Wednesday, January 25, 2012

Anonymous DDoS Attack: OpIreland

Last night, into early this morning, Anonymous hacktivists launched a successful DDoS (Distributed Denial of Service) attack against, the Department of Justice and Equality in Ireland website as a "warning shot across the bow", in response to an announcement that "the Irish government plans, before the end of January, to bring in a law which would allow Irish courts to block access to websites accused of infringing copyright...".  (See: and search for the twitter tag #OpIreland)

These activities raise many questions about citizenship, the law, liberty on the Internet, intellectual property rights, civil disobedience, and more.

When you think about and research these operations, there are some things that you should keep in mind. Not the least of which is that, according to information published by Anonymous, OpIreland was intentionally conducted "after business hours" when the need for the website would be less critical for anyone seeking to use it.  The goal was to raise awareness, and it seems they have succeeded in that.

Some will denounce these activities out of hand as illegal and wrong.  They will attempt to say that support for these Anonymous Operations is taking a side against intellectual property rights.  I'm not sure that is a fair assessment.  There are already laws on the books which can be used to prosecute those who steal other's work.  What is being attacked here, is the notion that wide-sweeping new laws are required to combat online piracy.  The danger is that these laws are so wide sweeping, that they will end up being used to censor law-abiding netizens and their online content.

In a perfect world, there would be no need to temporarily, forcibly, shut down a government website to direct attention at questionable legislation that, much like our own Patriot Act, is being pushed through the Irish legislature in a timeframe that will not allow proper analysis and debate.  But it is clear that we live in a world that is far less than perfect.

As I write this, is back online.  The site was not damaged, and it was down for probably less than two hours as a result of the DDoS.  The Anonymous threats are far more dangerous.  

A message dropped onto Pastebin advised, "
  1. If SOPA/PIPA/ACTA passes we will wage a relentless war against the corporate internet, destroying dozens upon
  2. dozens of government and company websites. As you are reading this we are amassing our allied armies of
  3. darkness, preparing boatloads of stolen booty for our next raid. We are sitting on hundreds of rooted servers
  4. getting ready to drop all your mysql dumps and mail spools. Your passwords? Your precious bank accounts? Even
  5. your online dating details?! You ain't even trying to step to this."

This may seem like techno-babble to many of you - if that is the case, take my word, it is threatening.

If the Anonymous Hacktivists move into the above noted phase of operations, I fear they will have gone too far.  There is a difference between raising awareness through a more or less peaceful DDoS demonstration and cracking into accounts and distributing private bank account information.  The DDoS operations can clearly be compared to a physical-world protest on a city street that would impede movement through the area for a time because so many people have flooded the street that there is no clear path for traffic to flow.   Cracking into accounts and distributing bank account information is theft.  One could argue, depending upon the owners of the bank accounts, that such operations would be akin to the illegal activities of Robin Hood - but they are clearly illegal, nevertheless.

I have one last thing for you to consider about this most recent, and in fact all hacktivist DDoS activities.  I have heard folks say that because it takes a very large number of computer systems to pull off a DDoS, that there is wide-spread and popular support for Anonymous.  This simply isn't the case.  If it were, the DDoS wouldn't be necessary to raise awareness.  The reality is that the hacktivists who are actually "pulling the trigger" to execute the DDoS are what we refer to as "bot herders".  These are people who have control of hundreds, thousands, and in some cases tens or hundreds of thousands of compromised home and business computers.  When these computers are compromised, software is installed "enlisting" these systems into a "bot army".  The systems continue to function as normal; but, they also wait and listen for the command to attack.  When that attack command is received, it is often a simple command telling the system to repeatedly "ping" the target system.  The target system is quickly overwhelmed by "ping" requests, and can no longer respond to legitimate traffic.  The site, in effect, is taken offline in this manner.

Perhaps a more democratic way to implement a popularly supported DDoS protest campaign, would be to invite folks to join the cause, rather than draft them into unknown participation.  That would be better cyber-jutsu. ;)

Sensei Metajunkie

No comments:

Post a Comment