The cases are still in their early stages. But bit by bit, the lives and personalities of the suspects arrested and charged in July as members of the ‘hackivist’ collective ‘Anonymous’ are coming to light.
The prosecutions, stemming from cyber attacks on PayPal, AT&T, and a law enforcement website, represent the government’s first major salvo against a group whose operations it considers an increasing criminal threat, at the same time as its basic construction has remained largely opaque.
But while the charges are clear cut, the potential motives of the accused are less so. Indeed that’s the key question. Who are Anonymous, and what do they want, if anything? Is Anonymous even a real organization, or is it an ethos? And does that distinction really matter, when there are real crimes being committed under the Anonymous banner?
One suspect’s attorney told TPM that his client believes that he was participating in a legitimate political protest, another relayed the message that he was “concerned about the availability of information in today’s society.”
According to the federal indictment filed in San Jose, 14 defendants participated in a coordinated DDoS attack against PayPal’s computer servers in retribution for their termination of WikiLeaks’ donation account. The attacks, which Anonymous referred to as “Operation Avenge Assange,” took place from Dec. 6 to Dec. 10, 2010.
All of the suspects have entered not-guilty pleas, and the next hearing is set for Nov. 1.
The defendants are of both genders and range in age from 20 to 42 and in filings are identified by their names and alleged Anonymous nicknames like “Anthrophobic,” “Toxic,” “MMMM” and “Reaper.” They consider themselves “hacktivists” or “hacker activists.”
Six of the defendants have been assigned attorneys by a federal court due to their financial situation.
Their arrests in July — paired with 75 raids across the country — demonstrate federal law enforcement’s focus on the leaderless hacker group. The Department of Homeland Security has issued three “bulletins” since June which warned cybersecurity pros of hacking successes and the threats made by Anonymous and related groups.
Earlier this summer, TPM filed a Freedom of Information Act (FOIA) request to federal authorities for access to the mugshots of the accused. We posted those mugshots last week. Later in the day TPM came under a distributed denial of service attack (DDoS). While DDoS attacks have become the signature mark of Anonymous, there was no direct evidence as to who launched the attack on TPM.
It was Anonymous support for Wikileaks and Assange and its high-profile DDoS attacks on not just PayPal - but also a host of immediately subsequent targets, perceived Wikileaks adversaries Amazon, MasterCard, Visa and Swiss bank Post Finance - that propelled the group into international notoriety in December of 2010.
But career hackers, they apparently aren’t. The group — or at least those accused of being in the group — includes retail workers, college students, a bicycle repairman, a landscaper and construction workers.
“He’s just a normal guy: works construction; lives in Jacksonville, Florida,” attorney John Hamasaki said of his client Keith Wilson Downey. “This case — all of the defendants for the most part are not our usual clients in criminal defense. It is a stressful traumatic difficult position for all of these people to go through, for Keith to go through.”
“These people believe they were involved in a protest in a demonstration,” Hamasaki said. “There’s a social justice aspect to this whole thing that’s missing.”
Hamasaki said that federal authorities executed a search warrant on Downey’s house, where he lives his mother and brother, in early 2011, collecting a “vast amount of information” that the government is still setting up the means for them to access.
Graham E. Archer, an attorney for Ethan Miles, said lawyers have been given “very, very little information” to this point. “I’ve received under 100 pages right now.”
Archer said Miles works as a bicycle mechanic at his father’s 30-year-old shop and also works in construction. His client said he doesn’t know anybody else that was charged at all and does not have a lengthy or in-depth background in computers.
“I don’t think he would describe himself as computer-savvy. He certainly would not describe himself as a hacker,” Archer said.
Archer, for his part, said he has a background in cybersecurity law that he said was sparked by a youthful brush with hackers.
“It dates all the way back to my high school days,” Archer, who attended a D.C.-area school in the late 80s and early 90s, told TPM. “I can’t imagine they paid any attention to me, I’ve never requested by FBI file, but as a youth I had some experience with the kind of folks that they’re now running around with.”
How It All Began
For as nebulous and liquid as Anonymous’s current membership purports to be, the group has a fairly defined beginning: The website 4chan.org.
Launched in 2003 by then 15-year-old Long Islander Christopher Poole, 4chan.org derives its name and central concept from a popular Japanese anime image forum called 2chan. Like 2chan, 4chan began as a forum for users to share, remix and comment upon anime images anonymously. On 4chan, instead of a username, every user is assigned a random number, and distinct one for every separate post they make.
But a subsection of the English-language website quickly took on a more bizarre, outlandish and often disturbing turn.
On 4chan’s “b” board (/b/), users would and still post everything from hardcore pornography to racist screeds. Freed by the promise of total anonymity (posters often refer to themselves and one another as “Anons,” or “/b/rothers”) the b board’s culture mutated into one where users essentially competed to post the most the outrageous non-sequitors and controversial topic threads.
Often featured were crude, stick-figure comics featuring the Guy Fawkes mask from the graphic novel-turned movie “V for Vendetta,” which is about an anonymous crusader who fights against a future totalitarian British government.
Yet out of 4chan’s chaos came a certain rough sense of order — with users coalescing around certain memes and pranks such as the now-ubiquitous “LOL Cats,” photos and “Rickrolling” link bait-and-switch (wherein unsuspecting Web users are tricked into clicking through to a music video Rick Astley’s “Never Gonna Give You Up.”) Remarkably, the power of 4chan to popularize these memes was instant and unstoppable. As the Wall Street Journal reported in 2008, “Over the past year, Rick Rolling has become an online sensation, pushing Mr. Astley’s video past 16 million views on YouTube.”
It wasn’t until mid-January 2008, though, that 4chan’s b board became the spawning ground of something far more ambitious than amusing juvenile pranks. That year, a user posted a call to arms against the Church of Scientology for pulling down a promotional video featuring celebrity devotee Tom Cruise.
“It’s time to use our resources to do something we believe is right,” one user posted on the /b/ board, as preserved in a screenshot at Oh Internet.
That lead to a YouTube video, wherein “Anonymous” made itself known and established its core, populist, somewhat leftist anarchical tennets.
Knowledge is free. We are Anonymous. We are Legion. We do not forgive. WE DO NOT FORGET. Expect us.
The message also declared that it had “decided that your organization [Scientology] should be destroyed…We shall proceed to expel you from the Internet and dismantle the Church of Scientology in its current form.”
The resulting offensive took down the Church of Scientology’s websites and involved public protests in front of the Church of Scientology’s locations in large cities across the world.
The web component of that effort became the Anonymous trademark: the DDoS attack. Anonymous members were enabled by a freeware program known as the Low Orbit Ion Cannon that can plug anyone’s computer into a “botnet,” or network of other computers dedicated to overwhelming a specific website with traffic.
Barrett Brown, a journalist and former Anonymous spokesman, who is still in constant contact with members of the loosely-knit group, told TPM that “4chan was just the cradle of civilization for Anonymous. It just happened to be the best place for this kind of online activism to gestate. It’s grown far beyond that platform since then.”
Brown estimates that since the beginning of 2011, when Anonymous called for users to DDoS attack the government of Tunisia’s website in the midst of the uprising there, its gained thousands of members and is now up to a total ‘membership’ of hundreds of thousands.
But there’s a big problem for the collective’s lofty political ambitions. It’s the same reason Brown publicly gave up being the group’s spokesman in May: The emphasis has seemingly shifted from such nearly universally (at least within Anonymous) decried targets as Scientology and oppressive regimes to less political targets, including corporations such as Sony, which ‘Anonymous’ targeted in April in retaliation for the company’s litigation against a PS3 hacker, taking down Sony’s website and the Playstation online network (PSN).
“There’s thousands of people now involved in Anonymous who don’t share the same values or emphasis. But I’m glad they are there, I just encourage them to split off into separate groups,” Brown said.
One such splinter group, LulzSec, committed many DDoS attacks against targets this year, including PBS and FBI partner website InfraGuard.
Brown himself has switched his primary focus to a nonprofit activism outfit he started in May 2010, Project PM. Bue he’s still working with Anonymous to uncover information the group picked up from its February hack of HB Gary.