Attacks/Breaches
4/19/2012
09:56 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Anonymous Must Evolve Or Break Down, Say Researchers

The movement started as an Internet meme and grew into a complex and chaotic community. Security experts argue that the Anonymous brand is now in danger of imploding

SOURCE Boston -- Boston -- Anonymous is a complex and chaotic movement: It is the heroic free speech efforts that helped protesters in Tunisia and Egypt; it is the lulz -- oddball, and sometimes vicious, pranks -- pulled to prove a point; and it is the AntiSec movement that compromises companies and critics to show that no one is beyond reach.

But Anonymous is also a brand, and one that is in danger of being overwhelmed by its own chaotic nature, argued two security professionals in a keynote at the SOURCE Boston conference this week. Brian "Jericho" Martin, a former hacker and current security expert, and Josh Corman, director of security intelligence at Akamai Technologies, have studied Anonymous for the past year and believe that the movement could easily degenerate into chaos and cause a lot of collateral damage in the process.

Instead, they are hoping -- and through an article series, offering to help -- the metagroup evolve into a better, and more focused, Anonymous.

"Anonymous as they are is a crude blunt weapon; they don't do a lot of good, and they make a lot of noise," Martin told conference attendees. "So why don't you want a better Anonymous that is more efficient, gets stuff done, and most importantly, creates less collateral damage."

Anonymous evolved from a meme on 4Chan, a bulletin board that allowed anyone to post images. Many of the board's anonymous members would band together to conduct one-off operations, including a series of pranks against conservative radio host Hal Turner, which escalated into denial-of-service attacks and eventually the leak of documents that identified Turner as an FBI informant.

Four years ago, the members began to identify themselves as Anonymous and began more sustained operations against copyright organizations and the Church of Scientology. Eventually, activist members conducted operations to help global free speech, while more anarchical members, such as LulzSec, focused on disruptive acts. (The history of Anonymous is featured in "We Are Legion," a solid documentary which had a pre-release screening at SOURCE Boston on Tuesday night.)

[The Anonymous hacking collective last year targeted multiple high-profile targets, including Sony, Fox, PBS, HBGary Federal, and multiple law enforcement agencies. See 'Anonymous' Legacy: Hacktivists Stole More Data Than Organized Crime In 2011 Breaches Worldwide.] 

These days, most of the people that associate with Anonymous are "glorified" cheerleaders who have their own agendas, Martin says. The researchers estimated that less than 10 percent are real activists or active hackers. It's those active members that need to consider the future, they said.

The first problem for many Anonymous members is that the average person can't tell whether the movement is good or evil. Like a Rorschach inkblot, most see what their preconceptions lead them to see, Corman said.

"If you think they are freedom fighters, they are; if you think they are hacktivists, they are; and, if you think they are hoodlums, they are," Corman said. "And the truth is they are a lot of different structures and motivations, but we will never understand this group until we understand the biases we bring."

Yet, it's not just a question of good and evil, he says. Anonymous is a chaotic collection of groups with different ideas about what Anonymous represents. Some members of the group will do something that most people would consider good, and the next day, other members of the group commit an offensive act, such as leaking personal information on the Arizona police or hacking the website of the nonprofit Epilepsy Foundation.

"It's a brand and a franchise which is borrowed and often abused, by anyone," Corman said. "Anyone who claims to be Anonymous is Anonymous."

Taking a concept from the tabletop role-playing game, Dungeons & Dragons, Corman argues that Anonymous is a range of alignments but mostly chaotic in nature.

"It is a group of people with very different motives," he said. "They are chaotic good like Robin Hood, and there is chaotic evil as well ... There are some people that just want to see the world burn."

A side effect of the moral confusion is that attackers with other goals can conduct hacking activities under the guise of Anonymous, essentially running a "false flag" operation that can confuse the victims.

If Anonymous does evolve, corporate security teams and government agencies should worry. Even with all the problems that Anonymous has as a community and a brand, the movement has run into little resistance.

"Even with [Anonymous] consisting of the lowest common denominator, society and security are trying to keep up," Martin said. "If we can't deal with the worst they have to offer, quite simply, we are f**ked. And I use that word very carefully, because if that word offends you, then you need to get out of the industry. Anonymous is going to be a rude awakening."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
jbrooks127
50%
50%
jbrooks127,
User Rank: Apprentice
4/20/2012 | 4:03:32 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
Anonymous, for the most part, are doing a service to the public by exposing the corruption of our corporate societies. But the select few pose siginificant dangers by revealing information that puts innocent individuals in danger.

A collective balance needs to be achieved between the group that can enable them to function as a whole without comprimising each others efforts. If one hand does not know what the other is doing, their goals will never be achieved.
phusion
50%
50%
phusion,
User Rank: Apprentice
4/19/2012 | 10:00:31 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
I think this story explained what Anonymous is very well. It's not one mind, it's a hive mind. There are groups under the Anonymous banner that want to enact change and do good, there are members and groups that just want to break things, get attention etc.-Š

There is still a core group of Anonymous who want to be progressive, to use their....powers to uncover information about how the world works and the governments that control it that would otherwise never be uncovered. I had a fire lit under my ass when the Scientology raids began, I think organized religion is bad enough without some nutball charging you for it as well. People were made aware, former Scientology members spoke out. Has the church been toppled? Certainly not, but they can't operate in the same way they did before.

Anonymous is a banner the Internet can fly, a banner to be used when you've had enough.-Š
Bprince
50%
50%
Bprince,
User Rank: Ninja
4/19/2012 | 8:02:16 PM
re: Anonymous Must Evolve Or Break Down, Say Researchers
@ readers-Š-Š- what is your perception of Anonymous?
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web