This is a revealing Defcon presentation by Backtrace Security representatives a5h3r4h and Hubris on history of the Anonymous, their methods and activities.
a5h3r4h: My name is a5h3r4h, I’m Director of Psychological Operations at Backtrace Security. Me and my colleague Hubris are gonna talk a little bit about the history of this whole Anonymous mess that’s happening.We’ll talk a little bit about how Anonymous came into being, or supposedly came into being. Originally it’s a joke: you go to 4chan.com1 (or whatever ‘chan’) and somebody does something a little naughty or a lot naughty, and you go “Who did that?” – “Anonymous did that!” Anonymous posting, everybody is anonymous, therefore everything that happens is done by Anonymous – and Anonymous become sort of a living persona. At some point, this becomes a sort of a trolling movement – everybody goes out together and runs all over the place and messes with everybody and everything. For the most part, it’s fun, it’s lulz as every once in a while you’d have a little bit of enactivist attitude, so for the most part it was a joke, it was a fun thing, it was, you know, somebody acting up on you to have everybody go leave comments, harass them a little bit or whatever. One day, somebody comes on and says “Look at this really funny YouTube of Tom Cruise acting like an idiot for Scientology, it’s really funny!” Everybody goes to see the video, and there’s no video, it’s gone. Why? The Church of Scientology pulled it down. Then someone put it back up – Scientology yanked it back down. It kept getting up, getting down, getting up, getting down – so down it went again. It was sort of snowballs, you’re not gonna get away with this, we’re gonna put it back up as many times as you take it down, and all of a sudden the next thing you know is it’s an international sensation: Tom Cruise, ‘Mission Impossible’ – “I am a scientologist”. And the next thing you know is the Church of Scientology getting the usual 4chan treatment – black faxes, 4000 pizzas (or over 9000), shipments of boxes from UPS (you know, bomb threats) etc. So at this point, some of the people who have been kinda fighting Scientology for many-many years step forward and say “Hey, we’re really glad you guys showed up to join the party, but you’re kinda ruining it with all this illegal DDoS stuff and the faxing, and since there’s approximately ten thousand of you, why don’t you come out and meet the Church of Scientology in person and troll them there?”. And Anonymous said “Yeah, sounds like fun!”. And so ten thousand people all over the world showed upfront of the Church of Scientology and had a party, and Scientology wasn’t super-thrilled about that, but what could they do?
This was a pretty successful form of protest for a really long time, there was a lot of interest from more traditional protesters and protest groups because it was very effective, it was ongoing, it went on successfully for probably close to 3 years before it sort of fizzled out. Anyway, they called this the ‘adhocracy’ because this is a group of people that came together with common cause and zero organization, they just said “F..k it, we’re all pissed about the same thing, we’re all gonna go out there and do our thing”. Nobody knew anybody, keeping to the tenets of 4chan and the traditional idea of anonymity: everybody using anonymous handles, we’re not gonna talk about real names, we’re just gonna come out there and use handles.
And what turned out to be a very effective form of protest of course comes with a downside in that an Anonymous mob is an Anonymous mob and sometimes would act like a mob, so people who are targets are not always deserving targets, and people that anger the hive, so to speak, sometimes get an inappropriate amount of retaliation. So there’s definitely a dark side of all of this. There’s people who maybe disagree with the group, and as a result their children’s report cards are on the Internet.So interest in Scientology afterwards started to wane a little bit, and then there appeared these issues with WikiLeaks and with Iran, and people started saying “Well, let’s just join this Iranian revolution idea”, and they recruited – and the whole thing swelled, and you have a lot more causes added, it starts getting a little bit more political, people start getting involved for personal political reasons. Unfortunately, as the media are speaking up on all of these things, they are calling Anonymous ‘hacktivists’. There’s no hackers in Anonymous, it’s just Internet people, they’re not explicitly hacktivits – they’re part of the crowd. But they’re going out, the media talking about the hackers because it’s a better sound bite to say all these hackers are coming out and protesting. Yeah, ‘mad hackers’ makes a better sound bite than people who hang out on the Internet.
And unfortunately, a little bit of the problem is that people started enjoying that idea – “Wow, we’re hacktivists, we’re dangerous hackers, everyone’s afraid of us”. And that actually starts attracting not always the good kinda hacktivists either – the people who are not necessarily pure of heart. So we get some people who by night are using their botnet for naughty-naughty things, and by day are coming forward and they get together and come up with this concept of Anonymous operations. They’re gonna go back to the old fashion Anonymous campaign, which is DDoS everything that moves, which is a debatable form of protest – obviously, everyone has an opinion. I tend to think that it doesn’t qualify because those guys have a problem with something, I wonder what they worry about.So you get this huge outspread of things that are going on – all kinds of targets now. Well, let’s take on anybody who’s against free speech, let’s go after the Australian government. This is another problem when you have a crowd source protest – people sort of do what they do, and so one minute they’re going “Yeah, we like these guys, we’re gonna support them”, and the next minute they’re like “No, f..k that, DDoS those guys”. So you have the LOIC2 which is being kinda overblown by the media saying that all of these people have come together and downloaded this program, and they’re all individually DoSing these sites altogether as a form of protest, but in reality they recruited some rather threateningly large botnets into play. The first time that they really came out in force was the ‘Operation Payback’ when the funding was cut for WikiLeaks. The LOIC is not enough to take down a PayPal or MasterCard site though, so they found some friends of botnets and recruited them, so now we have half a dozen botnets, including some hundreds of thousands that can do an awful lot of damage with that. And of course at this point we’re entering into a strictly illegal territory. You can’t argue that a botnet is a legitimate form of protest – that’s my opinion anyway.
Anyway, this group is becoming larger and they’re using and utilizing more and more propagandistic techniques. And the funny thing is that when this stuff started around 2008, the propaganda was a joke: we were having fun with it, people were making goofy posters. And then, coming around 2010 it’s being promoted as a serious thing. All of the things that were said in just 2008 were a joke, and it’s not a joke now, it’s serious. Now the propaganda is real and you got this large group with lots of weapons and collective mindset. They’re like “That’s good”, “Oh, those guys – we don’t like those guys, go after those guys”. They did a lot of good things, I think. You have the Tunisian protest support and the Iranian protest support, and they were actually pretty focused on that for a long time, and then after the ‘Operation Payback’ it all seems to have sort of fallen apart. They’re literally idling with nothing productive to do.And then there’s HBGary3, Aaron Barr4… He is the guy who says “I have a security product that I’m thinking of creating. And how about these guys? These guys think that they are really anonymous but I bet they’re not as anonymous as they think they are, I bet we could correlate their relationships and find out who they are”. I think the idea maybe was that it was going to be an educational exercise for everyone involved, and Anonymous actually kind of learned a little bit from this, because they were NOT truly anonymous – in fact, none of them were really anonymous, most of the were hanging all out in the open and sort of trusted in the use of loose handles and the power of numbers to sort of protect them from consequences. And unfortunately, that’s not how it goes. So I think we know what happened next. Anonymous say “Hey, you can’t screw with us and get away with it. This guy is gonna do evil and nefarious things with our information, so let’s go get him”. And everyone knows what happened there, so I won’t spend a lot of time on that. I think they got very drunk and giddy with power. If you are legitimately upset with somebody, I don’t think taking their email, the email of everyone they know, their friends’ private love letters and so forth, and smearing it all over the Internet is appropriate. So Hubris and I were watching the aftermath of this disaster.
1 – 4chan is an English-language imageboard website; its boards were originally used for the posting of pictures and discussion of manga and anime. 4chan is where the Internet meme of Anonymous originated in 2003.
2 – LOIC (Low Orbit Ion Cannon) is open source network stress testing software that is frequently used for denial-of-service attacks.
3 – HBGary (HBGary Federal) is a technology security company which sold its products to the US Federal Government, information assurance companies, computer emergency response teams, and computer forensic investigators. HBGary Federal is defunct as of 2012.
4 – Aaron Barr is a CEO of HBGary Federal. In 2010 he alleged that he could exploit social media to gather information about hackers.