On Monday, April 22, an “Internet blackout” was carried out in reaction to the Cyber Intelligence Sharing and Protection Act, known by its acronym CISPA. The bill passed the House during last week’s national insanity, and the measure is under intense scrutiny for provisions designed to facilitate data sharing between federal agencies and private companies, according to CISPA’s critics. Who was behind this planned blackout in the name of internet freedom?
The crusading, divisive, and sometimes confounding hacker collective known as Anonymous. “Cyberwarfare is seen as a major threat,” reported Adi Robertson in The Verge on April 18. To fight this scourge, and having seen the Stop Online Privacy Act (SOPA) get roundly defeated by a public outcry, CISPA intends to amend the National Security Act of 1947 to include “Intelligence Community sharing of Cyber Threat Intelligence with [the] private sector and utilties.”
The federal government has sought to enact legislation to protect critical networks from cyber assault, and yet the tool being devised to do so is too blunt an instrument, which invites not only scrutiny but active attempts to derail the bill, or at least bring much more attention to it, by threatening to “black out” the web. (For what it is worth, the op turned out to be a bust, affecting roughly 300 websites.)
‘‘We are Legion. Expect us.’’ So goes the slogan for the feared, mocked, and popular network of hackers who adopted the Guy Fawkes mask and the image of an empty suit with a question mark in place of a face, calling themselves Anonymous. They have been in vogue for the last two years, but at this point what is or is not “Anon” remains as mysterious as ever.
In recent weeks, the amorphous group of hacker-activists, or “hacktivists,” have taken credit, whoever they are, for a few marquee campaigns: stealing passwords from Pyongyang’s computer, and launching a DDoS attack on other people calling themselves Anonymous who wanted to crowdfund a news channel that would bear the name Anon.
Functionaries and apparatchiks of the para-governmental national security state, and their counterparts in the corporate world to which it contracts out its work, guard secrets with as much zealous energy as the so-called hacktivists who seek to unearth and disseminate them. Hacktivism, though chic, is not necessarily sexy.
After all, systems of power have no interest in undermining themselves — but they often make mistakes. Tracking these slip-ups, as they are inevitable, Anonymous seems to style itself after the Rebel Alliance hunting the Death Star of State and Corporate Secrets.
But what are hacktivists? The philosopher Peter Ludlow defines them “roughly speaking” as “individuals who redeploy and repurpose technology for social causes.” Ludlow is concerned about the “alarming contrast between the severity of the punishment and the flimsiness of the actual charges” against hacktivists like Jeremy Hammond, “who reportedly played a direct role in” engineering data dumps from two large private security firms, and “has been in jail for more than a year awaiting trial.”
In their new book Deep State: Inside the Government Secrecy Industry, Marc Ambinder and D.B. Grady pose a few critical questions that go to the very heart of what makes something a secret, especially in this day and age. “When is a secret not really a secret?” they ask.
Is it when everyone assumes something to be true, and that assumption is already priced in to the way states conduct their affairs? What is the value of authoritative confirmation when all it does is tell us what we think we know is indeed what we know?
Ambinder and Grady want to draw a line between what is just a “hack” and what constitutes a cyber “attack.”
A common vocabulary is first needed to address cyber security as well as an accurate sense of where the threat comes from and where it does not. We might want to start by reserving “attack” for really serious cases where critical infrastructure is endangered by a deliberate action. “Hack” can serve as a guide for the rest of what we read about.
A few weeks ago, Anonymous announced an imminent threat to block Israeli government websites, promising to “wipe Israel off the map of the internet.”Dubbed “#OpIsrael,” the latest large-scale hacking campaign was launched on April 7, a date that happened to coincide with Holocaust Remembrance Day, known in Hebrew as Yom HaShoah. The mission of the operation, which temporarily disabled and/or defaced thousands of Israeli governmental websites among other things, was “to disrupt and erase Israel from cyberspace.”
The attack, although hardly successful, brought a lot of attention to the campaign to extort information from the state of Israel: either you disclose your dirty laundry, or we will.
“When we talk about cyberwar we are talking about attacks on water, electricity, infrastructure,” said National Cyber Bureau chief Isaac Ben Israel, quoted by New York Times correspondent Isabel Kershner. “Anonymous does not have that kind of ability,” he added. Kershner also cited the judgement of a cybersecurity firm leader, Guy Mizrahi, who described the hacks as “childish.”
“The pro-Palestinian hackers seemed to have had more success in attacking small businesses and individual Facebook pages,” Kershner added. The unofficial “damage report” from an Anonymous sympathizer claims that the hackers had successfully publicized 30,000 bank accounts, among other key strategic targets.
An anonymous “Middle East hacker” designated as the spokesperson for the hack by Russia Today explained the motivations behind their “massive cyber assault.”
We are the sons of Palestinian people and we feel the pressure of the Israeli occupation not only in Gaza but also in all the Arab and Muslim world. And as the first retaliation we committed a fast and full-scale attack on Israeli websites to warn Israel and all its supporters about the threat that hangs over them. They have weapons and we have our own means. As a result of this attack we’ve received the names of those who cooperate with Israel. The aim of the attack was to show the world the true face of Israel and its armed forces. And we coped with our task.
Yet, as Dave Schilling pointed out in Vice magazine, this kind of large-scale hacktivist move only “fuels the expansion of right-wing authority over Israel” by launching “attacks on Israel’s cyber-infrastructure.”
#OpIsrael “does nothing to alleviate the culture of fear that is omnipresent in Israeli politics,” Schilling writes.
Clearly, what this vicious cycle of violence needs is a mysterious third party to wipe out people’s bank accounts and deface their websites.
Anonymous, being a collective, is not partial to the Middle East. Their focus has also turned stateside, involving a “global intelligence” firm called Stratfor. The case of Hammond, the embattled hacker, deserves a mention because of his allegedly key role in unearthing thousands of emails from Stratfor.
Quite a few of the leaked messages concern Anonymous and other hacker groups, rolled into a general-purpose sense of threat. The bulk of Stratfor’s material on Anon has to do with the campaign against Mexican drug cartels, particularly the dreaded Zetas, who reportedly kidnapped a hacker affiliated with Anon.
As far back as 2011, Stratfor did not seem to take these guys too seriously. “Anonymous is more of an idea than an actual group,” wrote analyst Renato Whitaker. “[C]yber attacks really only matter in two cases,” wrote Whitaker’s fellow agent Marc Lanthemann. “One: you steal shit. [T]wo: you render critical networks useless.” Sean Noonan, another analyst, added that the “most harm” Anonymous is capable of rendering “is actually to corporations,” not to the state. Or, as Noonan explains, “Coordinating something targeted like intelligence theft that can get you a one-way ticket to Bubba’s bunk in jail is very hard.”
We are entering a revolutionary phase of the information age. In these times, knowledge is currency. The social capital that information yields can be tremendously threatening to systems of power that are designed to keep some knowledge secret.
When nebulous hacker collectives who openly seek to challenge these systems decide to wage an attack on nation-states, that currency is vitally threatened. A significant hit on the web becomes akin to a large bank heist.
What is and what is not “Anonymous” is the main question.
One of the many ancillary questions that follow from that include: what do people think about Anon, are there any prominent “hacktivists” who are not perceived to be part of Anon, what is the effect of these publicized hacks, does information “deserve to be free,” is truth the best policy, are there secrets worth keeping out of the public eye.
The interchangeability between hacker activism and this loosely connected agitprop hacktivist group Anonymous is causing all kinds of absurdity. Anon has launched several “cyberassault” campaigns in recent days and weeks against a variety of popular targets: the North Koreans, the Israelis, and even claimed a mark on the Super Bowl, the largest commercial pageant of American culture. How people perceive this movement is of vital significance for freedom of the press and freedom of information, and the relationship between the authorities and truth, and that it matters how these alleged vanguards of free information do their work and what the court of public opinion thinks of Anonymous.
Anonymous is everyone and no one. Put into the wrong hands, and for malicious purposes, freedom of information can be very dangerous. But this is, of course, like many things a matter of judgement. It is clear by now that hackers who want media attention coordinate their efforts against big targets, announce their intentions via “social media,” justify to themselves the righteousness of what they’re doing, based on whatever cause enables the hack to seem noble, and gleefully post TANGO DOWN when they score a hit.