Snowden Leaks: U.K. Spies Launched Cyber Attacks Against Hacktivist Group Anonymous
It looks like the U.K.'s spy agency has it's own Low Orbit Ion Cannon, and it's not afraid to use it -- or restrict it from targeting non-terrorism related civilians.
The U.K.'s counterpart to the National Security Agency (NSA) called the Government Communications Headquarters (GCHQ) launched cyberattacks against the hacker collective Anonymous and its trouble-making offshoot LulzSec, according to a new report based on documents leaked by ex-NSA contractor Edward Snowden.
NBC News obtained the leaked documents, labeled "top secret" and restricted to the "Five Eyes" intelligence sharing alliance of the U.S., Australia, Canada, New Zealand, and the U.K. According to the PowerPoint presentation in the leaked documents, the attack campaign was called "Rolling Thunder" and involved launching distributed denial of service (DDoS) attacks on the sites used by hacktivist group Anonymous and LulzSec.
DDoS is the same cyber attack technique used by Anonymous and LulzSec to either make political or moral points, or to just cause some trouble by taking down parts of networks. In Lulzspeak, a DDoS attack is often referred to as firing the "Low Orbit Ion Cannon," a reference to several science fiction stories that involve Ion cannons.
The PowerPoint presentation, partially redacted by NBC News, was prepared for a 2012 conference called SIGDEV, or signals development. The document reveals that a subsection of GCHQ, known as the Joint Threat Research Intelligence Group (JTRIG), launched a DDoS attack against specific IRC chat rooms used by Anonymous members in September 2011, after Anonymous targeted American and British intelligence agency and law enforcement websites in "Operation Payback." That DDoS attack by Anonymous was in protest against the prosecution of Chelsea Manning.
The documents boasted that the "Rolling Thunder" operation had scared away 80 percent of the users of the Anonymous chat rooms. The document also showed that JTRIG had infiltrated chat rooms and identified individual hackers, including one who hacked PayPal and was later charged and convicted in court.
This is the first time the existence of the JTRIG has been made known -- the first time a known DDoS attack originated from a Western government -- and its activities have drawn concern from civil liberties groups and hacking experts. Gabriella Coleman, author of an upcoming book on Anonymous and professor at McGill University, told NBC News that the "Rolling Thunder" operation was approaching the line of spying on and cracking down on civil disobedience.
"Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs," said Coleman. "Some have rallied around the name [of Anonymous] to engage in digital civil disobedience, but nothing remotely resembling terrorism. The majority of those embrace the idea primarily for ordinary political expression."
Former head of the U.S. National Counterterrorism Center Michael Leiter agreed that there should be limitations to actions like "Rolling Thunder," but also said in the report that "law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online." It should be noted that DDoS attacks are not pinpoint operations, and downtime and damage to IRC networks could have been done in the process of targeting Anonymous. Also notable: launching DDoS attacks is against the law in the U.K. and U.S.
Check out the NBC News report for many more details about the JTRIG and its efforts to break up hacktivism.