You may not have heard about the group Anonymous, but that doesn’t bother them. It wouldn’t stop them from taking down your website or accessing all of your personal information should they find you disagreeable.
And if you have heard of them and still decide to go up against the innumerable horde of Internet-savvy and devastatingly bored Anonymous members, or Anons as they refer to themselves, they would have no problem retrieving the password that you so carelessly used with every Internet account you own.
Such was the fate of Aaron Barr, CEO of the now-defunct digital security company HBGary Federal. Barr openly declared war on Anonymous as a publicity stunt when he announced he planned to expose the identities of Anonymous members.
Once Anonymous got word, they didn’t just embarrass him — they did the digital equivalent of tarring and feathering the man, using fairly basic hacking techniques to take down his website as well as crack HBGary’s server and publish more than 40,000 of Barr’s emails. The exploits Anonymous used should never have been present at a company priding itself on digital security, and the world hasn’t heard from Barr since.
At this point journalists everywhere were attempting to understand this new Internet phenomenon, an unidentifiable and nebulous collective of hackers that had taken down numerous public and private websites, publicly shamed the Church of Scientology, and released the personal information of thousands of members of child pornography websites.
Many reporters had tried — and many had failed — to uncover the truth behind this “Internet hate machine,” a term coined by Fox News in 2007 to describe what they also casually labeled “domestic terrorists.”
Parmy Olson, Forbes magazine’s London bureau chief, decided in December 2010 to follow her interest in understanding “secret communities and hidden worlds” and started to dig into the world of Anonymous.
“I’m one of those people who drives past an abandoned building and I just have the urge to see what’s inside it,” explains Olson.
But Anonymous was no abandoned building — it was a radically amorphous collective and extremely misunderstood. It was not some large, calculating, malevolent group pictured by many in the media; it was a small group of skilled hackers that organized masses of regular, bored, Internet-savvy people across the world.
In her book We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency, Olson explores the in-depth history and details of Anonymous. From its crude and not-sohumble beginnings on the online image board 4chan, where users are forced to remain anonymous and usually post vulgar, gory and sexually explicit images, to its sophisticated attacks on PayPal, the Tunisian government and several other high-level United States and British government websites, Olson provides information that could only come from her access to the group’s chat logs and one-on-one interviews with its core members.
She details the path that begins with the ambiguous and unorganized Anonymous, which is often considered to be an innumerable collective of hacktivists (hackers with an activist mission) that relied on simple DDoS (distributed denial of service) attacks to take down their targets. These attacks consist of taking down websites by sending an overwhelming amount of junk traffic to a site, temporarily taking it offline.
LulzSec, on the other hand, used more advanced techniques such as SQL injections, which a hacker uses to acquire information from a vulnerable Web database. LulzSec became more easily defined as a small but skilled hacker group that had a seemingly anarchic ideology. The group claimed to launch attacks “for the lulz” — meaning for their entertainment and at your expense.
However, LulzSec was not shy in revealing the security flaws they exploited, leading some to label the group as white hat hackers, or ethical hackers who seek to expose security flaws to help protect companies.
The question Olson faced when writing the book: How does one first gain access to this secretive group and then learn to trust self-professed liars who take pride in their manipulative abilities?
“My approach to Anons who were lying to me was to simply go along with their stories, acting as if I were impressed with what they were saying in the hope of teasing out more information that I could later confirm,” she writes.
She began to rely on Jake Davis (aka Topiary), a teenager who acted as LulzSec’s public relations and propaganda master, and he became her “most key source.”
However, wading through Anonymous’ sea of lies and deliberate manipulation proved to be difficult at times.
“I did get a lot of Anons definitely lying to me. … You just have to know that those are the ones you have to weed out,” Olson says.
One of her sources was 25-year-old Ryan Ackroyd, who allegedly adopted the online identity of a 16-year-old named Kayla and was one of the more skilled hackers at the top of Anonymous, and later of LulzSec.
“I still asked [Ackroyd] questions as if [he] were Kayla because it was just really interesting to hear more of this fabrication and just how detailed it was. And sometimes from that you could maybe glean a little about who the real person was behind that pseudonym,” Olson says.
Although Ackroyd built his entire hacker persona around a lie, Olson didn’t consider him to be the most unreliable source. According to Olson, former LulzSec leader Sabu, who was later identified as 28-year-old Hector Xavier Monsegur, was one of the least reliable Anonymous members she spoke to.
“There was a lot of stuff that he said in interviews that I didn’t use in the book just because it sounded so outlandish, and I kind of got the sense that he was prone to exaggerating the significance of himself and what he was doing,” she says.
However, soon after her journey into the mysterious world of Anonymous began, Olson started to lose access to her sources. One by one, they were getting arrested.
In the legal whirlwind that followed their arrests, the world soon learned that Sabu had been arrested first and, as part of a plea deal, he agreed to act as an FBI informant. He continued to work with LulzSec under direct FBI supervision, sometimes even working out of their offices.
Within a year, all the key players of LulzSec were in jail and awaiting trial, including Davis and Ackroyd.
Olson compares her experience with Anonymous to being on safari, “watching wild animals doing their thing as an observer.”
Despite her role as an impartial journalist, she says she “still felt bad for these guys when they were getting arrested because I could see from the very beginning how they got involved in this stuff and how in a lot of ways they just got swept in something they didn’t really understand — it pretty much spun out of control.”
The future of Anonymous is unclear.
The group is always reactively evolving in the face of new threats and new targets that they feel deserve punishment.
But as far as figureheads go, Olson argues that there is no replacing the original leaders.
“[Sabu, Kayla and Topiary] were really like this holy trinity — they were like these icons for Anonymous — and when they left the scene I really have yet to see anyone get that kind of stature within the community.”
Headless or not, Anonymous continues to be a powerful force in the constantly evolving post-Internet era.
And if you’re not afraid of Anonymous yet, take a look at www.hbgaryfederal.com to see the ashes of what was once the respected HBGary digital security company.