Getting squeezed from both ends: the I’net

The utility of the I’net is being squeezed both by legislation and by activists. The legislation is usually under the banner of intellectual property protection or unwarranted personal harassment. The activists tend to go for unwarranted business harassment. Slashdot says the Vatican Attack Provides Insight Into Anonymous and refers to a CNBC story In Attack on Vatican Website, a Glimpse of Hackers’ Tactics.

The campaign against the Vatican, which did not receive wide attention at the time, involved hundreds of people, some with hacking skills and some without. A core group of participants openly drummed up support for the attack using YouTube, Twitter, and Facebook. Others searched for vulnerabilities on a Vatican website and, when that failed, enlisted amateur recruits to flood the site with traffic, hoping it would crash, according to a computer security firm’s report to be released this week.

“We have seen the tools and the techniques that were used in this attack used by other criminal groups on the web,” said Amichai Shulman, Imperva’s chief technology officer. “What set this attack apart from others is it had a clear timeline and evolution, starting from an announcement and recruitment phase that was very public.”

It took the hackers 18 days to recruit enough people, the report says. Then the reconnaissance began. A core group of roughly a dozen skilled hackers spent three days poking around … Probing for such loopholes used to be tedious and slow, but the advent of automated tools made it possible for hackers to do this while they slept.

In this case, the scanning software failed to turn up any gaps. So the hackers turned to a brute-force approach

“Anonymous is a handful of geniuses surrounded by a legion of idiots,” said Cole Stryker

Over the course of the campaign’s final two days, Anonymous enlisted as many as a thousand people to download attack software, or directed them to custom-built websites that let them participate using their cellphones.

Researchers who have followed Anonymous say that despite its lack of success in this and other campaigns, recent attacks show the movement is still evolving and, if anything, emboldened.

Security experts now say that a sort of open season has begun.

How do these people rationalize their attacks on others? They seem to think the end justifies the means.

“Anyone can be Anonymous, because we are an idea without leaders who defend freedom and promote free knowledge.”

Computer technology leverages the capabilities of individuals. This is why the ‘robo call’ phenomena did not appear until computers were available to compile databases of telephone numbers, dial telephone numbers, and play voice messages – all outgrowths of the landline modem technologies used ca 1990 to connect to networks.

The attacks do generate a response. The legal remedies have been rather mild so far as it is difficult to track down specific culprits and jurisdiction can be difficult, too. Defences have improved (as the Vatican attack story illustrates) both in terms of underlying software hardening and network management practices.

Still, the risk is low and the rational sounds good if not examined. With so many people on the I’net, it becomes easy to recruit an army for malfeasance as is done by Anonymous. The risk will increase as the attacks become more obnoxious but the real solution will be in ‘educating’ the gullible so that people will have a less favorable outlook on unethical and illegal and improper behavior.

Comments are closed.