January 20, 2012 6:39 pm

Anonymous uses new tactic in web attacks

The closure on Thursday of Megaupload.com, the file-sharing site that the US authorities claim distributed half a billion dollars’ worth of pirated content, reawakened the chaotic force of Anonymous.

In two waves of attacks on Thursday and Friday, the hacktivist group mobilised its largest campaign of cyber activism since its supporters came out in force for WikiLeaks in December 2010.

More

On this story

On this topic

IN Technology

Anonymous claims that about 5,600 people were involved in launching attacks on US government sites, including the Federal Bureau of Investigation, the Department of Justice and the White House, as well as entertainment industry sites such as Universal Music, the Recording Industry Association of America and MGM, knocking them offline for an hour or more.

The New Zealand police force’s website was also taken down by the same method – a flood of traffic that overwhelmed its servers – after Kim Dotcom, Megaupload’s chief, was arrested in Auckland.

These “distributed denial of service attacks”, as they are known, are a longstanding tactic of both online activists – who compare them to a sit-in protest – and cyber gangsters – who demand money from their victims before halting the attack.

The usual way to direct enough computers at a single website is through a so-called “botnet” or zombie network of computers that have been infected by viruses or Trojans. These PC infections can often be picked up by downloading pirated music or movies from illegal file-sharing sites.

Anonymous – which fights for free speech online, regardless of copyright – may have used such a botnet to take revenge for the shutting of Megaupload.

But security researchers also identified a new tactic in its latest attacks. Rather than asking its supporters to download a tool – known as the Low Orbit Ion Cannon – which effectively volunteers the user’s PC into the zombie army, Anonymous activists on social networks such as Twitter and Tumblr passed around a simple web link.

“If you visit the webpage, and do not have JavaScript disabled, you will instantly, without user interaction, begin to flood a website of Anonymous’s choice with unwanted traffic, helping to perpetuate a DDoS attack,” said Graham Cluley, senior technology consultant at Sophos.

“The hackers have combined technological and social engineering to further their political aims,” said Kate Craig-Wood, managing director of Memset, a cloud hosting company. “I must admit some admiration – it is an elegantly simple method of empowering the people with the hackers’ skills, massively amplifying their capabilities.”

The link’s purpose was not always identified, suggesting many people may have inadvertently joined the campaign of Anonymous. But it comes in a week which has seen many popular websites, including Google and Wikipedia, choose to “blackout” in protest at proposed anti-piracy legislation.

The irony of Anonymous aggressively forcing a blackout on its victims was not lost on the hacktivist group, despite concerns that they could undermine the more legitimate protests which they also vocally supported this week.

“Sure, one could say we made matters worse, or one could say we showed necessary passion,” malicioustorm, an Anonymous activist, said on Twitter.

The Stop Online Piracy Act and Protect Intellectual Property Act have both been shelved, at least for now, after vocal opposition from Google, Facebook and other internet giants, despite intense lobbying from the entertainment industry.

Another Anonymous supporter wrote in a blogpost: “The raid on Megaupload Thursday proved that the Feds don’t need SOPA or its sister legislation, PIPA, in order to pose a blow to the web.”

The music industry, not surprisingly, sings a different tune.

“The government has many tools at its disposal, including criminal prosecution,” said the RIAA. “But if [Megaupload, which had servers in Virginia] were hosted and operated, for example, in a foreign country, our government would be essentially powerless to do anything about it. That needs to change.”

Kim Dotcom and his alleged co-conspirators have been detained in Auckland pending extradition to the US. But even when this huge criminal copyright case comes to court, the DoJ will have to demonstrate that the operators of Megaupload were aware of the piracy on their file-sharing site and even encouraged it.

A previous legal ruling against Grokster, another file-sharing site, found that the creators of such services can be held responsible for their users’ activities, if the technology was intended to be used illegally.

But in 2010, a court sided with YouTube in its battle with media group Viacom over pirated content on the video-sharing site, because its parent Google had worked co-operatively with rights holders.

Although Megaupload is one of the world’s most popular websites, the many legal efforts to tackle piracy so far have failed to stop as many as a third of the online population, according to analysts Analysys Mason, from using such “cyberlockers”.

Whether the next battle against piracy is fought in Washington, in cyberspace or in a courtroom, it is unlikely to be the last.

Copyright The Financial Times Limited 2014. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

NEWS BY EMAIL

Sign up for email briefings to stay up to date on topics you are interested in