Percolating to the surface is what may be the first inter-faith online insurgency. Spurred by a rather perfunctory take down notice of a video the Scientology religion has been hammered by an online group called Anonymous. Attacks against servers, a fairly complex information/propaganda campaign, and use of para-legal (copyright, freedom of speech, parody, etc.) are being used.

I have no dog in the hunt of the validity of Scientology but this may be a good case study for scholars of small wars to learn the effectiveness and issues of stateless entity warfare and the resultant issues for society. Following on the heels of the Estonian conflict which was originally blamed on Russia and turned out to be a highly effective band of college students, and with a similar feeling, this conflict is a religion versus a non-state actor. The group "Anonymous" has in an interesting turn attacked all of the elements of information security (confidentiality, integrity, availability, authentication, and non-repudiation) paradigm very rapidly.

The group Anonymous is posting "secret" materials, changing data in the Scientology systems, disrupting the operations of the Scientologists with distributed denial of service attacks, that would suggest information warfare in the other realms too. As scholars of small wars, with interests in insurgency, and with an understanding that this same attack vector may occur against as a highly coordinated attack against a state (e.g. Estonia) we should pay attention to this evolving form of attack and consider the ramifications for future conflicts.

LINK (http://www.news.com/8301-10789_3-9857666-57.html)

That is interesting. Thanks for posting that! It appears that this battle has gone from frivilious lawsuits to more "active" campaigning. I am surprised that there hasn't been more of this type of activity from the ELF or ALF movements. They have the technological sophistication to be more active in the digital realm but as of yet haven't employed it.

The black hats that are doing the work must be good because I would assume that the Scientology sites would have decent security due to the type of people they recruit and their own self awareness that they are a target.

I was pretty amazed at how effective the"Anon's" are and at how much corporate America is supporting the Scientology side up to and including removing material under TOS violations that obviously weren't. I'm further amazed at how utterly ineffective the scientologist group is being.

Seems to me like they'd react on the "I don't want this to happen to me" rationale.

Sort of my (distant, very distant) cousin against my enemy...

And would not the guvmint weigh in -- on the same basis?

No familiarity with the corporate IT -- or anybody's IT -- realm so I'm just asking.

They are very well known to use civil lawsuits to fight their points of view and will leave it at that. It just reminds me of the mid 90s when the web was just starting out and all of the nonsense that was generated in that realm.

Seems to me like they'd react on the "I don't want this to happen to me" rationale.

Sort of my (distant, very distant) cousin against my enemy...

And would not the guvmint weigh in -- on the same basis?

No familiarity with the corporate IT -- or anybody's IT -- realm so I'm just asking.

The government rarely weighs in on cyber conflict until somebody can be proved to be breaking the law.

As to the information technology aspect consider this.

Information technology is the life blood of a military unit. You don't think of it that way but you use it that way. Imagine if somebody could see all of your operational orders, all of your logistics, all of your communicaitons with command entities. That is the capability of an attack against your confidentiality mechanisms. This is an aspect of cyber warfare that is not considered often.

Now imagine if somebody could enter your systems and change data around. Instead of ordering bullets from the rear you order up potatoes. What if somebody was to change your operational and mission type orders so that you decrease the watch in particular areas at a particular time thereby giving opportunity to the enemy? That is an attack against the integrity mechanisms.

Now consider the old school methods of a spy entering your command tent silent enough to be not detected and capable enough to succeed. The chances are fairly slim right? When the computer becomes the mechanism the chances explode in probability. The attack succeeds and the damage occurs.

These are the kind of attacks that the Scientology group is being challenged with. There innermost secrets are exposed, the command structure is being exposed, the logistics of the group is open to consideration. Some would say that is just fine the Sceintologists should be more transparent. Regardless no organization can function if trust is violated externally or internally. If this was the Catholic church and records of confessional conversations were being exposed the damage would be catastrophic.

The attacks are highly coordinated and have appeared to be effective. It is an interesting case study to watch as it unfolds.

and understood it when I asked my questions. Which were:

Why is the corporate response a surprise to you (due to those very factors you cite in your tutorial)? It would seem to me the corporate sector wants to deter such actions lest they be aimed at them?

Could the government not be expected to take a biased view of the what the law says to assist in hacker deterrence on the same basis? I understand that nominally they don't act unless a law is broken but you and I both know there's some, uh -- elasticity is a good word -- in making that determination. I also would include 'unofficially' and not only in the law enforcement sense... :wry:

Originally posted by Ken White:

Could the government not be expected to take a biased view of the what the law says to assist in hacker deterrence on the same basis? I understand that nominally they don't act unless a law is broken but you and I both know there's some, uh -- elasticity is a good word -- in making that determination. I also would include 'unofficially' and not only in the law enforcement sense

The Fed's seem to have been taking the position all along that the wronged party has to be able to show direct damages. And practically, there's a whole lot of reasons to take that approach.

First off, there's a lot ("considerably more than a lot", actually) of attempting "invasive digital information gathering" that goes on (all the time) in the business world. I have first hand knowledge on this one, and have reported the different attempted exploits to the FBI in extreme detail. The attempted exploits were all unsuccessful, but it was a real eye-opener going through the process of trying to deal with law enforcement (both federal and state) to get this crap to cease and desist.

Practically, the feds just really, really don't want to get in the middle of this food fight. It is messy, time consuming, and difficult to explain (agents are much more likely to understand than the AUSA's, and the Judges, well that's another story). It's a tough sell as a case. They run from these types of cases.

Also, don't underestimate all the spinoff effects of the DMCA and copyright/digital piracy cases. It's one of those areas where the congresscritters keep pushing it (in exchange for campaign contributions from industry), but since DOJ gets to play the role of the "heavy" & toss single moms/college kids into the justice system for stealing music (true or not, that's how it's put out there), they look forward to prosecuting those cases like going out & catching some incurable disease. And that ends up applying to just about anything in the digital law enforcement area which isn't a slam-dunk case.

IMO, can't blame the Feds for trying to duck a no-win scenario.:(

Now, personally, I can't see any way that the two sides (Scientology Group and the US Government; DOJ) could every find any common ground to the level necessary to take on these type of cyber attacks. Got to be some elements of trust, and there's just nothing there to even start with.

This conflict made NPR tonight. Their take was that this opposition group is a general entity opposed to any internet censorship and the only reason they got involved was due to that video being removed due to the Church's asking. That video that the opposition produced appears to be a little more personal than that.

Information technology is the life blood of a military unit.

It most certainly is, but as I understand it TCP/IP isn't, and for all the hype that surrounds these cyberattacks it's often easy to underestimate the defensive value of long lead times in fulfillment, the human eye for detail and the power of the telephone. DDoS is an occasional fact of life for anyone spinning vital operations on TCP/IP networks; sure, script kiddies can do damage but that's what they pay the white hats the big bucks to deal with.


You don't think of it that way but you use it that way. Imagine if somebody could see all of your operational orders, all of your logistics, all of your communicaitons with command entities. That is the capability of an attack against your confidentiality mechanisms. This is an aspect of cyber warfare that is not considered often.

Compartmentalization in both the private and public sectors should mitigate much of the damage, and to my knowledge divvying up secret data and processes across a number of machines in various security realms has already reduced the risk of compromise to an acceptable degree. At least there's no report of any game changing hacking that's brought down a private company or annihilated a government office's ability to do work.


Now imagine if somebody could enter your systems and change data around. Instead of ordering bullets from the rear you order up potatoes. What if somebody was to change your operational and mission type orders so that you decrease the watch in particular areas at a particular time thereby giving opportunity to the enemy? That is an attack against the integrity mechanisms.

Fulfillment is already pretty inefficient, and most logistics operations I've seen in the private sector expect non-trivial screw ups anywhere along the delivery chain. Also, this is only a concern if you're sole means of communicating and verifying requests and responses are via TCP/IP. The game immediately changes once you add in an office manager or supply officer with a phone, a Rolodex, and a gruff, go-get-it demeanor.

Beware the l33t speaking anarchist, but don't be too fearful of him. He doesn't have the money, wherewithal or talent to pull off something immediately and intensely damaging (like knocking a communications satellite out of orbit or jamming multiple square klicks). For the most part, he's got some skill with PHP and VB and an account at various cracker sites and IRC channels where he can run through a HOWTO detailing the best way to recruit friends and spread malware. He might even know how to wardrive and take advantage of folks still using weak WEP. He can even do thousands of dollars of damage or compromise critical secrets. But he can't force you to react in narrowly predictable ways, and more importantly he can't disguise the fact your system's been penetrated for very long.

One other thing. I don't see exactly how Anonymous leaking Scientology documents they skim off CoS's servers is going to achieve much of anything. If CoS is so inclined, they can always disavow any leaked material that's damaging. It's not as if Anonymous has a trust mechanism in place to prove that what they've got is in fact genuine Scientology material.

Following on the heels of the Estonian conflict which was originally blamed on Russia and turned out to be a highly effective band of college students

Do you have a citation on that? My Eurasia guy is still writing about it as if it was an act of the Russian government.

Here is one of the stories they say he was an ethnic Russian. http://news.yahoo.com/s/afp/20080123/tc_afp/estoniarussiainternetcrimepolitics_080123193328

It says in the article he is a student but not where. Reading the article it looks like he isn't a Russian not Estonian. I made the leap that he was from the ethnic reference. I'm thinking though that when this is exposed it's college students using Kremlin computers as horse power much like we've seen in the past.

The collective Anonymous, an informal but notorious group of hackers and activists, also declared war on Sunday against enemies of Mr. Assange, calling on supporters to attack sites companies that do not support WikiLeaks and to spread the leaked material online.

*

The Internet group Anonymous, which in the past has taken on targets as diverse as the Church of Scientology and Iran, disseminated a seven-point manifesto via Twitter and other social networking sites pledging to “kick back for Julian.”

Gregg Housh, a prominent member of the group, said by telephone from Boston that an orchestrated effort was under way to attack companies that have refused to support WikiLeaks and to post multiple copies of the leaked material.

The Anonymous manifesto singled out PayPal, which cut off ties with WikiLeaks for “a violation” of its policy on promoting illegal activities, a company statement said.

“The reason is amazingly simple,” Mr. Housh said of the campaign. “We all believe that information should be free, and the Internet should be free.”

By late Sunday, there were at least 208 WikiLeaks mirror sites up and running.

“Cut us down,” said a message on the WikiLeaks Twitter feed on Sunday, “and the stronger we become.”

From
http://www.nytimes.com/2010/12/06/world/europe/06wiki.html?_r=1&src=twrhp

Google term : Cyber Militia

And yet the Church of Scientology and Iran don't seem to be any worse for wear these days.

From
http://www.nytimes.com/2010/12/06/world/europe/06wiki.html?_r=1&src=twrhp

Google term : Cyber Militia

And yet the Church of Scientology and Iran don't seem to be any worse for wear these days.

It does cost the companies money for bandwidth. In fact one of the issues that Wikileaks has had is paying it's bills. Apparently to ISP's getting paid is more important than national security. Any site hosting the material doesn't have much legal claim if it's attacked either to say the least, so they are more of an uncomfortable client than one like the RIAA, who has to pay for a lot of countermeasures.

Speaking of which, these files all enjoy copyright outside the USA, and inside the USA they're classified. The NATO documents I thought were supposed to be classified in NATO participating countries, but apparently those markings are meaningless. In any event it shouldn't matter who the complaining party is in a copyright case that much. If it works for stolen tracks of Metallica one would think a law could work on stolen classified documents.

It'd be a good thesis for someone, comparing historical militia effectiveness against 21st Century cyber militias ("Can unaffiliated cyber militias stay focused long enough to be effective? Will government-sponsored cyberwar be Anonymous' Long Island 1776?")

At least Assange learned from Dr. Strangelove, and publicized his Doomsday Device.


Julian Assange, the WikiLeaks founder, has circulated across the internet an encrypted “poison pill” cache of uncensored documents suspected to include files on BP and Guantanamo Bay.

Read more: http://www.foxnews.com/world/2010/12/05/wikileaks-ready-release-massive-insurance-file-shut/#ixzz17LVRZx53

It'd be a good thesis for someone, comparing historical militia effectiveness against 21st Century cyber militias ("Can unaffiliated cyber militias stay focused long enough to be effective? Will government-sponsored cyberwar be Anonymous' Long Island 1776?")

At least Assange learned from Dr. Strangelove, and publicized his Doomsday Device.


Read more: http://www.foxnews.com/world/2010/12/05/wikileaks-ready-release-massive-insurance-file-shut/#ixzz17LVRZx53

And yet they can't claim to be willing to release anything if they're otherwise legally choked off. I don't put it past them to start amending their desires to include jets to undisclosed locations & suitcases full of money, but other than not exposing the names it's their plan to dump all the documents they have.

The problem I see with the insurance file is a simple one. Who gains the most from those names? The US & NATO military missions suffer, presumably along with a pile of Afghans, Pakistanis & Iraqi citizens, not to mention anyone diplomatically connected with the US who have thus far evaded angry identification. The people who gain from their release are literally the enemies of the free world. So I am more concerned about some hostile actor targeting Wikileaks participants for assassinations that Mr. Assange seems hell bent on blaming the USA for no matter what.

Posted at 8:31 AM ET, 12/ 8/2010
4chan knocks MasterCard offline for WikiLeaks cutoff
By Rob Pegoraro

I hope you weren't planning on looking for a new credit card or finding an ATM at MasterCard's site this morning. The credit-card firm's Web presence has been largely unreachable for the past few hours after a coordinated attack intended to punish it for refusing to process donations to WikiLeaks.

Reports such as TechCrunch's post indicate the "denial of service" operation was coordinated through 4chan, a free-form message-board site that's been used to arrange numerous other sorts of Web mischief and sabotage, as well as a separate effort called Operation: Payback.

http://voices.washingtonpost.com/fasterforward/2010/12/4chan_knocks_mastercard_offlin.html



PayPal has admitted that the US Government was behind the company's decision to sever ties with whistle-blower site Wikileaks.

http://www.ibtimes.com/articles/90050/20101208/paypal-mastercard-wikileaks-twitter-hackers-julian-assange.htm

Anon and Assange are NOT cyber warfare. They aren't even really good hackers. Heck they are only recruiting about 500 hosts for their DDOS. The Russians brought 1000s to their parties back in the early 2000s. Calling today cyber warfare is hyperbole at best. It is mildly amusing though.

Anon and Assange are NOT cyber warfare. They aren't even really good hackers. Heck they are only recruiting about 500 hosts for their DDOS. The Russians brought 1000s to their parties back in the early 2000s. Calling today cyber warfare is hyperbole at best. It is mildly amusing though.

WWII and the Congo Civil War were different levels of the same mildly amusing thing.

It's something more like a water balloon fight. They're costing their targets some money and time, but not really all that much. This may escalate though. There doesn't seem to be anything permanently damaging going on though. This is a dangerous situation in many respect in that an awful lot of people think that they can act with impunity in part because there's been so little response on the part of the US or other countries. I expect this to stick with fairly tame activity for the most part. The attackers intentionally are not trying to do permanent damage for the little that it's worth. This also points out the potential use of cutting off individual countries from the services until attacks diminish from the countries. If other people can't use the service because of what's going on locally, well they won't be happy.

# Visa, PayPal, Amazon also come under attack through the night
# Hackers bring down Swedish government internet site
# Sarah Palin's personal credit card account and website targeted
# 5,000 'hacktivists' believed to be behind electronic onslaught

Read more: http://www.dailymail.co.uk/news/article-1336806/WikiLeaks-hackers-Operation-Payback-cyber-war-targets-Swedish-Government.html#ixzz17cwJndfX

*


Anonymous hackers' Wikileaks 'infowar' LATEST ROUNDUP
DDoS bombardment spreads: Op Payback to spare Twitter
http://www.theregister.co.uk/2010/12/09/operation_payback_anonymous_wikileaks_infowar_late st/

WWII and the Congo Civil War were different levels of the same mildly amusing thing.

Let me put this into another kind of context.

There are about 5K people in the Anonymous IRC. Of those about 1K are engaged in these DDOS attacks.

I have at my disposal right this second 509 dual core computers connected to an OC48. I can reach out with a few minutes time and pull capacity from another 2500 nodes. I'm a nobody and I'd likely get fired for using that much expensive iron for nefarious purposes.

Perspective.

But, lets say the government turned the National Lab System into a weapon and opened up TerraGrid (NSF) and walloped somebody with aprox 250K nodes (I've lost track). That'd be impressive if stupid.

This stuff ain't hard.

For fun and games my undergrads just cracked 56K M$ Windows (DOD SPEC by the way) passwords in their test program in a little under four days. Their target is 450K passwords in four days with tuning.

We consider three elements in information assurance {confidentiality, integrity and availability}. In order of decreasing difficulty (not nearly linear) they are integrity, confidentiality, and availability. We are currently looking at cracking SSL/TLS mid transmission and changing messages but that work is a ways out. A distributed denial of service (DDOS) is supremely easy to accomplish. Breaking into most corporate systems (confidentiality) requires some targeting knowledge but is middling easy.

So, I reserve the right to consider Anonymous cute. I like the creative way that they do things. I like the way they troubleshoot and get around systems. But, in the end a Verizon or AT&T could shut them down instantly. Ma Bell has the only atomic bomb on the Internet. Everybody else is fighting a guerilla action. In the end they are annoying people but could be charged with crimes. In fact I'm willing to bet a bunch of prosecutors are sharpening their warrants now.

They decrease the likelyhood of his release with their behavior. As with many political movements, they're passionately stupid.

I am appalled at the lack of LEO action during this debacle thus far.

So, I reserve the right to consider Anonymous cute. I like the creative way that they do things. I like the way they troubleshoot and get around systems. But, in the end a Verizon or AT&T could shut them down instantly. Ma Bell has the only atomic bomb on the Internet. Everybody else is fighting a guerilla action. In the end they are annoying people but could be charged with crimes. In fact I'm willing to bet a bunch of prosecutors are sharpening their warrants now.

Let me put this into another kind of context - alot of 'People's Movements' started out with a gaggle of poorly-armed amateurs, who were first viewed as jokes (I'll spare the Peanut Gallery the laundry list). Granted, Anonymous is a bunch of script kiddies & some talented teenagers (see also my first post, wrt their fizzled attempts to irritate Scientology).

When we here look at the varying levels of unconventional warfare, are there meatspace analogies to Anonymous? What's Anonymous' (or a similar groups') potential? The AK-toting 'child warriors' of Africa were/are notorious for their capacity to orchestrate violence, particularly when they're driven by some adults.

Let me put this into another kind of context - alot of 'People's Movements' started out with a gaggle of poorly-armed amateurs, who were first viewed as jokes (I'll spare the Peanut Gallery the laundry list). Granted, Anonymous is a bunch of script kiddies & some talented teenagers (see also my first post, wrt their fizzled attempts to irritate Scientology).

When we here look at the varying levels of unconventional warfare, are there meatspace analogies to Anonymous? What's Anonymous' (or a similar groups') potential? The AK-toting 'child warriors' of Africa were/are notorious for their capacity to orchestrate violence, particularly when they're driven by some adults.

you assume you're dealing with a peoples movement when looking at assange and wikileaks. that is likely an error. I do not see a large population being mobilized I see a few with tools. that though is not necessarily bad or even relevant as technology has a tendency to enhance the power projection of smaller groups. large scale protests in cyber space have little effect in meat space so far. until people are mobilized into the street the effect on society beyond the connected few just doesn't scale. we could talk about zapatista movements, and iranian revolutionaries but most people have no clue there was even digerati involved.

anonymous may not have a kinetic conflict analog. simply they may exist in some new aspect as previously undiscovered. new domains have new elements. there were no submarine analogs taken from the land army. the submarine was something entirely new. i would suggest that the anonymous group is more like a bunch of skateboard punks having fun at the expense of others and just about as dangerous. can they break into your store, ruin your furniture and cause major chaos? absolutely but they aren't going to be taking over third world countries.

the level of cohesion and thought behind wikileaks and anonymous simply does not suggest large scale capability or strategic thinking. that could change. there could be a fagin training the orphans to steal but i'm more inclined to believe they simply steal.

The activity of Anonymous is mainly one meant to be protest. Keep in mind, for all the various attention that they get from their activities, no one is referring to them as any sort of `defacement group' or using language that would characterize a pattern of permanently destructive activity. This stuff is online protest, there's a real difference in context of the activity. The 2600 groups press release discouraging these attacks speaks volumes about how politically witless they are, and about how much they are not attacks in a context of warfare.

Context of negative online actions is fairly important, because of timing and application. In this case, using these tools on these targets (Visa etc.) is having very limited effects, but in other contexts the outcomes can be different. The best example of that thus far is Georgia, where similar efforts had a far more consequential effect.

There is a huge difference where there are any sorts of effect on anything kinetic. The difference between taking out a system designed to allow the porn industry to do online commerce, and one designed to route ambulances during a disaster is obvious, but the methods used could be the exact same ones.

These contextual questions, in combination with technical aspects of the types of activity are one of the things that make this a difficult subject. It's made even more difficult when the context switches from one involving some sort of organizational operations by an entity, and a context involving information operations. My impression is also that things can go from bad to worse quickly based on misperceptions and misinformation, & Wikileaks has proved to be no end of that quite purposefully. So much so that it has caused the group & supporters to splinter pretty seriously.

Timing seems to matter an awful lot. Action biases matter a lot too.

I'm going to be far more interested in some respects in the involvement of technology in the attack on Prince Charles's car in the UK. Imagine for a moment if those attacks were part of a riot over Wikileaks material rather than school tuition, and the Prince had been injured fatally. Given the sustained quasi-idiotic protests in Australia , given they're running around protesting over rights they don't have in a country that's not their own, in a different context and this is not too far fetched a scenario. Had that occurred in a less civilized location it might have been an RPG someone shoved through the window rather than a stick...

Avoiding the cables themselves was slightly easier before there were piles of mirrors all over. In this case the original source material isn't so useful as the information itself, so not its fairly simple not to look at it directly. On the other hand, all the global yammering doesn't make it easy. I was entirely able to avoid seeing any of the Iraq & Afghan material with no trouble. Not so the cables. My untroubled conscience is more than enough reward for avoiding material that is fairly useless to me to begin with. It's ironic that about the only thing needed to quash most of the mirroring that's occurred would have been some assertion of copyright internationally, yet no one in the US has chosen to do that. The bright side is I doubt any of this will get any worse.

Solil: I read your blog entry and liked it a great deal. I'd take some issue with your characterization of Metasploit as lowering the bar too far. I'd reserve that characterization for the whole crimeware market personally.

Solil: I read your blog entry and liked it a great deal. I'd take some issue with your characterization of Metasploit as lowering the bar too far. I'd reserve that characterization for the whole crimeware market personally.

I'd have to agree with you. Thinking about it, the entire BackTrak and other penetration testing tools suites really are part of an ecosystem. Not one I'd really like to see go away as they truly are dual use. No, I think your critique about the crimeware market is valid.

RUMINT was that some trolls on the Anonymous site told a bunch of the users of LOIC that the IP for the anon website/IRC was in fact the IP for the Paypal site, so those users ended up blasting the anon site off the net instead.

Doh.

Anonymous Hackers Target Alleged WikiLeaker Bradley Manning's Jailers

http://blogs.forbes.com/andygreenberg/2011/03/07/anonymous-hackers-target-alleged-wikileaker-bradley-mannings-jailers/


Anonymous hackers name Department of Defense Press Secretary Geoff Morell and chief warrant officer Denise Barnes as targets and call on members to dig up personal information on both, including phone numbers, personal histories and home addresses. The goal of the operation, for now, is to “dox” the two officials, the typical Anonymous method of publishing personal information of victims and using it for mass harassment.

. . . doxing will likely include “ruin life tactics” such as “ordering them pizza, sending them thousands of boxes, reporting them to police for drug abuse, sex offenders list, tricking their ISPs into canceling the Internet, messing with their social security numbers, false flag, fax harassment, phone harassment, email bombing, subscriptions to magazines, diapers, tampons.”

Can DOD Information Assurance and Computer Network Defenders protect Morrell and Barnes, or will they be pwned?

If Anonymous is considered a virtual militia, is this a Paramilitary Information Opposition Operation?

I don't have a position on Manning's treatment since I don't know anything beyond what I read in the papers. But if this group does attack people as a result of their performance of official duties, it would seem that law enforcement would have a grounds to take a range of actions against them. History is full of individuals and organizations convinced they were smarter than "the system" who eventually found otherwise.

This type of activity clearly crosses the line from being protest to a direct attack. While the groups volunteers in the hive might want to characterize this sort of activity as being 'direct action' in a context of protest, it stands in contrast to other groups who engage in acts of civil disobedience. I don't think I've read about any instances where people have sought out to personally attack a press secretary. This is a person whose role is to be a messenger after all.

While on an emotional level the idea of Mr. Manning enjoying serious and prolonged discomfort is something I find quite satisfying, on a practical level my concerns are different. I firstly am concerned that even given Assange's expressed prior intent to use whoever came his way to attack the US, that his counsel is not examining those matters explicitly & offering advice that reflects the nature of how his client has been ill used. Secondly, I am concerned that the conditions of Mr. Manning's incarceration, while technically justifiable, are doing more harm than good with public relations. Thirdly, there is the question of protecting DoD & government personnel, given that Mr. Manning seems to be enjoying counsel that can only be described as bordering on being irresponsible press whores, I can't see how it will be all that easy to conduct normal legal business.

At what point are kinetics on the table?

Seems to me that both Morrell or Barnes have a right to self defense, and that, by extension the US Gov't has a duty to vigorously find and defeat this threat. And i don't mean better anti-virus protection.

This is a direct threat to the sovereignty of the US. These hackers constitute a clear and present danger and need to be dealt with rather rapidly and rather aggressively. They are terrorists. No different then Al Qaeda.

But instead, we'll try to "understand" them and deal with them as if they are small time hoods.

:facepalm:

But if this group does attack people as a result of their performance of official duties, it would seem that law enforcement would have a grounds to take a range of actions against them.

NCIS could sic McGee on 'em. The real NCIS will probably have some involvement. State of Virginia might take some interest. But most of this probably won't rise to the level of felonies so what actions might law enforcement bother to take?

At what point are kinetics on the table?

No sooner than Inaugaration Day, 2013, and probably not then. Do you want to give them martyrs?


. . . the US Gov't has a duty to vigorously find and defeat this threat.

But does .gov have the talents, resources and permission to successfully engage and defeat Anonymous? NSA probably does, but what should they quit doing to reprioritize Anonymous to the head of line?


This is a direct threat to the sovereignty of the US. These hackers constitute a clear and present danger and need to be dealt with rather rapidly and rather aggressively. They are terrorists. No different then Al Qaeda.

U. S. sovereignty isn't directly threatened. The PERSEC of a senior civil servant and of a serving Marine are directly threatened. Harrassment is not terrorism. Anonymous is very different from Al Qaeda. Anonymous is not a monolithic, organized organization. Some are bad, some are good, some bad Anons are good some days, mosts Anons are low skilled cannon fodder but some have real skills. Not prudent to ignore them, but not a good idea to make more out of them than they really are.

State of Virginia might take some interest.

After they get done making plans for ice sculptures in hell, they might find the time to think about it. They compete with Texas over who can do more executions after all. Between the large amounts of hard core conservatives in the south west of the state, and the large amount of military and government workers in the east and north, I can't think of a less sympathetic constituency.

I think that they would probably openly snicker at anyone suggesting that they do as much, not to mention that they have no jurisdiction. Explaining that they have no jurisdiction would be the part where they caved in to expressions of glee I'd bet.

No sooner than Inaugaration Day, 2013, and probably not then. Do you want to give them martyrs?

Yes. Number one qualification for martyrdom is death. That's a good start.



U. S. sovereignty isn't directly threatened. The PERSEC of a senior civil servant and of a serving Marine are directly threatened. Harrassment is not terrorism. Anonymous is very different from Al Qaeda. Anonymous is not a monolithic, organized organization. Some are bad, some are good, some bad Anons are good some days, mosts Anons are low skilled cannon fodder but some have real skills. Not prudent to ignore them, but not a good idea to make more out of them than they really are.

Cannot agree with you here at all. These people are threatened directly because of the work they do at the behest of the Government. The threats and actions against them are in direct response to the exercise of their job. This is classic terroristic action. Cow someone into not doing what they should be doing by direct or indirect threat. Terrorists, however they manifest their evil, should be dealt with harshly and without mercy.

"Anonymous" has to show they are a force for good. I put them in the same category as "moderate Islam". We've heard of it, and people claim they are, but they never seem to have much to say against the bad actors.

If Cyberspace is truly to be treated as a discreet warfighting function, we cannot pussy-foot around with these caveats and differences.

So, Smersh Spionem (Smersh hacker-em?) to folks like this.

currently there is no ladder of force that can be applied to cyber space. as a war fighting and law enforcement function you need to identify the threat (specifically) and use only the force necessary to subdue the suspect or adversary (or risk perfidy and prosecutorial issues). as such jumping straight to kinetics (of any type) likely sounds good to pundits but fails the test for actual governance and law enforcement. since there is no ladder of force an incremental policy starting with the least and working up towards a substantial exercise of prejudicial and nation-state power is a more likely course of action. of course there are a lot assumptions as to the group anonymous and their goals and motivations. there is also an under-lying assumption that they are not a state sponsored group. i'm not sure why if you add cyber state-sponsored gets tossed under the bus so quickly.

http://www.msnbc.msn.com/id/41972190/ns/technology_and_science-security/


“It’s a guerrilla cyberwar — that’s what I call it,” said Barrett Brown, 29, who calls himself a senior strategist and “propagandist” for Anonymous. He added: “It’s sort of an unconventional, asymmetrical act of warfare that we’ve involved in. And we didn’t necessarily start it. I mean, this fire has been burning.”


“Our people break laws, just like all people break laws,” he added. “When we break laws, we do it in the service of civil disobedience. We do so ethically. We do it against targets that have asked for it.”


Asked about the group’s capabilities, he said, “Well, they keep increasing, but I can tell you that our capabilities are such that, we can, for instance, go into the servers of a federal contracting company … take those servers down, delete backups, take all internal emails, take documents, shut down the websites of the owners of those companies, take everything from those websites, ruin the lives of people who have done it wrong … harass them, make sure they’ll never work again in this particular industry.

“We can expose people. We can go to the media with things, we can give them scoops. We can give them information about companies and their wrongdoing. We can organize protests —anywhere across the globe. We can get the attention of the national conversation if we need to.”

Brown is employing PSYOP and Morale Operations while claiming to be a propagandist and strategist of a group of Irregular Computer Network Attackers, seemingly confident that lawfare will protect him from any .gov attempts to prosecute him.

... on Sunday


Another monkey knife-fight. (http://images.nonexiste.net/images/irc/2010/12/24/monkeyKnifeFight.jpg)


(CNN) -- The Internet hackers group Anonymous plans to hack Iran on Sunday, according to a press release published on their website. The group wants to use International Workers' Day, which commemorates the first national general strike in the United States, as an opportunity to reignite last year's protests in Iran.
Exactly how they intend to "attack" Iran remains to be seen. The sophistication of their previous attacks ranges from the denial-of-service overloading of web servers (this simply knocks a website out) to the exploitation of code and accessing of private data (more like the hacking seen in the movies).

http://www.cnn.com/2011/WORLD/meast/04/30/iran.hackers/index.html?hpt=T2

NATO leaders have been warned that Wikileaks-loving 'hacktivist' collective Anonymous could pose a threat to member states' security, following recent attacks on the US Chamber of Commerce and defence contractor HBGary - and promise to 'persecute' its members.

Read more: http://www.thinq.co.uk/2011/6/1/nato-report-threatens-persecute-anonymous/#ixzz1O5b4p0e5

Read more: http://www.thinq.co.uk/2011/6/1/nato-report-threatens-persecute-anonymous/#ixzz1O5b4p0e5

I suggest these "smart guys" at NATO are looking under the wrong bush.

Google reveals China hacked Gmail accounts of senior U.S. officials... one day after Obama's cyber attack warning (http://www.dailymail.co.uk/news/article-1393333/Google-reveals-China-hacked-Gmail-accounts-senior-U-S-officials.html)


The security breach was revealed as the Pentagon warned that the U.S. may retaliate with military force against countries that sabotage its computers.

The operative word being may... and if it should be China the answer is may turns to never. I know that, the Chinese know that but do the Americans who make these ridiculous statements know and realise that they are making fools of themselves?

Listen to this clown:


‘If you shut down our power grid, maybe we will put a missile down one of your smokestacks,’ a military official told the Wall Street Journal.

Yea right.

Minor clarification...


The Pentagon will reclassify cyber attacks as an aggressive act if it causes the equivalent loss of life or damage to infrastructure as a conventional military attack

Certainly nobody's going to fire off missiles in retaliation for cyber espionage, any more than they would in retaliation for conventional espionage. Of course the US is doing the same thing to China, but the Chinese don't howl to the press when they find out about it.

Everybody spies on everybody else, with whatever tools are available. This is nothing new.

Minor clarification...

Certainly nobody's going to fire off missiles in retaliation for cyber espionage, any more than they would in retaliation for conventional espionage. Of course the US is doing the same thing to China, but the Chinese don't howl to the press when they find out about it.

Everybody spies on everybody else, with whatever tools are available. This is nothing new.

Of course you, I and the Chinese know that there is no chance of US military retaliation in response to a cyber attack.

Now all that remains is to make sure that these idiot "spokesmen" keep their damn mouths closed.

The title intrigued me and I looked at the original source - IMHO a very low profile component of NATO:
The NATO Parliamentary Assembly is the inter-parliamentary organisation of legislators from the member countries of the North Atlantic Alliance as well as 14 associate members. The Assembly provides a critical forum for international parliamentary dialogue on an array of security, political and economic matters. Its principal objective is to foster mutual understanding among Alliance parliamentarians of the key security challenges facing the transatlantic partnership. Assembly discussions and debates make an important contribution to the development of the consensus that must underpin Alliance policies.

Or shorter:
The Assembly is directly funded by member parliaments and governments, and is financially and administratively (my emphasis) separate from NATO itself.

Link:http://en.wikipedia.org/wiki/NATO_Parliamentary_Assembly

Sounds like a 'quango' to me, or simply a "jolly" for low profile MPs. Take for example the Vice President from the UK, Hugh Bayley; his own website makes no mention of his NATO PA role and he has only once been a very junior minister for state benefits.

The report itself opens with:
Until this document has been approved by the Committee on the Civil Dimension of Security, it represents only the views of the Rapporteur.

The author, Lord Jopling, was a Chief Whip and junior farming minister in the 1980's. Hardly a political "heavyweight".

This is not a NATO report and would be rather different if titled 'Draft report by unknown body using prefix NATO to boost itself'.

I suggest these "smart guys" at NATO are looking under the wrong bush.

See also http://council.smallwarsjournal.com/showthread.php?t=13412


Yea right.

Dat's da Chicago way! (http://www.youtube.com/watch?v=2ScvAJG51V4)

Of course you, I and the Chinese know that there is no chance of US military retaliation in response to a cyber attack.

Now all that remains is to make sure that these idiot "spokesmen" keep their damn mouths closed.

I don't know what the US response to a cyber attack that "causes the equivalent loss of life or damage to infrastructure as a conventional military attack" would be. I'm not even sure that a cyber attack can do that kind of damage, outside the realm of theory. I also doubt that we'll have a chance to find out, as there'd be little advantage to anyone in such an attack.

I don't know what the US response to a cyber attack that "causes the equivalent loss of life or damage to infrastructure as a conventional military attack" would be. I'm not even sure that a cyber attack can do that kind of damage, outside the realm of theory. I also doubt that we'll have a chance to find out, as there'd be little advantage to anyone in such an attack.

Yes that is wide enough a description with enough wriggle room to never have to react militarily. Phew.

I don't know what the US response to a cyber attack that "causes the equivalent loss of life or damage to infrastructure as a conventional military attack" would be. 1) I'm not even sure that a cyber attack can do that kind of damage, outside the realm of theory. 2) I also doubt that we'll have a chance to find out, as there'd be little advantage to anyone in such an attack.

1. Then you're not being very imaginative : combined or alone - shut down a nuclear power plant's cooling process, turn off the electrical grid during a blizzard, open sluice gates on dams during a flood, etc, ad naseum.

eg, from Pg 15
http://www.nps.edu/Academics/Centers/CTIW/files/substate_conflict_dynamics.pdf

By the hacker’s own assessment, the disagreement over tactics was in part based on a different approach to conceptualizing problems. When the group was discussing attacking oil pipelines, everyone, including the hacker, talked about bombing it. But the hacker moved from this approach to discussing the pipeline as an information system (cf. pp. 58 and 59). It could be shutdown, he proposed, by attacking its control system. This suggestion was not taken up by the other practitioners, evidence to the hacker that they did not see that the world was really composed of systems and networks and that understanding these was essential.18

This is from 2004 -


Figure 3: Historical examples of successful cyber attacks
In the open source realm, documented accounts of cyber attacks have been plentiful in light of
the security danger such reports pose. There have been many serious instances of cyber attacks
causing SCADA499 systems and other computer networks to malfunction as a result of accidental
or targeted and malicious intent. The summary below, presented by category, details incidents of
recent attacks against and disruptions of critical infrastructure and sensitive computer networks.
Air and Ground Transportation
In January of 2003, Continental Airlines based in Newark, NJ was forced to ground flights due to
system inoperability caused by the SQL “Slammer” virus.500
Banking Systems
In January of 2003, Bank of America had 13,000 ATM machines rendered inoperable due to the
SQL “Slammer” virus.501
Dams and Waterways
A well-documented and oft-quoted incident refers to a known case in 1998 when a 12-year old
hacker broke into the computer system controlling Arizona’s Roosevelt Dam’s floodgates.
According to sources, the hacker had complete control of the command SCADA system for the
dam and could have flooded the city of Phoenix.502
Another well documented incident refers to the April 23, 2000 arrest of Vitek Boden, a man who
successfully intruded into a Queensland, Australia wastewater management system 46 times. For
two months, the attacks were a mystery to investigators as Boden dumped hundreds of thousands
of gallons of waste into parks, rivers, and commercial properties.
http://www.ists.dartmouth.edu/docs/cyberwarfare.pdf
2. Little advantage to an active opponent of the United States, other than the whole point of causing mass casualties to an enemy.

Hacker group Anonymous continued an assault on government contractors Monday as it released 90,0000 military email addresses, passwords and some other data from military contractor Booz Allen Hamilton.

The group released a 190MB torrent, which eWEEK said includes "login information of personnel from US CENTCOM, SOCOM, the Marine Corps, Air Force facilities, Department of Homeland Security, Department of State and other private sector contractors."

Anonymous, which got a little clever with its seafaring references, said it was shocked at the lack of security on one of the company's servers.

http://www.pcworld.com/article/235459/anonymous_releases_90000_military_email_addresses_ continues_assault_on_government_contractors.html

Hacktivists with the collective Anonymous are waging an attack on the website for the White House after successfully breaking the sites for the FBI, Department of Justice, Universal Music Group, RIAA and Motion Picture Association of America.
In response to today’s federal raid on the file sharing service Megaupload, hackers with the online collective Anonymous have broken the websites for the FBI, Department of Justice, Universal Music Group, RIAA, Motion Picture Association of America and Warner Music Group.
“It was in retaliation for Megaupload, as was the concurrent attack on Justice.org,” Anonymous operative Barrett Brown tells RT on Thursday afternoon.

http://rt.com/usa/news/anonymous-doj-universal-sopa-235/



"The government takes down Megaupload? 15 minutes later Anonymous takes down government and record label sites," the Anonymous Twitter feed read.

That note was followed shortly by this one: "Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK." The tweet referred to the Stop Online Piracy Act, an Internet piracy bill being considered in the U.S. Congress.
http://www.pcworld.com/businesscenter/article/248445/anonymous_retaliates_for_megaupload_shutdown_attac ks_doj_others.html

In a rampage following the U.S. government’s takedown of file-sharing site MegaUpload, the hacktivist group Anonymous not only knocked the CBS.com website offline on Sunday, but deleted all its files.

As described by Gizmodo, “The CBS takedown wasn’t your regular DDoS attack because if you went to CBS.com at the time Anon attacked it, there was nothing except an index page with a single file. That’s it. Basically, Anonymous gained access to CBS.com and deleted EVERYTHING.”

http://www.rawstory.com/rs/2012/01/22/anonymous-briefly-deletes-cbs-com-from-the-internet/

Hack collective Anonymous has apparently targeted the Irish government in its latest DDoS attack wave, protesting proposals for its version of the US SOPA anti-piracy act. The Irish Department of Justice and Department of Finance sites were taken offline early on Wednesday morning this week, a government spokesperson confirmed to the Irish Times, the downtime on each lasting roughly an hour.

http://www.slashgear.com/anonymous-targets-irish-government-over-piracy-laws-claim-reports-25210673/

Oh those wacky kids... (http://i.imgur.com/ss59D.jpg)

Hackers from the group Anonymous have broadcast a private conference call between the FBI and Scotland Yard exposing details of an international cybercrime investigation, the FBI has confirmed.

The FBI and Scotland Yard admitted that the security of the call had been breached.

http://www.guardian.co.uk/technology/2012/feb/03/anonymous-hacks-call-fbi-scotland-yard

I made mention of this in the Haditha thread, but Anonymous is beginning to become a threat to national security.

Am I just paranoid about the perception, versus a bona fide threat?

In Haditha thread, my post re: Anonymous and V for Vendetta (http://council.smallwarsjournal.com/showpost.php?p=131924&postcount=163).

Regards

Mike

Can we start killing these guys/gals now?

Can we start killing these guys/gals now?

There's a so-called "irony" smiley ;) .
You can add it on top of a post (see above) or in text with ";" followed directly by a ")".

I assume you forgot this, for otherwise I gotta say I'd disrespect you and your ethics totally.

Can we start killing these guys/gals now?

If we can't arrest them, what makes you think that we can locate them to kill them? I doubt they're hiding out in Waziristan.

We're in trouble on this one.

Our agents inside the OAS can't pin him down, since not even the OAS knows who he is.

Action Service can't destroy him; they don't know who to destroy.

The gendarmes, all forty-eight thousand of them, can't pursue him; they don't know who to pursue.

The police can't arrest him. How can they? They don't know who to arrest.

Without a name, all other proposals are meaningless. The first task, then, is to find it. We get a name, we get a passport and a face. And with a face, we get an arrest. But to find his name, and to do it in secret, is a job of pure detective work.
...
I don't think I've ever heard of a political killer in this country. It's not our style, is it?
...
We can't find him. He's vanished, just disappeared off the face of the earth. I don't think we really ever had any idea what kind of a man you've been pursuing for the last two weeks.
...
There's no question of Her Majesty's Government ever conceding the fact that this Jackal was an Englishman. So far as one can see, there was a period when an Englishman came under suspicion, but he has now been cleared. Certainly, the Jackal masqueraded as an Englishman, but he also masqueraded as a Dane and as a Frenchman. So there's no way of proving his identity at all.
...
But if the Jackal wasn't Calthrop, then who the hell was he?

LINK (http://www.imdb.com/title/tt0069947/quotes).

Regards

Mike

Well, I agree with the “dilemma” word, but the dilemma is bigger than that. In this case, you first have a US Congressman criminalizing a legal combat action under the Laws of War with unsubstantiated allegations. He creates such a media frenzy, his political sound bits become a public perception which the senior leadership of the military responds to after they are won over by the perceptions. The military legal system sorts out all the truths and bad perceptions (to a degree). Now, instead of recognizing that a system worked we have enable criminals and cowards to legitimize themselves by hacking a legal defense team website. As one who has corresponded with the defense team, I am proud and flattered to see my name displayed and associated with the defense team on the hacker’s site. Mentioned in “dispatches” …I am honored. :)

I made mention of this in the Haditha thread, but Anonymous is beginning to become a threat to national security.

Am I just paranoid about the perception, versus a bona fide threat?

Having been on the receiving end of AntiSec's very thorough and devastating hack over Christmas, and spending several weeks digging into the Anonymous/AntiSec activities (and still waiting for the other shoe to drop), the threat is real and growing.

However, I perceive that there are some confusing dynamics in play that the media doesn't bother to clarify.

AntiSec is a highly malicious offshoot from Anonymous. However, any 7th grade computer whiz who plays around with hacking can "become" Anonymous simply by claiming to be -- the nature of the beast being what it is. But the AntiSec subset is much more specialised, and is likely to be a very small clique. The attack on STRATFOR was a large departure from previous Anonymous DDoS and site defacing activities.

The dude Sabu (#RealSabu) is tied to AntiSec, but from what I've seen the publicity 'ho "Anonymous spokesman" Barrett Brown is self-appointed and has no direct involvement with the highly destructive AntiSec activities. Anonymous is a nebulous and disorganised 'movement' -- not the monolithic 'group' that the press makes it out to be -- making a self-styled spokesman rather difficult to take seriously. The Twitter feeds for AntiSec and RealSabu display only dismissive disdain for Barrett Brown's "spokesman" activities.

By the way, I'm not defending anyone...I detest them all, and happily use printed Guy Fawkes masks for targets at the range, often. But, as y'all know, the threat cannot be effectively addressed until it is accurately identified and pinned down.

You should be:


As one who has corresponded with the defense team, I am proud and flattered to see my name displayed and associated with the defense team on the hacker’s site.

I thought about going to look at the hack; but read a couple of "reviews" that most all of the material had nothing to do with Haditha. That suggested to me that I really had no need to know.

However, I did think about whether the Great Bear and his correspondence were among the hackees. In any event, you were "outed" well before any hacks by your own kicking ass upstairs. :)

In this particular case, the hackers may have deligitimized themselves by doing a full dump of the hack. I expect that so far as they were and are concerned, it is not material to them that collateral damage was done to people having nothing to do with Haditha. But, that may be material to some who otherwise would have supported their actions.

Regards

Mike

WASHINGTON The hacker-activist group Anonymous says it hijacked the website of the U.S. Sentencing Commission to avenge the death of Aaron Swartz, an Internet activist who committed suicide.

The website of the commission, an independent agency of the judicial branch, was taken over early Saturday and replaced with a message warning that when Swartz killed himself two weeks ago "a line was crossed."

http://www.cbsnews.com/8301-205_162-57566003/hackers-take-over-govt-website-to-avenge-swartz/

Federal Reserve hacked


US central bank confirms intrusion after hacktivist group Anonymous was claimed to have stolen 4,000 bankers' details

http://www.guardian.co.uk/business/2013/feb/06/federal-reserve-anonymous

Revenge hack.

Anonymous claims to have hacked the United States' State Department website and captured a database, which has now been published on the Internet.

The data dump by the hacktivists contains the names and email addresses of State Department consular and careers staffers and in some cases, their phone numbers and date of birth.

Usernames are also found in the database dump. Searching state.gov and other sites shows that several email addresses and other data match State Department staffers in the United States and legations around the world.

http://www.itnews.com.au/News/333684,anonymous-dump-us-state-dept-database-on-the-web.aspx