Anonymous, contrary to what you may hear, is not dead, and it probably never will be. Still, it’s been a rough week for said loose confederation of hackers, especially the offshoot LulzSec. One of the most respected members of LulzSec turned out to be a federal informant. A well-known Anon, Jeremy Hammond, has been arrested as a result, and there have been arrests across the globe. Somebody even ripped off the banking details of some of their members by hiding a Trojan in a malicious tool.
So, what happened? Well, two things, really: some Anons started believing their own hype, and they started angering the wrong people.
There are some experienced, intelligent, and dangerous hackers in Anonymous who were a part of LulzSec; Jeremy Hammond was one of them, and there are plenty of others. But most Anons are teenagers, if not in body, then in spirit, and teenagers tend to think they’re invincible. Especially if they’re even remotely better than somebody else at something.
And, realistically, there’s a limit to how much the FBI or other security agencies really care about teenagers running around the Internet, tearing down virtual posters. Shutting down a website is not hard at all, if you know what you’re doing, but inevitably whoever is doing it will stop, probably sooner rather than later. It’s why the Feds don’t spend that much time on graffiti cases: they’ve got better things to do. They know the kid screaming about anarcho-capitalism will go to college, get a job, and stop yelling.
So to a lot of Anons, they’re a dangerous untouchable badass. To the FBI, they’re an annoyance not worth dealing with.
And most of what LulzSec did was more annoying than anything else: witness their mistreatment of EVE Online players, for example. It’s irritating, but nothing worth spending energy on.
Still, something like Operation AntiSec, which hacked dozens of government websites and servers across the world? That’ll get their attention, although considering that Sabu became a government informant two weeks before the operation, questions remain about who set it up and whether it would have happened without their direct involvement. Once you set yourself up as even a remotely credible threat, look out.
So how did they track Sabu, aka Hector Monsegur, down? Likely fairly easily.
It’s not actually that hard to track most people down in real life if you really want to, even if they’re covering their tracks, which they probably aren’t. Hackers do it to each other all the time — it’s called “doxing.” Realistically, all the FBI had to do was wait and somebody they could lean on would be outed eventually.
And he was. Odds are pretty good all the FBI really had to do to find Hector was to Google his handle, and then get a warrant to watch his connection. From there, the dominoes fell.
It’s unlikely groups like LulzSec will go away, or that anti-security operations will stop. Leaving aside the angry kids, there are genuinely committed political activists who want to root out what they see as corruption or failure within their governments. Even the FBI probably doesn’t believe they’ve done anything to slow down hacktivism.
But they have made their point: nobody is invincible, and if you want to pick fights, be ready for the results.
(Image courtesy OperationPaperStorm on Flickr)