NATO Threatens Anonymous; Kicks Off Weekend-Long Hackathon
from the hornets'-nests-all-the-way-down dept
Following in the footsteps of Obama's promise to fight hackers with guns, General Rapporteur Lord Jopling has issued a long and sternly-worded statement to NATO, warning them of the threat hackers pose to the security of the allied nations. The draft details Anonymous' involvement with both Wikileaks and HBGary along with with a rundown of recent hacktivist activity in the Middle East and Africa.
Jopling's paper is thorough and fairly well-balanced, although it includes some troubling statements about governmental transparency:
[T]he Rapporteur believes that even if one is in favour of transparency, military and intelligence operations simply cannot be planned and consulted with the public. Transparency cannot exist without control. The government, and especially its security agencies, must have the right to limit access to information in order to govern and to protect. This is based on the premise that states and corporations have the right to privacy as much as individuals do and that secrecy is required for efficient management of the state institutions and organizations.
In addition, transparency can be misused on several levels – by providing unprofessional or poor-quality interpretation of information or documents, by conducting superficial or biased analysis, by lack of experience on the topic or by pursuing a political agenda. Thus, not everything carried out under the “transparency label” is necessarily good for the government and its people.
While he makes a good point that full transparency can often lead to faulty conclusions, the fact is that this sort of thing (poor-quality interpretations of information, biased analysis, pursuit of political agendas) is happening already, and increased compartmentalization and secrecy will only exacerbate the problem. The information will still get out somehow, but at this point, nearly every government in the world is showing an unhealthy distrust of its citizens. Rather than working towards more transparency and openness, they seem to be looking to lock up as much information as possible.
Not only that, but the claim that "states and corporations have the right to privacy as much as individuals do" is flat-out laughable. If this were true, these states and corporations would be an open-book, especially here in the U.S. where warrantless wiretaps and searches have become just another ho-hum tool of the FBI and local law enforcement. On one hand, the government is pressuring Google and Apple to protect the privacy of their users, while on the other hand, it's demanding that said private information be harvested and retained indefinitely.
But this is merely retreading arguments long-familiar with Techdirt readers. It's the point where NATO explicitly calls out Anonymous that it gets interesting. While acknowledging Anonymous' positive "hacktivism" efforts in aid of foreign rebellions, the draft also explicitly warns the group that NATO is willing to take them on and prosecute if necessary:
Today, the ad hoc international group of hackers and activists is said to have thousands of operatives and has no set rules or membership.[36] It remains to be seen how much time Anonymous has for pursuing such paths. The longer these attacks persist the more likely countermeasures will be developed, implemented, the groups will be infiltrated and perpetrators persecuted.
It didn't take long for Anonymous to respond. Or rather, Anonymous would have responded if they weren't already tied up disrupting services in Iran, harvesting thousands of government emails and publishing Iran embassy email account information. LulzSec (whose week has already been busy, what with hacking PBS and Sony Pictures), took it upon themselves to go head-to-head with both the FBI and NATO:
It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking. They now treat hacking as an act of war. So, we just hacked an FBI affiliated website (Infragard, specifically the Atlanta chapter) and leaked its user base.
In addition to taking Infragard offline (it was still down as of 7PM Sunday), LulzSec acquired the gmail address of Karim Hijazi, who runs Unveillance, a "white hat" company specializing in data breaches and botnets. Hijazi released a statement on Friday confirming their attacks. His post also included an IRC chat transcript of a conversation with members of LulzSec, in which they claim they are after his money:
(KARIM) So did we wrong you in some way, let’s get to the point?
(LULZ) <@Ninetales> If you wronged us, all of your affiliates would be crushed. Don’t worry, you’re in the good books. The point is a very crude word: extortion.
(LULZ) <@Ninetales> And what we’re both willing to agree upon that you sacrifice in return for our silence.
(LULZ) <@Ninetales> While I do get great enjoyment from obliterating whitehats from cyberspace, I can save this pleasure for other targets. Let’s just simplify: you have lots of money, we want more money.
Hijazi claims to have protected any sensitive client data from LulzSec and states that he "refuses to comply with their requests." However, LulzSec's statement claims that they're not interested in Hijazi's money, but simply wish to expose his company's involvement with U.S. attacks on Libya's communication systems:
We call upon journalists and other writers to delve through the emails carefully, as we have uncovered an operation orchestrated by Unveillance and others to control and assess Libyan cyberspace through malicious means: the U.S. government is funding the CSFI to attack Libya's cyber infrastructure.
Further twists developed Saturday when a post appeared on Pastebin from someone claiming to have infiltrated LulzSec. According to the anonymous (but not Anonymous) poster, an IRC chat had led to a postive ID of four LulzSec members, naming Adrian Lamo of 2600.com as the registrar of lulzsecurity.com. A rebuttal of sorts followed shortly thereafter, claiming these supposed "unmaskings" to be nothing more than names thrown into the IRC-mix for trolling purposes:
sabu, avunti, topiary, kayla, tflow, entropy, marduk and joepie91
these are some of the lulzsec guys, distanced from anonops, keeping the heat low
sailing the lulzyboat
if you are lucky enough to be invited to their private channel
be aware it is one of many for trolling the trolls :)
yo dawg we herd j00 leik lulzsecs so we put an adrian lamos and kevin mitnicks in your lulzsecs
so you can lulz while you lulz
So, where does that leave everything? Who knows? LulzSec apparently took a joyride through Nintendo's servers, prying free a server configuration file but leaving everything else untouched, out of love for Nintendo according to their tweet:
Re: Nintendo, we just got a config file and made it clear that we didn't mean any harm. Nintendo had already fixed it anyway. <3 them!
With both the U.S. and NATO pledging to fight back against cyberattacks, it remains to be seen how much collateral damage will be needed to justify the use of something stronger than sternly worded statements. LulzSec has made it clear that others are willing to step in for Anonymous proper, if it/they are otherwise detained. While it's certainly conceivable that anti-Anonymous actions are going on behind the scenes, the events of this weekend wouldn't seem to bode well for governmental agencies worldwide.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
This is not true. Individuals fund states and so we have a right to know what the states are doing much more than the states have a right to invade our personal privacy.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
For one thing, publicly funded corporations must make public their financial statements.
For another thing, corporations benefit from limited liability. Individuals do not. When corporations get caught committing a tort, corporate individuals aren't often personally punished. This limits their liability. If an individual commits a tort and gets caught, that person is personally liable and that person doesn't benefit from the same limited liability that corporations benefit from, so the potential damages against individuals aren't as limited.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
As it is, it seems worthwhile to broaden and sharpen my skills. Just in case...
[ link to this | view in thread ]
hackers with guns !
what laws do people break, that does not mean the police use 'arms' in their duties.
you might as well have stated that the Obama Gov is willing to fight speeding in your car 'with arms'.
That is a surprise to anyone ? (except Mike?) :)
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Attacking weakly-defended affiliates...
They can easily defend their servers and air-gaps. But their affiliates, not to mention the whole global raft of Fortune 500 companies may be in for an expensive security upgrade, and one they will have to put in place in a matter of months, not years.
[ link to this | view in thread ]
While one should take LulzSec's version with a grain of salt, they have more believability than a "security" professional who used the same password for everything.
"In addition, transparency can be misused on several levels"
And thanks to Wikileaks and allegedly Manning, we can see that it is not a one sided issue. That it is not merely the public who will misuse the data to advance a political agenda. Do as we say, not as we do is becoming harder for the people to willingly turn a blind eye to.
[ link to this | view in thread ]
Re:
[Shakes head in confounded bemusement.]
[ link to this | view in thread ]
Re:
Who watches the watchers?
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Forgot who said it, but....
[ link to this | view in thread ]
The great cry of every "Authoritarian Regime" in history.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: hackers with guns !
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
Oh, don't misunderstand, I'm not here to keep the darkness out. I'm here to keep it in. Imagine how strong I must be. You can call me...the Guarding Dark. Now get oput of town.
[ link to this | view in thread ]
Organic Spies Find Lies
Quote:
It will get increasingly difficult to dupe the public.
[ link to this | view in thread ]
Yeah, that's called "journalism". Nasty stuff, that. Can take your peace-of-mind clean off.
[ link to this | view in thread ]
States and Individuals Have the Same Rights?
Based on the premise that states and individuals have the same rights, then individuals also have the right to make laws, enforce them, conduct trials, and punish, even execute, those they deem individually deem deserving of such punishment.
What a crock.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re:
i think he's talking about mann co. i get all my internet hats from mann co.
http://www.teamfortress.com/mannconomy/
[ link to this | view in thread ]
protip to us govt
[ link to this | view in thread ]
If You Want to Retain Credibility, Explain, Don't Threaten
The counter to superficial, erroneous, or just plain bad speech is not censorship; it's more speech.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re:
example.
what if pakistan WAS hiding bin laden.
We had to sneak in there and kill him secretly.
so he couldnt be alerted and moved.
In this scenario secrecy is important to carry out a military operation.
but dont blame hackers if the information is leaked. because if they can get to it to begin with. who else is looking?
[ link to this | view in thread ]
Re:
NATO, the US government, the EU will never be able to take on ANONONYMOUS, LULZSEC, etc. The reasons being, you are dealing with something far worse than radical fundamentalists. You are dealing with chronic do gooders, with a love of fighting for the underdog, and a never ending supply on new hacktivists wishing to join the ranks.
In the end its about people who know right verses wrong, fighting against people who do wrong.
[ link to this | view in thread ]
I especially love...
[ link to this | view in thread ]
Re:
this poster here is why the government thinks it can get away with anything it wants. because some people read a single (badly written) article and without doing any further research into the matter immediately side with one group or another.
[ link to this | view in thread ]
Re: I especially love...
[ link to this | view in thread ]
Re: Re: I especially love...
[ link to this | view in thread ]
[ link to this | view in thread ]