Information Warfare and Cyberterrorism - Report Example

ANONYMOUS   Term Paper Date Words   Name University Introduction The word anonymous is an English term used to describe anything that is unknown by name. The Anonymous group is an internet based meme. It is believed to have originated in the year of 2003. Their main motto or agenda was the representation of the concept of both offline and online users. 1However, the group also co-existed as an anarchic with the perception of a digitized global-brain. On the other hand, anonymous is a general term for several internet users or sub-cultures, it’s a way to denote to actions of individuals whose identity are unknown. History of Anonymous In its green form, an online community (users) acting in a coordinately and anonymously toward an agreed objective. They however, have entertainment a primary objective. By the year 2008, the anonymous group interests on well collaborated international hacktivism. Hacktivisim is defined broadly as the blend of activism and hacking. It is described as the act of hacking for solely political causes or purposes. They embark on protests among other activities such as campaign against digital piracy (motion and recording industries). All actions that are credited to ‘Anonymous’ are often undertaken by unidentified individuals who label themselves anonymous as attribution.2 The group is not narrowed down to a single online entity. It’s believed that numerous websites are stalwartly related with Anonymous. When one considered the potential capabilities of anonymous, CNN posited that Anonymous as one of three foremost heirs of Wikileaks. Anonymous The ‘Anonymous’ name is greatly encouraged by the perceived anonymity, online users post comments, images and other multimedia online. The ‘concept’ originated from online image-boards, where individuals who post or comment without leaving behind their online identity name (username) were dubbed anonymous. This prevailed to the extent where users of image-boards at times teasingly acted in a manner likely to suggest that ‘Anonymous’ was a real individual/person. In time, the popularity of the image-boards greatly increased. This paved way for the idea of ‘Anonymous’, a group of unnamed online and offline users became an internet meme. Currently the name is used as a multiple-use name. Users that behold themselves as Anonymous and share its moniker tend to adopt a shared identity when online. These individuals are also characterized as both uninhabited and self-indulgent.3 The [Anonymous] define or rather describe themselves as just online individuals/users who wish for a kind of channel to do and act as pleased. They seek permission to do what they cannot do in regular society. They even have a slogan to this being “We are doing it for the lulz”. For over duration of two years, a new age of hacktivism was initiated by Anonymous. My research and diggings have yielded some findings about activities of the group that happen to be well known, however, the methods and strategies of the group still remain vague. My findings were. The group does exist and is mostly comprised of real and skilled hackers. The group is believed to adopt convectional technologies and methods (black hat methods). Their methods and actions are closely similar to profiteering hackers. Information and data theft and DoS attacks are common in this group.4 Anonymous are believed to have two levels of attack. The first being, theft of data. Anonymous attempt to steal ones’ data and information and should that fail they attempt Denial of Service attacks (DoS). The first and among the major attacks by the group was dated back in the year 2010. Where, Anonymous mounted a DDoS attack on Visa, MasterCard and PayPal. The attacks dubbed “Operation Payback” were however not fruitful. It’s alleged that another Anonymous attack on Sony Inc. was successful, and this resulted in Sony suffered public relation devastation in the aftermath of the attack due to data exposure.5 The Anonymous group is divided into two sub groups of volunteers. These are either laypeople or skilled hackers. The laypeople group is the largest and ranges from a few dozen to hundreds. They are believed to be the force behind the DDoS attacks and always act on orders from the hackers. As for the hackers, they are skilled (very) based on the success of their attacks. This group is of about fifteen hackers only. Anonymous Attacks: These attacks can be categorized into three phases. Firstly there is both communication and recruitment of volunteers. The recruitment is leveraged from social media users and subscribers with the promotion of campaigns and messages. In this phase of attack, YouTube, Twitter and Facebook are among the major social media websites were used to not only suggest but also justify attacks. Only when a targeted number of volunteers are reached when recruiting, than the hackers commence the initial reconnaissance. Secondly the attackers locate a place of operation after clearly hiding their identities. They then proceed to finding weakness of targeted application by probing these applications for any exploitable weakness. Their sole intention is data and information breach. The skilled hackers of Anonymous utilize the use of attack software designed for data theft such as Havij. If this data theft fails, Anonymous takes to DDoS phase. This is where the recruited laypeople come in use. The volunteers are instructed to download attack software that they can use when launching the attacks. A good example is the Operation Payback where Anonymous volunteers mounted DDoS attacks. 6 The group is believed to have developed so custom made attack software that runs on both mobile and computer platforms. It’s believed that the group cannon mount attacks willingly but they are influenced to dynamics of hacking that is sourced from the crowd. Conclusively, the above mentioned methods and strategies are the character traits of Anonymous. Cyber Terrorism and Anonymous Since there is hardly a distinct definition of cyber terrorism, in an effort to try and define the term from a logical point of view, I researched on both attributes and definitions of terrorist events and terrorism. The most logical definition out there was that cyber terrorism is the merging of both cyberspace and terrorism. Despite cyber terrorism being generally perceived as unlawful threats and attacks on networks, computers and other related infrastructure, for this to be valid as an attack it should equal in violence against property or individuals. In my understanding, I shall try to define related terms before concluding on a justifiable definition of cyber terrorism and how it co-relates to Anonymous. Pure Cyber Terrorism: This refers to all or any terrorist activities conducted entirely in the virtual world. The internet acts as a venue for two or more like-minded individuals to meet safely. Additionally, for a successful cyber-terrorist attack, perquisite rather than knowledge is needed. These conditions are conducive for formation of entirely new groups (terrorist groups). Based on the numerous examples given above, in which a computer system is said to help in the work of the terrorist, actual resources are vital when executing the plans. One has the feeling that the question on the appearance of the terrorist is not fully addressed. New Terrorism: The new and recent terrorist movements and organizations are well financed and funded. These terrorists are a group of technologically articulated individuals with potential of causing damage to wide range of people. Whereas most research in the IT industry has majored on the effects of computers as targets. I tend to believe that real threats posed by the convergence of terrorism and computers is not from just the perceptions of computers as potential targets, but rather in wide areas as well. The detriment of the focus on only computers as targets, we expose our vulnerabilities to attacks on more crucial ways. Thus, an adequate approach to terrorism that entails computers is greatly contextual under these circumstances. The use of native anti-terrorist defensive measures must be in place; however, these precautions must cover even the virtual factors that had earlier been stated. There is a cyber-aspect to this puzzle that must cover the whole picture, not basically curbed to one cell.7 Cyber-Terrorist Weapons: It’s obvious from the above ideas, the computer is deemed as the most likely weapon of choice for cyber-terrorists. Is it necessary to limit access to computer, just like the access to guns, explosives and related materials are? I believe that all computers need to be protected at all times. Like the firearm, there are laws and rules that cover the manner in which an individual should protect it from dangerous/illegal use. In the same manner in which firearms are protected, computers usage ought to be governed as well. This is mostly covered in the data protection act and additional rules and regulation set by organizations or nations.8 Conclusively, the internet was initially unregulated after it had been developed. It was an open architecture that was as a result of corporatization of networks. This basically implies that we took ‘tools of destructions’ and handed them to malicious individuals. In addition, we ought 9to deal with the fact than, the internet infrastructure is epitome to criminal and malicious activities with cyber-terrorism being some of these activities. Hacktivism and Anonymous As earlier defined, hacktivism is derived from the combination of two distinct entities (hacking and activism). The comprehension of their respective backgrounds is vital when attempting to analyze their historic merger as well as capabilities and challenges. A hacker, was originally defined as someone with vast understanding of computers, networks and one that is capable to not only invent but to modify or refine such infrastructures. This practice (hacking), blossoms in environments with freely accessible data or information. Steve Levy in his book Hackers heroes of the Computer revolution outlined that hackers access to information or computers should be unlimited and that the presence of wariness power/authority encourages decentralization.10 Activists on the other hand, took advantage of the internet through the integration of internet/computer technology with activism. This aided them in a beneficial and complementary manner that could perfectly fit with corresponding yet decentralized networks of other activists. Activists with little or no skills (technical) can utilize the fruits of digital communication. The internet promotes research, meetings, debates and convergence on a faster, single and cheaper medium that improves not only activists’ organizational abilities but also the capacity of activists to counter to a persistently changing world. In an effort to teach the community and endorse campaigns and causes, activist organizations make use of both the Internet and initiated an interactive, available, updateable and a worldwide presence that would have earlier been challenging if not almost difficult to uphold.11 Applied Hacktivism Hacktivisim is defined generally as the amalgam of activism and hacking. It is described as the act of hacking for solely political causes or purposes. Evolutionary advancement of both communities has placed them in a situation where they ought to balance each other due the fact that they both face the same technological and political opposition. The rise of techno-politics has inspired every community and offers a network for digitized-activism (e-activism). Hacktivism creates ethics with technology and binds individuals from having an agreeable manner of conflict. It also permits people to launch better ideas, convent virtual followers and the taking on any oppressiveness that came their way. Hacktivism has undergone through a variety of transformation from electronic civil disobedience to outwitting confines through the advancements and implementation of technology. However, major protests to and contestation of the enthusiasm and approach of activities often defined as hacktivism. As it is with the cracker /hacker, differentiating between "cracktivism" and hacktivism is complex. Hacktivism is used to define politically motivated hacking which is beneficial whereas the second is rather disruptive. Cracking on the other hand, is an act of illegal entry to a given computer system. When the above mentioned acts are conducted out for the purpose of an explicit political motive, they are then described as Hacktivism. Over the years, hacktivism and its expressions have transitioned. In an aim to minimize confusion in its definition, it’s best when one analyzes all tabled situations and scenarios contextually. 12 Anonymous and their attacks Minorities of online attacks in recent years were suspected to be the doings of Anonymous. These attacks were believed to have wreaked the greatest damage in terms of information and data breaches on an international scale. This accounted for most of all compromising records ever made. My research has led me to believe that hacktivism played a vital part in these attacks. The Anonymous attacks communal targeted numerous big-profile targets as; Federal, Sony, multiple law enforcement agencies, PBS and Fox. It’s believed that in the year 2012 almost eight hundred and fifty five information/ data breaches as well as 174 million stolen information records have been compromised and hacktivists can account to only two (2) to three (3) percent of the attackers.13 In these attacks (breaches) covered in my study, Anonymous (hacktivists) were still responsible for the breach of fifty eight percent of data records. Inclusively, Hacktivists stole more than one hundred million records with organized crime taking the pole position. Conceivably most telling is how all this new information exemplifies the change in hacktivism over the previous years. This shift is has transition from the defacements of website DDoS attacks in an aim to make a statement or merely disrupt websites, to embarrassment and cause of damage to affected firms and organizations. 14 The cases in which Anonymous group ran the rainbow-tables beside password files and sharing those passwords online, this resulted in the vulnerabilities of the credentials to organized crime syndicates to exploit. Considering that Anonymous employs illegal means, or is perceived as being morally ambiguous, hacktivism is often interpreted as cyber-terrorism. This assumption is derived from the similarities of the two and their intended targets. 15Hacktivism methods comprise defacements of websites, DDoS attacks, information/data theft, and virtual sabotage. This shows us the potential to which hacktivism has toward economic damage. In other words, a syndicate or movement of individuals dubbed Anonymous attempted to bring down the Wall Street Exchange. 16This was part of a conquer protests by the individuals. Since the most well-known, and perhaps most abundant, hacktivist group is Anonymous. The group is a slack, hierarchy with; fewer group of users (online) who frequently mount attacks on numerous targets that they deem breaching their opinions and views. Nevertheless, Anonymous is such a slack collective that it can never really be panoptic. Is Anonymous traceable? After a number of websites were attacked by Anonymous following the Wikileaks saga, the question rose as to how untouchable (untraceable) the group was. A research by the University of Twente on an attempt to identify a click of the Anonymous hacker discovered that they were easily traceable. This implied that the individuals were anything but anonymous. 17Cumulatively, even though these hacktivists may not be versed with the international data retention laws, this law requires that every commercial Internet service providers hoard/store information regarding internet users and usage for a minimum of at least six months. Thus implies that indeed these individuals (hacktivists) can still be easily found even after their attacks have been done.18 Conclusion Progressively over the past few years, we have witnessed an increase of ‘professionalism’ in cyber-terrorism. These are character traits of cyber-attacks, hactivism and malware. In addition to this, the percentages of attacks claimed by Anonymous have been increasing in a rapid yet steady manner. 19Despite these findings, we should anticipate for new trends of attack in the coming years. It’s likely that convectional crimes will become more like cyber-crimes and verse versa. With these advancements, we should prep for growth of Anonymous and the diversity of the ethics of cyber-attacks. Frameworks ought to be laid down to provide fundamental bases to curd this ‘disease’. However, the framework shouldn’t be deemed as a sole instrument essential for making ethical judgments of the cyber-attacks and crimes. Rather, it should be a kick off point solely based on well-defined and established principles. The addition of considerations that can interpret and also inform on ethical decision making is also proposed. Only then can we be a step closer to curding the emergence or and prevalence of these outlaw groups and movement. Our perception on the fight need not be fixated with static ideologies and strategies, but rather be dynamic and evolving. 20As witnessed how the success of a group can be beneficial to other outlawed malicious syndicates, thus opening new channels of other individuals or group exploit. In the attempt to curb this menace nothing should be assumed or underestimated. Bibliography 1. Waterman, Simon, ‘Hackers deface Danish websites’, the Washington Times, February. 2006. 2. Denning DE, ‘Activism, Hacktivism, and Counterterrorism’, In Arquilla J, & Ronfeldt D, editors, Networks and Netwars. Santa Monica, CA RAND, 2001 Ch. 8; pp. 229-288. 3. Wingfield T, ‘The Law of Information Conflict’. Falls Church, VA, Aegis Research Corporation. 2000. 4. Himma KE, ‘The Ethics of “Hacking Back”’, Active Response to Computer Intrusions. In Himma KE, editor. ‘Readings on Internet Security: Hacking, Counter-hacking, and Other Moral Issues’, Boston, Jones & Bartlett. 2006b. 5. Karnow CEA, ‘Strike and Counterstrike: The Law on Automated Intrusions and Striking Back’, Seattle, WA, BlackHat Windows Security 2003. 6. Denning, DE, ‘Activism, Hacktivism, and Cyber-terrorism: The Internet as a Tool for Influencing Foreign Policy’, February 4, 2000. Retrieved 15 May 2012 http://www.nautilus.org/info-policy/workshop/papers/denning.html. 7. WCC, ‘IFIP World Computer Congress Workshop’, IFIP World Computer Congress. Montreal, Quebec, Canada. August 2002. 8. Denning, D, “Cyber-terrorism”, Testimony before the Special Oversight Panel of Terrorism Committee on Armed Services, US House of Representatives, 23 May 2000. Retrieved 15 May 2012 http://www.cs.georgetown.edu/~denning/infosec/cyberter ror.html. 9. Mason, M ‘IGC Fights Digital Censorship: Basque Website Attacked by Internet Mail-bombers’, 1997. Retrieved 5 May 2012 http://members.freespeech.org/ehj/html/igcehj.html. 10. "I-Defense and the Internet 'Thought Police': Misrepresenting the Facts to Create Media Panic." the electrohippies collective, April 6, 2000. Retrieved May 15 2012 . 11. Previous post Next post "FBI Knocks Down 40 Doors in Probe of Pro-WikiLeaks Attackers". Wired. January 27, 2011, Retrieved May 15 2012. 12. Dadok, Eva. ‘"Hacktivism – A Free Form of Expression or a Digital Vandalism?"’ December 1, 2000. Retrieved May 15 2012 . 13. By staff writers. ‘"25 alleged Anonymous members arrested after Interpol investigation"’. Washington Post. February 29, 2012, Retrieved May 15, 2012. 14. Moya, J, ‘Operation: Payback Targets IFPI for Pirate Bay Verdict’, zeropaid.com. Retrieved May 15, 2012. 15. Janczewski, L, & Andrew MC, ‘Cyber Warfare and Cyber Terrorism’, Hershey, PA, Information Science Reference, 2008. Retrieved on May 15 2012 . 16. Colarik, AM, ‘Cyber Terrorism: Political and Economic Implications’, Hershey, PA, Idea Group Publishers, 2006. 17. Graves, K, ‘CEH Certified Ethical Hacker Study Guide’, Indianapolis, India, Wiley Pub, 2010. 18. Ryan, C, ‘Prime Time Activism: Media Strategies for Grassroots Organizing’, Boston, South End Press, 1991. 19. Kizza, J M, ‘Computer Network Security’, New York: Springer, 2005. Retrieved on May 15 2012, http://site.ebrary.com/id/10229115. 20. Kizza, J M, ‘Computer Network Security’, New York: Springer, 2005. Retrieved on May 15 2012, http://site.ebrary.com/id/10229115. Read More

The [Anonymous] define or rather describe themselves as just online individuals/users who wish for a kind of channel to do and act as pleased. They seek permission to do what they cannot do in regular society. They even have a slogan to this being “We are doing it for the lulz”. For over duration of two years, a new age of hacktivism was initiated by Anonymous. My research and diggings have yielded some findings about activities of the group that happen to be well known, however, the methods and strategies of the group still remain vague.

My findings were. The group does exist and is mostly comprised of real and skilled hackers. The group is believed to adopt convectional technologies and methods (black hat methods). Their methods and actions are closely similar to profiteering hackers. Information and data theft and DoS attacks are common in this group.4 Anonymous are believed to have two levels of attack. The first being, theft of data. Anonymous attempt to steal ones’ data and information and should that fail they attempt Denial of Service attacks (DoS).

The first and among the major attacks by the group was dated back in the year 2010. Where, Anonymous mounted a DDoS attack on Visa, MasterCard and PayPal. The attacks dubbed “Operation Payback” were however not fruitful. It’s alleged that another Anonymous attack on Sony Inc. was successful, and this resulted in Sony suffered public relation devastation in the aftermath of the attack due to data exposure.5 The Anonymous group is divided into two sub groups of volunteers. These are either laypeople or skilled hackers.

The laypeople group is the largest and ranges from a few dozen to hundreds. They are believed to be the force behind the DDoS attacks and always act on orders from the hackers. As for the hackers, they are skilled (very) based on the success of their attacks. This group is of about fifteen hackers only. Anonymous Attacks: These attacks can be categorized into three phases. Firstly there is both communication and recruitment of volunteers. The recruitment is leveraged from social media users and subscribers with the promotion of campaigns and messages.

In this phase of attack, YouTube, Twitter and Facebook are among the major social media websites were used to not only suggest but also justify attacks. Only when a targeted number of volunteers are reached when recruiting, than the hackers commence the initial reconnaissance. Secondly the attackers locate a place of operation after clearly hiding their identities. They then proceed to finding weakness of targeted application by probing these applications for any exploitable weakness. Their sole intention is data and information breach.

The skilled hackers of Anonymous utilize the use of attack software designed for data theft such as Havij. If this data theft fails, Anonymous takes to DDoS phase. This is where the recruited laypeople come in use. The volunteers are instructed to download attack software that they can use when launching the attacks. A good example is the Operation Payback where Anonymous volunteers mounted DDoS attacks. 6 The group is believed to have developed so custom made attack software that runs on both mobile and computer platforms.

It’s believed that the group cannon mount attacks willingly but they are influenced to dynamics of hacking that is sourced from the crowd. Conclusively, the above mentioned methods and strategies are the character traits of Anonymous. Cyber Terrorism and Anonymous Since there is hardly a distinct definition of cyber terrorism, in an effort to try and define the term from a logical point of view, I researched on both attributes and definitions of terrorist events and terrorism. The most logical definition out there was that cyber terrorism is the merging of both cyberspace and terrorism.

Despite cyber terrorism being generally perceived as unlawful threats and attacks on networks, computers and other related infrastructure, for this to be valid as an attack it should equal in violence against property or individuals.

Read More