman, director of security intelligence at Akamai Technologies, have studied Anonymous for the past year and believe that the movement could easily degenerate into chaos and cause a lot of collateral damage in the process.

Instead, they are hoping -- and through an article series, offering to help -- the metagroup evolve into a better, and more focused, Anonymous.

"Anonymous as they are is a crude blunt weapon; they don't do a lot of good, and they make a lot of noise," Martin told conference attendees. "So why don't you want a better Anonymous that is more efficient, gets stuff done, and most importantly, creates less collateral damage."

Anonymous evolved from a meme on 4Chan, a bulletin board that allowed anyone to post images. Many of the board's anonymous members would band together to conduct one-off operations, including a series of pranks against conservative radio host Hal Turner, which escalated into denial-of-service attacks and eventually the leak of documents that identified Turner as an FBI informant.

Four years ago, the members began to identify themselves as Anonymous and began more sustained operations against copyright organizations and the Church of Scientology. Eventually, activist members conducted operations to help global free speech, while more anarchical members, such as LulzSec, focused on disruptive acts. (The history of Anonymous is featured in "We Are Legion," a solid documentary which had a pre-release screening at SOURCE Boston on Tuesday night.)

[The Anonymous hacking collective last year targeted multiple high-profile targets, including Sony, Fox, PBS, HBGary Federal, and multiple law enforcement agencies. See 'Anonymous' Legacy: Hacktivists Stole More Data Than Organized Crime In 2011 Breaches Worldwide.] 

These days, most of the people that associate with Anonymous are "glorified" cheerleaders who have their own agendas, Martin says. The researchers estimated that less than 10 percent are real activists or active hackers. It's those active members that need to consider the future, they said.

The first problem for many Anonymous members is that the average person can't tell whether the movement is good or evil. Like a Rorschach inkblot, most see what their preconceptions lead them to see, Corman said.

"If you think they are freedom fighters, they are; if you think they are hacktivists, they are; and, if you think they are hoodlums, they are," Corman said. "And the truth is they are a lot of different structures and motivations, but we will never understand this group until we understand the biases we bring."

Yet, it's not just a question of good and evil, he says. Anonymous is a chaotic collection of groups with different ideas about what Anonymous represents. Some members of the group will do something that most people would consider good, and the next day, other members of the group commit an offensive act, such as leaking personal information on the Arizona police or hacking the website of the nonprofit Epilepsy Foundation.

"It's a brand and a franchise which is borrowed and often abused, by anyone," Corman said. "Anyone who claims to be Anonymous is Anonymous."

Taking a concept from the tabletop role-playing game, Dungeons & Dragons, Corman argues that Anonymous is a range of alignments but mostly chaotic in nature.

"It is a group of people with very different motives," he said. "They are chaotic good like Robin Hood, and there is chaotic evil as well ... There are some people that just want to see the world burn."

A side effect of the moral confusion is that attackers with other goals can conduct hacking activities under the guise of Anonymous, essentially running a "false flag" operation that can confuse the victims.

If Anonymous does evolve, corporate security teams and government agencies should worry. Even with all the problems that Anonymous has as a community and a brand, the movement has run into little resistance.

"Even with [Anonymous] consisting of the lowest common denominator, society and security are trying to keep up," Martin said. "If we can't deal with the worst they have to offer, quite simply, we are f**ked. And I use that word very carefully, because if that word offends you, then you need to get out of the industry. Anonymous is going to be a rude awakening."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
4/20/2012 | 4:03:32 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
Anonymous, for the most part, are doing a service to the public by exposing the corruption of our corporate societies. But the select few pose siginificant dangers by revealing information that puts innocent individuals in danger.

A collective balance needs to be achieved between the group that can enable them to function as a whole without comprimising each others efforts. If one hand does not know what the other is doing, their goals will never be achieved.
User Rank: Apprentice
4/19/2012 | 10:00:31 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
I think this story explained what Anonymous is very well. It's not one mind, it's a hive mind. There are groups under the Anonymous banner that want to enact change and do good, there are members and groups that just want to break things, get attention etc.-

There is still a core group of Anonymous who want to be progressive, to use their....powers to uncover information about how the world works and the governments that control it that would otherwise never be uncovered. I had a fire lit under my ass when the Scientology raids began, I think organized religion is bad enough without some nutball charging you for it as well. People were made aware, former Scientology members spoke out. Has the church been toppled? Certainly not, but they can't operate in the same way they did before.

Anonymous is a banner the Internet can fly, a banner to be used when you've had enough.-
User Rank: Ninja
4/19/2012 | 8:02:16 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
@ readers--- what is your perception of Anonymous?
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.