Thursday, June 16, 2011

Hacktivists

Since last few months there has been a flurry of attacks on prominent websites by 'Hacktivists'.  Calling the victims of these attacks 'websites' is an understatement, they are corporations, government agencies and even banks.  It roughly started after the sensational release of classified US cables by WikiLeaks. 
This was entailed by DDoS (Distributed Denial of Service) attacks against PayPal, Visa and MasterCard by a group to retaliate their blocking of payment service to WikiLeaks.  It was perhaps not taken seriously then, as the attacks entailed disabling the websites.  No data was lost or stolen.  The message was clear, though, anyone playing with freedom will have to play the price.  They called themselves 'The Anonymous'.  Their punchline is :  "We don't forgive, We don't forget, We are legion, Expect us".

'Anonymous' launched hack attacks against the agencies that did harm to freedom of speech or challenged them directly.  In one instance they hacked the website of Westbro Baptist Church during a live interview when they were instigated.  Here is the video.  It was pretty cool, the yapping Westbro representative was instantly silenced.  This showed how daring and capable these guys are. 

Later, Anonymous launched attacks against Koch industries, who had earlier sued an African activist when she tried to portray the abject destitution in Africa by an image of a lanky black kid with an ornamental purse in his hand.  Koch argued that the purse looked like their brand and it was harming them.  Anonymous hacked their websites.

Recently a group that calls itself 'LulzSec' (Lulz Security) was in news after they left this message condemning NATO (yes, the almighty US backed North Atlantic Treaty Organization) for taking action against Anonymous and LulzSec.  Perhaps the worst attack was the one on Sony corporation.  They have lost important customer information (including credit card numbers).  The info was posted online.  Lulz hacked them again and again.  The reason that Lulz gave for these attacks where the class action of Sony against a developer who hacked the PS3 that he owned and used it to play XBOX games. 
Sony has so far has had $117 million in losses due to the attack.  This became a serious threat.  But it also exposed the poor security infrastructure of Sony.  They were storing passwords as plain text as opposed to encrypted.  Not all data was on secure networks.  Lulz called it like putting your wallet in a corner of New York subway and then expecting no one to notice it.

Another serious attack was against RSA (secure token organization).  Their token algorithm was hacked and compromised.  This meant the hackers could generate the codes and login to otherwise secure networks.  RSA ordered to replace all hard tokens.  Later that week, the CIA website was taken down and a message was posted on Twitter, making fun of CIA and Anonymous.

A kind of civil war started between Anonymous and Lulz when Anonymous called Lulz an immoral organization.  In reality, Lulz is a group of hackers formerly in Anonymous.  Lulz claim that they are everything that Anonymous wanted to be, but could not.  They even hacked the 4chan website on which Anonymous posts its action

Having said all this, I feel it's unethical to hack websites and demand something at gunpoint.  True, the hacker groups are famous among nerds, but they serve little to society.
Post a Comment