Twitter handles associated with Anonymous are suggesting that “Operation Blackout,” a rumored attempt to shut down the Internet scheduled for March 31, was never an officially sanctioned plan.
Operation Blackout calls for a highly-focused Distributed Denial of Service (DDoS) attack on what it said are the Internet’s 13 root Domain Name System (DNS) servers. It was announced in February as a protest against SOPA, Wall Street and “our irresponsible leaders and the beloved bankers who are starving the world.”
The release suggested such an attack would temporarily disable the DNS system, which turns a web address such as “www.mashable.com” into an IP address that directs a user’s browser to the proper server. That’s not exactly the same as taking down the entire Internet, but Anonymous said that didn’t matter.
“Anybody entering ‘http://www.google.com’ or ANY other url, will get an error page, thus, they will think the Internet is down, which is, close enough,” reads the release. “Remember, this is a protest, we are not trying to ‘kill’ the Internet, we are only temporarily shutting it down where it hurts the most.”
As the weekend drew nearer, Twitter accounts associated with Anonymous denied such an attack was on the horizon.
The account also argued that such an attack would be self-defeating. If Anonymous shut down the web, it would be removing the forum the group uses to express its political and ideological grievances.
Even though this account is backing off “Operation Blackout,” Anonymous prides itself on its leaderless structure — so an operation may be carried out by a small handful of members in the group’s name. However, even if Anonymous (or part of Anonymous) attempted such an attack, many cybersecurity experts doubt it would be successful.
“It’s not even technically feasible,” says Dave Marcus, director of security research at McAfee Labs. According to Marcus, the DNS system has a great deal of redundancy, security and load-balancing measures in place.
“That doesn’t mean if they tried, there wouldn’t be odd consequences with routers and other things like that,” says Marcus. “But they’re not going to be able to knock the DNS servers offline. The thing that would worry me is what would happen to traffic along the way. Let’s say you can’t get to an exit on expressway that you want to get to, and everyone else is trying to get there as well. It creates odd routing problems and unintended consequences.”
Marcus added that Anonymous would need tens of thousands of connections (or botnets) to even attempt such an attack, a number likely to be beyond their capabilities.
Matthew Prince, CEO of CloudFare, pointed out that the idea of DNS relying on only 13 servers is a fallacy.
“There are hundreds of other servers scattered across multiple locations,” says Prince. “Those servers are regularly under attack, they’ve sustained fairly massive attacks launched against them and they are run fully redundantly. I think the likelihood anyone could knock the root server system offline is extremely low.”
Prince added that Anonymous once unsuccessfully tried to take down Amazon — and if Amazon could withstand an attack, the DNS system certainly could. If need be, says Prince, outside organizations like his would “step up” to host backup DNS servers.
“I think you would see other organizations stepping up to add additional resources to mitigate an attack,” says Prince. “There are more good guys on the Internet than bad guys — and we’d bind together fairly quickly to ensure the Internet continued to run.”
Do you think Operation Blackout is an officially sanctioned Anonymous event, or is it just a rumor? Sound off in the comments below.
Hacked: CIA website, in addition to several international law enforcement accounts
Date of Incident: Feb. 3, 2012
What’s Known: Anonymous made Feb. 3, 2012 the “day of action” of coordinated efforts to take down several government web properties. In the CIA.gov hack, personal data from Alabama court papers — Social Security numbers, birthdays and addresses — were exposed. Confidential emails from a Mexican mining agency were also released.
The same day, hackers forced their way into a conference call between the FBI and Scotland Yard, the UK’s Metropolitan Police Service. The 16-minute call was posted on YouTube with the headline “Hacked for the Lulz.”
Arrests: British teens Ryan Cleary and Jake Davis were arrested in connection with the hacked conference call. British officials who gained possession of Cleary’s hard drive described him as “a 15-year-old kid who’s basically just doing this all for attention and is a bit of an idiot.”
Image courtesy of Flickr, 4d4mbr0wn
Hacked: CBS homepage, Universal Music homepage
Date of Incident: Jan. 23, 2012
What’s Known: Anonymous hackers took credit for redirecting the CBS.com and UniversalMusic.com homepages to a blank index, in response to the shutdown of file-sharing site Megaupload.
Anonymous also went after websites of Brazil’s federal district, the city of Yangara de Serra and Brazilian singer Paula Fernandes. The string of attacks prompted the error message “If Megaupload is down, you are down too” on the websites.
Image courtesy of Flickr, moomoosuperhero
Hacked: Neo-Nazi groups
Date of Incident: January 2012
What’s Known: Anonymous hackers went after neo-Nazi groups proliferating hate in Germany. The group spread the mission’s goals on YouTube. Addressing neo-Nazis the group said, “Your incomprehensible actions, and your reluctance to accept the Freedom and Equality that every single human being possesses by right from birth, causes the birth to hatred and worldwide Racism.” The attack included a website that published information about hate groups including personal emails and contact lists to German audiences.
Image courtesy of Flickr, Jacob Davis
Hacked: Stratfor, subscription-based provider of geopolitical, security and economic data
Number of People Affected: 50,000
Date of Incident: Dec. 25, 2011
What’s Known: Subscriber emails and personal information, including credit card numbers, were hacked. Anonymous donated money to various charities with stolen credit cards.
Image courtesy of Flickr, demonbaby
Hacked: Anonymous worked to crash the host server of a lucrative child pornography ring on 40-plus websites. Anonymous exposed member IP addresses every time someone tried to access these websites.
Affected: Hosts and members of child porn website Lolita City hosted on a private, peer-to-peer file sharing darknet service called Freedom Hosting.
Date of Incident: Oct. 2011
What’s Known: Anonymous set off to dismantle a child pornography ring online. It exposed a website known as Lolita City that carried more than 100 GBs of child pornography. The YouTube video posted by the hacktivists explained, “Anonymous took a pledge to defend the defenseless and fight for the fallen. We rallied an army called ‘The Legion’ and armed ourselves with our Chris Hansen canons. We set out for the great hunt which has become known as Operation Darknet.”
The IP addresses found from the networks of the 40-plus child porn websites were released for FBI, Interpol and law enforcement agencies.
Image courtesy of Flickr, Thanh ~ Slices of Life
Hacked: eBay’s PayPal website
Affected: 20,000-plus PayPal users closed their accounts at Anonymous’ request in retaliation for arrests related to WikiLeaks.
Date of Incident: July 2011
What’s Known: Anonymous used DDoS attacks to shut down PayPal.com and waged a Twitter campaign against the company, asking PayPal users to cancel their accounts. Anonymous stated PayPal is a “corrupt and greedy” organization because after it blocked donations from WikiLeaks supporters from reaching the group. “We encourage anyone using PayPal to immediately close their accounts and consider an alternative,” Anonymous wrote in an online message. On the first day of the social media campaign, PayPal lost lost an average of four members per minute. The stock value of PayPal suffered severely, resulting in a $933 million to $1 billion loss.
Arrests: 19 people in connection with attacks by U.S. authorities were arrested in the following weeks. The hacker group included people in the U.S., UK and the Netherlands.
Image courtesy of Flickr, philcampbell
Hacked: Tunisian government
Affected: Tunisian government websites were shut down
Date of Incident: Jan. 3, 2011
What’s Known: Anonymous used DoS (denial-of-service) attacks on the official websites of the Tunisian president and government bodies. Anonymous released an Operation Tunisia press release on YouTube. “The Tunisian government has made itself an enemy of Anonymous” with its censorship and “oppression of information,” the video explained.
Image courtesy of Flickr, Jacob Davis
Hacked: HBGary Federal is a subsidiary of the security company HBGary, which was hired by the U.S. government to uncover members of the Anonymous network, among other protection tasks.
Affected: Former HBGary CEO Aaron Barr’s Twitter account and 71,000-plus confidential company emails were hacked. Barr stepped down in aftermath.
Date of Incident: Feb. 6, 2011
What’s Known: Anonymous members hacked into Barr’s Twitter. They sent messages like, “Today we taught everyone a lesson. When we actually decide to bite back against those who try to bring us down, we bite back hard.” Hackers also released his address and social security number on the microblogging network.
Among the information released to the public, Anonymous exposed that HBGary used illegal and unfair tactics to discredit journalist Glenn Greenwald of Salon who often wrote about WikiLeaks. Barr and his company were using cyberattacks, false information, forged docs and blackmail.
Image courtesy of Flickr, alles-schlumpf
Hacked: National Atlantic Treaty Organization
Affected: Reports on NATO servers
Date of Incident: July 21, 2011
What’s Known: Anonymous stole 1GB of data from NATO systems, and took to Twitter to tease officials, stating that publishing the sensitive information would be “irresponsible.” NATO acknowledged the breach after Anonymous users published PDFs of classified documents to the web.
Image courtesy of Flickr, scragz
Hacked: Church of Scientology
Affected: Denial-of-service attacks on the Church of Scientology websites
Date of Incident: Ongoing, Jan. 14, 2008
What’s Known: The Church of Scientology floated onto Anonymous’ radar after the religious entity released an interview with celebrity believer Tom Cruise. Anonymous viewed the video (since removed from YouTube) as an item of propaganda.
On resources like WhyWeProtest.net, where Anonymous regularly posts notices and statements, members say they view Scientology as a false body spreading fraudulent claims and defying human rights violations. The “official” Anonymous mission video states the long-term campaign against the religious organization will not cease until the church is “destroyed.”
Image courtesy of Flickr, StephenMcleod