Strife

The Academic Blog of the Department of War Studies, King's College London

You are here: Home / Archives for Hacktivism

Hacktivism

A Helping Hand in the Struggle against Terrorist Cyber-Activity

by

This is the sixth and final piece in a series of articles we will be featuring on Strife in the coming week looking at the role of Proxy Warfare in the 21st century by Series Editor Cheng Lai Ki. Previous articles in the series can be found here.

By: Elmer Hernandez

mljhjlvkjgljvl

The declaration of war by Anonymous on the Islamic State (IS) directed public attention to what seemed to be an action movie plot: the hacker heroes against the terrorists. Some applauded the initiative, in what they feel is a needed response to Government inefficiency, while others mocked and denounced the declaration as nothing but the latest Anonymous attention-grabbing headline, soon to be forgotten. Neither credulous and naïve optimism, nor outright mockery, are adequate however.

Terrorist activity in cyberspace is widespread, fluid and hard to tackle. Their use of technologies like the internet, social media and encrypted means of communication, represent an escalating concern. Government efforts could still use additional specialized support, hacktivist and related groups are an interesting source to consider. Despite the media hype, Anonymous is nowhere near the only group in this struggle, the rise of Ghost Security Group (GSG) is a prime example of a new type of approach.

After splitting from Anonymous last fall, this particular group has become closer to private sector actors such as Kronos Advisory, and with Kronos’ founder Michael Smith as an intermediary, they have begun working with Governments. Smith “recognized the value of our work and began forwarding our data to appropriate parties in various states as it proved viable and pertinent” says GSG’s technology lead Raijin Rising[1].

GSG differs from a lot of current hacktivist initiatives, for instance some of the activities the group carries out appear to go beyond the efforts of many other groups in terms of complexity. Such activities include counter surveillance, cryptocurrency tracing, data mining and penetration testing. This has led many in the community to criticize GSG as moving away from hacktivism and morphing into some sort of security consultancy, but Raijin insists GSG is still well within the hacktivist realm, concerned with their own agendas when not aiding governments and private entities.

These groups can provide support to existing efforts. States already possess important capabilities to counter and detect terrorist activity through their intelligence and security agencies, such as GCQH, MI5 and MI6 here in the United Kingdom. They also work with private sector actors for a more effective approach, including companies such as Facebook. Nevertheless the authorities will eventually need the help of subversive groups, suggests Raijin. In fact he says authorities have already started developing cyber teams of their own to tackle IS activity, but nothings beats the experience of groups like his. “Groups like ours know the enemy already – we know their culture, their tools, their leaders and their methods”.

His statements are not to be taken lightly. Others have long been aware of the potential value of these groups, Russia is a worrying example. Pro-Kremlin proxy youth groups like Nashi have allegedly been used to censor opposition, as well as conducting espionage and cyber-attacks against other states[2]. There is also the more professional work of groups such as APT 28[3], although not much is known about their composition. Furthermore the Russian Federal Security Service (FSB) is allegedly recruiting hackers and developing cyber units to mobilize against IS[4]. It is evident the Russian State is aware of the benefits of fostering and maintaining hacker expertise as a vital resource that might otherwise prove hard to find[5].

These proxy-type examples do not represent a model liberal democracies should follow, but they should provide a wake-up call in that illiberal regimes are not ignoring an important resource.

Consequently it would be unwise to simply mock such idea without proper consideration. For those who are sceptical it must be noted that cooperation between security actors and hacktivists is not unprecedented, for example Cult of the Dead Cow offered and allegedly provided assistance to the FBI’s Magic Lantern initiative together with Microsoft [6]. Indeed the suggestion of the potential of hacktivists as assets for national cybersecurity is not a new one, it has been made at least since the turn of the millennium[7].

However, and despite what we could consider as a boom in hacktivist activity in the past 8 years, such suggestion is still not taken seriously enough. “Working with ‘hacktivists’ is still a taboo subject for most entities and most would never admit at this time to using or receiving our information” Raijin recognizes. Understandably, governments and law enforcement might be reluctant to cooperate with hacktivists and hackers, perhaps out of fear of appearing incompetent and inefficient for accepting the help of vigilante groups and individuals.

Some will say that government need not refuse such help, but simply keep it hidden and deny any such links. Interestingly enough Raijin himself suggests that those benefitting from their work would appreciate GSG to continue operating silently too. Silence notwithstanding it would be naïve to think governments are currently rejecting contributions from hacktivist groups. There are claims of hacktivists efforts having prevented attacks, GSG’s work has allegedly prevented violence in various places from Tunisia to New York, while other Anonymous affiliated initiatives have reportedly done the same in countries like Italy.

Those demanding proof and acknowledgement by the relevant authorities will probably remain unsatisfied, but such critics do not seem to understand what they are asking for. Fears of perceived incompetency and inefficiency by authorities are not the only reasons for the lack of evidence. If this cooperation is taking place, as it seems to be, and is proving effective, it makes little sense to compromise any aspect of this relationship only for the sake of appeasing sceptics or giving hacktivist groups public acknowledgment. Cooperation with hacktivists will most likely never be officially recognized, this seems to be their inevitable fate.

While disappointing, Raijin highlights how public recognition is not their prime goal “our mission is to save lives and put a stop to sickening brutality…. We didn’t start this fight for fame”. Similarly it is not important for him to prove anything to any outsiders, claiming that the group nevertheless has the relevant evidence, “we save everything and we have the documents and screenshots that were used to validate specific threat vectors that were forwarded to entities”.

Within the hacktivist community, some consider it foolish and dangerous to get too close to government while others condemn any form and degree of such cooperation[8], in what they see as a naturally antagonistic relationship. If wider efforts are to be effective however, cooperation with authorities is paramount. Hacktivist groups can contribute to existing governmental efforts only if they have the right coordination, this is important for two reasons.

First, the independent initiatives of various hacktivist groups have the potential of disrupting already ongoing operations by authorities. Intelligence is vital, common hacktivist action such as web defacements, distributed denial of service attacks and any sort of meddling with key social media accounts can deprive authorities of important sources of information. GSG claim they have become aware of this, and have moved away from what they describe as brute force methods and instead focus on more intelligence related operations.

Second, many other hacktivist activities have been strongly criticized for their lack of quality which can affect innocent people. Anonymous is a relevant example, doxing campaigns have proved to be inaccurate and have put people who have nothing to do with IS at risk. Even GSG themselves are not free from these types of criticism, which goes to show the deep scepticism that exists towards any sort of non-governmental efforts, no matter their apparent level of sophistication.

Despite of such issues Raijin remains confident about the value of the work of independent groups, “We’ve already shown that our work can responsibly provide actionable intelligence…”. The prospect of increased incorporation of hacktivist efforts into a wider multilateral initiative “is looming on the horizon”, but it is no certainty. Raijin says that so far authorities seem to be mimicking their efforts by creating teams of their own instead of tapping into their experience, perhaps a balance can be struck. One thing is clear however, it makes little sense to ignore extra technical expertise that could provide a helping hand to existing efforts; the hacktivist initiative should not be rejected but guided.

 

 

Elmer Hernandez is an MA student in Intelligence and International Security. His academic interests include hacktivism, surveillance and cybersecurity especially within Latin America. He is available for contact at elmernandez10@gmail.com.        


 

 

Notes:

[1] Interview with Raijin Rising, transcript included.

[2] Jose Nazario. Politically Motivated Denial of Service Attacks. (Conference on Cyber Warfare,

  1. NATO Cooperative Cyber Defence Centre of Excellence [CCDCOE] 2009).

[3] FireEye. APT 28: A Window into Russia’s Cyber Espionage Operations? (2014).

[4] Eugene Gerden. ISIS vs Anonymous – and Russia? (SC Magazine 2015).

[5] Keir Giles. “Information Troops” – a Russian Cyber Command? (Proceedings form the 3rd International Conference on Cyber Conflict, 2011) pp. 54-55.

[6] Dorothy E. Denning. Cyber Conflict as an Emergent Social Phenomenon. In: HOLT, T. J. & SCHELL, B. H. (eds.) Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications. (New York: Information Science Reference 2011).

[7] Mark G. Milone. Hacktivism: Securing the National Infrastructure. (The Business Lawyer, 58,

383-413, 2002).

[8] David Gilbert. Anonymous Is Hacking ISIS, But Warns Collaborating With US Government Is ‘Deeply Stupid’. (International Business Times 2015)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Ideas are bulletproof; why we should still be expecting Anonymous

by

By Ben Collins:

ADYlOhh
Anonymous November 5th protests [photo by Ben Collins; published by permission]
In 2013 the FBI declared that the hacker activist network Anonymous had been dismantled due to the arrests of ‘major players in the Anonymous movement.’[1] Others have decried the dilution of causes and foci among those who consider themselves Anonymous,[2] as well as the allegedly hypocritical use of personal information on heavily monitored social media platforms.[3]

However, among the widespread outcries against Israel’s Operation Protective Edge, Anonymous has once again been making headlines. On July 25th 2014 22 year-old Tayeb Abu Shehada was shot and killed in the West Bank in a clash between Israeli soldiers and stone-throwing protesters. Reports and alleged pictures of Tayeb show that he was wearing a Guy Fawkes mask, unifying common symbol of those who consider themselves as part of Anonymous.[iv] In response to both Tayeb’s death and the wider context of Operation Protective Edge, the ‘AnonGhost’ hacker group interrupted access to Israeli government and military websites and claim to have hacked some of Israel’s banking systems.[v] Without understanding Anonymous’ history and development, it is difficult to determine whether these events are part of an overall reawakening and remobilisation of Anonymous, or whether they are simply ‘business as usual’ for a largely ephemeral and intangible actor.

Anonymous emerged from the image-board website 4chan.org which was created in 2003. Initially conducting limited raids on other web communities for both the entertainment value and to document for posterity, these attacks escalated in scale and sophistication over the next four years. Anonymous’ breakthrough moment was a protest campaign in early 2008 against the Church of Scientology, dubbed ‘Project Chanology’ after the Church removed a video from YouTube showing Tom Cruise talking about Scientology for breach of copyright. Anonymous subsequently campaigned worldwide to raise awareness of the Church’s habitual censoring of information online, their litigious pursuit of detractors and the numerous suspicious deaths that are allegedly attributed to Church activities and members.

Project Chanology boosted Anonymous’ support and popularity beyond their original constituency, starting an upward trajectory of actions and campaigns. In 2010 Anonymous struck again, this time against the entertainment industry for the removal of several file-sharing websites, which in turn snowballed into ‘Operation Avenge Assange’, attacking Mastercard, Amazon and Paypal for freezing Wikileaks’ financial services.

This momentum continued into 2011 thanks to the Arab Spring. Anonymous worked to help activists circumvent internet censorship and attack government websites in Tunisia and Egypt. From these events the hacker splinter group LulzSec emerged, who in the first half of 2011 went on a 50-day hacking spree against governments, security services and corporations around the world. As one would expect, this campaign gave LulzSec, and vicariously Anonymous, a long list of powerful enemies. During this period Hector Monsegur aka ‘Sabu’, one of LulzSec’s members, was caught by the FBI and turned into an informant. Information he supplied helped authorities in the UK and US arrest the rest of LulzSec and a number of other prominent activists such as Jeremy Hammond.

The combination of the events surrounding LulzSec and the widening spectrum of causes being championed by those considering themselves Anonymous meant that many of their activities moved towards the path of least resistance. These were either humanitarian causes such as Operation Safe Winter which sought to raise money and awareness for the homeless during the winter months, or attacking targets who were unlikely to respond with the levels of legal reciprocity as were faced by LulzSec and their predecessors. These targets have included the government websites of Syria, North Korea, Russia, as well as the ‘500 plus’ Israeli websites hit by the AnonGhost team.[vi]

The arrests of individuals or small groups may have impacted overall morale, but they fail to stop the spread of the ideas behind the mask. The ubiquity of the internet means that protest and resistance movements can organise and communicate instantaneously on a global scale, connecting disparate movements and groups that otherwise would have had a much harder time finding others sympathetic to their cause.

This cellular and largely independent nature, coupled with the digital Matryoshka doll of IRC internet chatrooms and networks makes Anonymous very resilient – they should not be viewed of as a conventionally organised movement or group. The idea of Anonymous is more akin to a brand or franchise; a patron collective nomenclature which is invoked to strengthen solidarity and create an identifiable in-group among widely disparate causes and beliefs. This unifying common denominator brings ‘concerned citizens’ together against a system they deem unfair and impossible to change through traditional political channels. As such, individuals and groups adopt the common visual language of Anonymous as a tool of solidarity and recognition with other activists: Tayeb fought and died while wearing the Guy Fawkes mask, but it is highly unlikely that he was involved in Chanology, Operation Payback or LulzSec, for example.

Ultimately, the AnonGhost attacks are not a precursor to some new galvanisation of all the widely disparate cells, nodes and individuals who consider themselves Anonymous. Tayeb’s death will fade from collective memory and at best become a brief mention on Anonymous’ Wikipedia page. It is highly unlikely that the attacks carried out by the AnonGhost hackers will have any long-term effect on Israel’s military or political policy. However Anonymous is an actor with a completely different political agenda and language; reducing complex arguments to sticky, violent images which dominate and subvert conventionally written and spoken political discourse. These images diffuse through social networks and the wider media, resulting in self-generating feedback loops of outrage and opposition to perceived injustices. If indeed ‘the screen is our generation’s North German Plain’,7 then this ability to wield and deploy such images and information to the wider public, outmanoeuvring states and governments on the way is a significant capability that we would do well to continue to expect.

 

_________________________

Ben Collins is a 2nd year PhD student looking at hacker activists in comparison to 19th century Anarchism. Other focus includes how war and conflict are portrayed in videogames, as well as how players interact and question both the events in them and the relevant analogous real-world wars, conflicts and insurgencies we see in comparison.

 

NOTES

[1] Smith, G., FBI Agent: We’ve Dismantled The Leaders Of Anonymous, The Huffington Post 21/08/13, accessed 06/08/14 http://www.huffingtonpost.com/2013/08/21/anonymous-arrests-fbi_n_3780980.html
[2] Anonymous, Anonymous R.I.P., AnonUKRadio 21/08/13, accessed 21/08/14 http://anonukradio.blogspot.co.uk/2013/08/anonymous-rip.html
[3] The pages of at least two Anonymous Facebook groups have been verified by Facebook, a process normally reserved for celebrities or brands/products as, ironically in the case of Anonymous, ‘having an authentic identity’.
[iv] Gilbert, D., Hacktivists Hit Back at Israel After Death of Anonymous Member in West Bank, International Business Times 28/07/14, accessed 06//08/14 http://www.ibtimes.co.uk/hacktivists-hits-back-israel-after-death-anonymous-member-west-bank-1458623
[v] AnonGhost Team, BREAKING NEWS: #OpSaveGaza The Biggest Bank System in Israel Has Been Hacked By AnonGhost Team الحمد لله, Twitter 23/07/14, accessed 06/08/14https://twitter.com/AnonGhostTeam/status/491836637761245184/photo/1
[vi] Ridley, R., Gaza Anonymous Hacking Attack Shuts Down ‘Hundreds’ Of Israeli Government Websites. The Huffington Post 05/08/14, accessed 06/08/14http://www.huffingtonpost.co.uk/2014/08/05/gaza-anonymous-hacking-at_n_5650652.html