p2pnet view P2P:- “Co-ordinated assaults by hackers — or a cyber attack at the same time as a terrorist or natural disaster — could be ‘catastrophic’, according to the Organisation for Economic Co-operation and Development”, I quoted Metro.co.uk as declaring on Tuesday.
“The use of cyber weaponry will shortly become ubiquitous”, said the OECD, according to the story, which continued >>>
Individual attacks could ‘generate a great deal of harm and financial suffering,’ it adds.
But the group warns: ‘What should concern policy makers are combinations of events – two different cyber events occurring at the same time, or a cyber event taking place during some other form of disaster or attack. In that eventuality, “perfect storm” conditions could exist.’
The warning comes a month after ‘hacktivists’ under the group name Anonymous disrupted MasterCard, Visa and Amazon websites after they cut ties with WikiLeaks.
Governments must ‘make detailed preparations to withstand and recover from a wide range of unwanted cyber events, both accidental and deliberate,’ says the OECD.
Anonymous is the first internet-based superconsciousness. Anonymous is a group, in the sense that a flock of birds is a group. How do you know they’re a group? Because they’re travelling in the same direction. At any given moment, more birds could join, leave, peel off in another direction entirely.
That’s Doc, an Anon quoted in a 2008 Baltimore City Paper story slugged Anonymous Takes On Scientology (and Doesn’t [sic] Afraid of Anything), since repeated far and wide online.
The world press corpse has almost overnight become sensitised to Anonymous because of the uprisings in Tunisia and before them, Anonymous’ Operation Payback in which hundreds of thousands of individual, and previously quiescent, netizens used the Low Orbit Ion Cannon (LOIC) to protest attacks against WikiLeaks and freedom of speech.
With it, they easily took down web sites such as eBay’s PayPal, the RIAA and MPAA and, the site run by the Zimbabwe government, and now the former government of Tunisia.
But Anonymous isn’t new — ask Tiny Tom Cruise, or anyone at any Cult of Scientology scam centre.
Fire your cannon
Sparked by events in Tunisia, Reuters may be the first corporate-run news outlet to publish a report, in the journalistic sense, that’s being repeated parrot-fashion by other on- and offline media, and even more so by net blogs, pages and sites around the world.
Here’s In the chatroom with the cyber guerrillas, by Marius Bosch and Georgina Prodhan, with additional reporting by Jim Finkle in Boston and Aaron Gray-Block in Amsterdam, and editing by Simon Robinson and Sara Ledwith >>>
If anyone needed proof that cyber activists can create havoc in the real world, the last few weeks have provided evidence in megabytes.
Rallying behind WikiLeaks, the thousands of internet activists who made headlines in December by bringing down the websites of MasterCard and Visa have been branching out.
Operating under the banner “Anonymous”, their other forms of action have included hacker defacements of websites, real-life protests such as mass leafleting, and a role in Tunisia’s “Jasmine Revolution”.
Anonymous activists attacked and shut down several government websites before the ouster of former President Zine al Abedine Ben Ali. They have also targeted governments they see as enemies of free speech. Last month the website of Zimbabwe’s finance ministry was hacked and the homepage replaced by a message from Anonymous.
A report by the Organisation for Economic Cooperation and Development (OECD) this week said such attacks on computer systems are unlikely to cause a global shock on their own, though could do if launched in the midst of a natural disaster such as a large solar flare that wipes out satellites and other key communications hardware.
But this misses the point. Global chaos is not Anonymous’ aim. As the WikiLeaks and Tunisia cases show, the group targets specific institutions and its attacks are designed to temporarily delay more than destroy. Think of them not as acts of cyber war but as high-profile guerrilla strikes.
A look inside some of the main online forums suggests that those behind the WikiLeak-inspired attacks are patient, coordinate almost organically, and remain wary of outsiders. That all means that their next moves remain unpredictable.
In the Internet Relay Chat (IRC) channels — chat rooms where up to 3,000 participants at a time can discuss strategy and plot attacks — reporters are treated with suspicion. Over the past few weeks, though, a few Anons — as activists refer to themselves online — agreed to talk to Reuters.
There is anecdotal evidence that Anonymous is growing stronger. Several Anons told Reuters the arrest of Assange and the distributed denial of service (DDoS) attacks against Visa and Mastercard — in which company websites were bombarded with so many requests they crashed — inspired them to join the group.
“Saw it on a news article, joined the IRC, and things went on from there. 4 months ago,” one Anon nicknamed “tflow” told Reuters in a private message on the IRC channel.
“I was angry at the arrest of Assange and how the credit card companies shut down WikiLeaks’ accounts. Been here since,” said another, going by the name of Noms9001, referring to the arrest of WikiLeaks founder Julian Assange in Britain.
“I’m not a rebel, I can say that. For me, it’s been an issue of governments and corporations attempting to control what we say and hear online.”
One said they had been involved with Anonymous since the group’s Project Chanology protests against the Church of Scientology in 2008. Another blamed a failed late December attack on Bank of America on a splinter group of Anonymous, and said an expected drop by WikiLeaks of documents related to the bank could provide an opportunity for a renewed effort to bring down its site.
Targets are chosen by consensus and can be attacked by as many as 10,000 computers simultaneously. Communication is mainly through IRC but supporters also use micro-blogging site Twitter and video-sharing site YouTube to release information.
The activists claim to come from all over — Europe, the United States, China and elsewhere in Asia — and share an almost paranoid concern with covering the tracks left by the software they use.
During the attacks on Tunisian government websites over the past couple of weeks, activists warned Tunisian citizens in the OpTunisia IRC channel against joining an assault on local internet hosting organisation ATI.
“If you are Tunisian, do not participate in the DDoS attack. Chances are that you will get traced and arrested. Unless you have means to conceal your IP and know what you are doing, do NOT attack,” warned one activist.
“Do NOT give out any personal information on this IRC network. This is a public chat and you can be sure that it is monitored,” the activist added.
There’s a good reason for the caution. Two Dutch teenagers were arrested in December in connection with cyber attacks by WikiLeaks supporters. Both have been released and are awaiting trial.
And the U.S. Federal Bureau of Investigation raided a Texas server-hosting company last month looking for evidence that Anonymous had used its servers to launch attacks on PayPal, according to an affidavit obtained by The Smoking Gun website.
Some activists hope their sheer numbers will prevent authorities from trying to trace them. “Imagine tracking 9,000 plus computers across the planet for an arrest,” Calgarc said in the IRC channel in reply to a question on how an attacker can hide his tracks.
FIRE YOUR CANNON
All you need to wage cyber war is a fast-paced internet forum packed with hundreds of determined activists and a simple piece of software called a Low Orbit Ion Cannon. Activists download the LOIC — initially developed to help internet security experts test website vulnerability to DDoS attacks — and start firing packets of data at the targeted website.
If enough people join in, a DDoS attack prevents the overloaded server from responding to legitimate requests and slows the website to a crawl or shuts it down totally.
Attackers can even listen to a dedicated internet radio station, Radiopayback, during attacks.
A quarter of a million copies of the LOIC software have been downloaded from sourceforge.net so far, more than half of them since November when Web hosting and banking organisations began withdrawing support from WikiLeaks.
One in five downloads since the start of November was in the United States, with a few hundred in Tunisia, and a handful in bandwidth-deprived Zimbabwe.
Users of the software can be traced. A study by Dutch researchers found last year that the tool did not mask the host computer’s internet protocol (IP) address.
Barrett Lyon, a security expert who specialises in protecting companies against denial of service attacks, said the LOIC program is fairly rudimentary but effective if used by thousands of people. “It doesn’t have a lot of bells and whistles. It’s not as focused as it could have been. If they got their software together in a more sophisticated kind of way, this kind of thing could have gotten easier with more violence.”
Lyon said depending on the time of day there were 500-10,000 computers involved in the attacks.
“10,000 people have quite a bit of fire power,” he added.
Digital activism is not new. Activists slowed police websites in the Philippines in 2006 and DDoS attacks have been used previously in real conflicts.
In 2007, a series of attacks targeted websites of the Estonian parliament, government ministries, banks and media organisations, sparked by a row between Russia and Estonia over the removal of a Soviet World War Two memorial.
And during the brief 2008 war between Georgia and Russia over breakaway South Ossetia, attacks disabled and took offline websites in all the countries involved.
“This (the WikiLeaks-inspired action) may be the biggest of its kind, it may be the most important, but it’s certainly not the first,” said Ben Edelman, an assistant professor at Harvard business school, and an expert on the economics of computer security.
So is the cyber-activism of Anonymous akin to a virtual war? Activists Reuters spoke to seemed happier to compare it with a student or worker sit-in. “Yes, I think it is like a sit-in, not a cyberwar,” said tflow.
But the broad grouping and loose leadership structure of Anonymous also causes some concern in its ranks.
“Things are so unorganised here … frustrating watching it,” Reuters has Noms9001 stating, adding:
“Anonymous as a whole is a beautiful concept. But I think these operations can be run better … There has to be a balance between control and anarchy, too much of both within Anonymous derails everything.”
… then you win
There’s safety in anonymous numbers, and the numbers are managing to organically achieve something which has never been achieved before.
They’re forcing governments and corporations to pay serious attention to the people who, in order of importance, keep the corporate profits flowing, and put the governments in power.
This time last week, ex-Tunisian Ben Ali president didn’t think he’d be running for the hills, with Anonymous activists on his heels, I said recently, adding, but “There’s no doubt about it. The bastions of corporate and government dominance are being battered down by People to People Power.
“It’ll be like the Soviet Union and the Berlin Wall. There one day, apparently anchored forever in solid bedrock. Then, gone the next.
“Citizens in Iceland had an idea, said a comment post to another story >>>
The Icelandic congress was corrupted so guess what? The people of Island dismissed their congress voted a new constitutional assembly excluding the former elected officials.
“Are Canada and the US, and the UK, for that matter, too big with too many political and corporate vested interests for that to happen? Not if the people get angry enough. And now they can communicate with each other. Instantly.”
I used to have this at the bottom of every p2pnet post:
“Tired of being treated like a criminal? They depend on you, not the other way around. Don’t buy their ‘product’. Do bug your local politicians. Use emails, snail-mail, phone calls, faxes, IM, stop them in the street, blog. And if you’re into organizing, organize petitions, organize demonstrations and then turn up on your local political rep’s doorstep, making sure you’ve contacted your local tv/radio station/newspaper in advance. Don’t just complain. Do something!”
These days, the quotes below are at the bottom of every post:
“First they ignore you, then they laugh at you, then they fight you, then you win ~ Mahatma Gandhi.”
And, “World War III will be a global information war with no division between civilian & military participation ~ Marshall McLuhan”
This is just the beginning.
And stay tuned. The best is yet to come …
Jon Newton – p2pnet
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.