Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
The hacker group recently took credit for two high-profile incidents -- but its actions aren't quite the same as they once were, some say.
June 17, 2020
4 Min Read
(Image Source: <a href="https://stock.adobe.com/contributor/205730960/boonchai?load_type=author&prev_url=detail" target="new">Boonchai</a> via Adobe Stock)
In the midst of the Black Lives Matter protests, the familiar Anonymous caricature of Guy Fawkes has reappeared — multiple times, according to the hacktivist group. But is Anonymous back? And if so, how has it changed from its heyday a decade ago?
On May 28, Anonymous posted a video explaining that it would be targeting police departments across the United States. "We will be exposing your many crimes to the world," the computerized narrator said.
Two high-profile incidents followed. The group claimed responsibility on May 30 for taking down the Minneapolis Police Department (MPD) website, breaching a police department database, and leaking 798 emails and passwords. Security researcher Troy Hunt, known for his HaveIBeenPwned service, which tracks and analyzes data breaches, says this data breach was highly unlikely to have come from the MPD.
Anonymous also claimed responsibility on June 3 for convincing Korean pop music fans to hijack pro-police and white supremacist Twitter hashtags in support of Black Lives Matter. K-pop superfans also took down a Dallas police department app for reporting allegedly illegal activity by flooding it with K-pop fan videos.
Our Anonymous K-Pop division is now attacking the #BlueLivesMatter hashtag.— Anonymous (@YourAnonCentral) June 3, 2020
Calling on all #OpFanCam troops to flood the police hashtag with Fan Cams. (📹 @fabriqueparmoi) #Anonymous #ICantBreathe #GeorgeFloyd #BlackLivesMatter pic.twitter.com/hc98ODOe3I
Hijacking hashtags and going after local police apps and websites with distributed denial-of-service (DDoS) attacks are a far cry from the days when Anonymous' attacks had governments and corporations around the world concerned that their websites and databases would be its next targets.
A Europe-based organizer with Anonymous for more than a decade says Anonymous never went away. Speaking on condition of anonymity, the person wrote in a series of text messages that Anonymous is still made up of multiple groups, some with different and potentially even clashing agendas. But one defining characteristic of some of the earlier Anonymous actions was technical skill, and that's missing from current Anonymous groups.
"I have not seen anything indicating real hacking. If it happens, they are smart enough to not do it publicly," wrote the Anonymous organizer. "Currently the theme is to disrupt communication of the right wing scene, take over their hashtags, make social media unusable for them. You don't need hacking for that."
While the current Anonymous isn't the same as the older Anonymous, that's actually part of what Anonymous is: It's an umbrella brand made up of many groups, consistent in their adaptability, their desire to foment and encourage social action, and their use of the Guy Fawkes mask as depicted in the anarchist versus authoritarian comic book "V for Vendetta." These latest Anonymous actions are unsurprising given the state of turmoil the world is in; who is behind the mask often depends on what cause they're hacking for.
A few studies take an objective, analytical approach to verifying whether Anonymous' claims are verifiable, but keeping the Anonymous brand alive is as important as the actions its members take, says Gabriella Coleman, a cultural anthropologist specializing in hacker culture at McGill University, and author of "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous."
"It's a weird marriage of young people without a sense of the consequences and older people like Jeremy Hammond, an old-school hacker who wanted to tap into those people. The video makers and others exploiting the social media environment, that's obvious now but then was less so," she says. "One group, White Rabbit, seem to be trying to do something technical in the spirit of Anonymous. But currently, most of the activity is to support others through tweeting. There doesn't seem to be much backing up their hacking activism online."
Anonymous remains popular with hacktivists because it can complement "street" action such as the Black Lives Matter protests, says Josh Corman, who was the director of security intelligence at Akamai during Anonymous' peak and co-author of "Building a Better Anonymous."
"Most of the core Anonymous members moved on to different tactics. They saw how prone they were to manipulation, and it was wildly unpleasant for them toward the end," he says. But he adds that despite being shunted into the shadows for most of the past five years, Anonymous is still the "most readily available face of protest."
"I think we will have Anonymous around in some form forever," he says.
He and Coleman agree that just because there hasn't been a demonstration of sophisticated technical ability so far, such as jamming intra-law enforcement communications, doesn't mean that there couldn't be one in the near future.
"While I'm not calling on anyone to hack anything today, you could get important information in the public interest," Coleman says. "The conditions are ripe for a resurgence, but it certainly hasn't happened yet."
About the Author(s)
Seth is editor-in-chief and founder of The Parallax, an online cybersecurity and privacy news magazine. He has worked in online journalism since 1999, including eight years at CNET News, where he led coverage of security, privacy, and Google. Based in San Francisco, he also writes about connected technology and pop culture.
You May Also Like
Latest Articles in The Edge
Library Cyber Defenses Are Falling DownFeb 20, 2024|3 Min Read
Enterprises Worry End Users Will Be the Cause of Next Major BreachFeb 16, 2024|2 Min Read
10 Security Metrics Categories CISOs Should Present to the BoardFeb 14, 2024|6 Min Read
How Changes in State CIO Priorities for 2024 Apply to API SecurityFeb 12, 2024|4 Min Read