Pierluigi Paganini January 21, 2012

In these days we have witnessed the escalation of operations conducted by the Anonymous group, the hacker group that is espressing a social dissent througth cyber attacks.

The Internet world is profoundly changing, and the threat of hacktivist groups represents one of the major cyber threats. We must consider that the attacks of these groups produced the same effects of those perpetrated by cyber criminals or governments to offend strategic objectives. For these reasons cyber protest actions must be taken into serious consideration in cyber strategies for the defense of a nation, threat that I think has not been taken in the right consideration by many governments, including that of my dear Italy.

The action undertaken by the group Anonymous are honing in effectiveness and the results were not slow in coming.

Let’s see in detail what we’re talking about listing the attacks made by the feared group.

• On January 18th, thousands of websites have manifested the dissent against the SOPA proposal organizing an “internet blackout”.
• On January 19th, the famous Cyberlocker website Megaupload, one of the biggest file-sharing site, has been blocked by FBI and its founders arrested accused of online piracy. Piracy is considered the main damage for the entertainment industry with billion dollars of lost.
• Overnight, down to the homepage of the Department of Justice, the RIAA and MPAA, the powerful music and film industry associations Usa. On the Internet, even the personal data of the head of the FBI, Robert Muller, a cruel hoax: And down also the site of Universal, just to enjoy. All were struck by a distributed denial-of-service (DDoS) attack.

Anonymous group has claimed responsibility for the attacks, the one to FBI in reply to the shut down of Megaupload closure.

<<We Anonymous are launching our largest attack ever on government and music industry sites. Lulz. The FBI didn’t think they would get away with this did they? They should have expected us.>>

The attack type used is always the same, distributed denial-of-service attack (DDoS attack), a large number of participants in the operation in order to make the web service not operative flood it of requests saturating its resources.

In the past, Anonymous supporters have used a program called LOIC allowing them to join in an attack on a particular website, flooding it with unwanted traffic.
Consider also that the famous group has released in the web instructions and videos on how to conduct this king of operations.
In terms of media Anonymous group can be a lesson to many.

However, the latest attack I believe represents an element of further development for the group, although it is always a DDoS type, the method used has profoundly changed in the conception.

The recruitment campaign for the attack has also served major social media being able to engage in this way an impressive number of participants with devastating consequences for victims. Hence the web and social networks like Facebook and Twitter have been flooded by messages of affiliates to the group, a media campaign in style.
Anonymous in this way has raised the bar, even a user without his knowledge by simply visiting a web page without him interaction, has started to flood a victime with unwanted traffic.  The trick is possible simply hiding within the web pages procedures JavaScript developed specifically that the web browser interprets, the unique defence option is to disable JavaScript in the browser.

When I said that the group has made ​​a quantum leap with this new method I refered to an aspect that we discuss together soon. In many quarters this mode has been condemned just because it might involve users in the non-intentional conduct.
Gentlemen, this is the strength of that operation, for two simple reasons:

1. The first is that without a doubt the offensive force has increased dramatically.
2. The second, more subtle but formidable in my opinion, is that from a legal standpoint it is hardly attributable to each user a criminal liability. A user who participates in the attack, unlike what happened before with Loic, today could not always claim to be aware.

This subtle aspect could be stimulus for a wide category of undecided who share the ideology of the fear of incurring legal process by participating in operations.

The web war between governments and groups as Anonymous hacktivist has an important social connotation, popular movements that through technology known their disagreement and fight for the conquest of freedom.

Obvious that these events represent a serious threat to governmental institutions and organizations capable of being de facto powerful offensive, so they must be studied, monitored, prevented. Two opposing currents that are generating turbulent motions in a cyber space for himself in full swing.

While the closure of Megaupload is a strong signal and sends a clear and unequivocal message to other platforms that offer similar services on the other hand the response of Anonymous is irrefutable expression of disagreement with a policy shared by governments and multinational that undermines from deep the concept of freedom of expression.

Anonymous is the social structure, daughter of the technology, with the ability to intervene on the digital infrastructure that support the digital world today. It is an instrument of power of the people and must to be considered as such.
The minds behind Anonymous have the potential to jeopardize the stability of the world, today the government websites have been compromised and what would happen if the next time they were being targeted critical infrastructure?

Pierluigi Paganini

Update 2012 – 01 -21

I propose you interesting statistics on the number of downloads of the Loic tool used in DDoS attacks during the last attack of the group Anonymous 19/01/2012

http://lissnup.wordpress.com/2012/01/20/loic/