The hacker collective Anonymous and its factions LulzSec and AntiSec
drew widespread attention between 2008 and 2012 as they tore loudly
through the internet ruthlessly hacking websites, raiding email spools,
exposing corporate secrets and joining the fight of the 99 percent. The
groups seemed unstoppable as they hit one target after another, more
than 200 in all by the government’s count. It seemed no one was beyond
their grasp.
But then all went quiet.
The group was undone in part by Hector Xavier Monsegur, an Anonymous leader and government informant known online by the
nom de hack
Sabu, who was arrested in 2011 and quickly turned against his cohorts,
helping the government arrest several key members in 2011 and 2012.
Since then, aside from a couple of recent actions by Anonymous, such as
Operation Last Resort, which targeted the U.S. Sentencing Commission and
MIT websites to protest the unusually harsh prosecution of internet
activist Aaron Swartz, and the recent leak of documents taken from
Brazil’s Foreign Ministry, Anonymous has gone silent for the most part.
Those who have followed the movement closely say Sabu’s role in the
arrest of Jeremy Hammond and others has had a chilling effect on
Anonymous, causing members to lay low and worry if additional informants
are lurking among them. But experts also warn that the sporadic nature
of Anonymous activities is inherent in its makeup, and the group can be
easily reconstituted and revitalized in an instant.
“It may never come back, but I wouldn’t count on it,” says Mark Rasch
a former federal cybercrimes prosecutor and now chief privacy officer
at SAIC. “Don’t throw away your Guy Fawkes masks just yet.”
Anonymous, he notes, is like a flash mob: It appears suddenly, acts
quickly, then disappears. As long as the movement can attract new
members, the arrests of former ones will have little affect on its
survival.
“It’s not like you throw them in jail and they disappear,” he says.
“It’s sort of like squeezing Jell-O. It just moves somewhere else.”
But while the amorphous, incognito nature of Anonymous is its
strength it’s also a weakness in that maintaining strict and constant
anonymity at the individual level is difficult to do and can lead to
burnout as well as mistakes that expose members to arrest.
There’s also a basic conflict between the need to maintain constant
anonymity while also establishing the kind of meaningful relationships
with fellow Anons that make the movement effective.
“It’s extremely hard to … interact with people closely and have to
hide yourself,” says Gabriella Coleman, a McGill University
anthropologist who is one of the leading experts on Anonymous and whose
book
Hacker, Hoaxer, Whistleblower, Spy: The Story of Anonymous publishes later this year.
“You’re not supposed to reveal much about yourself, but there is a
kind of desire to connect and get to know each other,” she says.
“Clearly if you do, you’re going to get in trouble. And if you don’t,
over a period of time it gets exhausting. [Anonymous is] configured in
such a way that it’s not ideal for its own social reproduction. But it’s
ideal for its reinvention later.”
The Birth of Anonymous
The birth of Anonymous itself was sporadic and amorphous. It took
form over several years, beginning around 2006 on the popular 4chan
message board and in Internet Relay Chat channels. The initial group, if
it could be called that, lacked the intensity and political fervor
Anonymous later became known for, but drawing attention to their
activities was one of their trademarks from the start.
The first Anons were in it for the lulz–simple amusement. In one of their first pranks they disrupted the virtual
Habbo Hotel,
an online hangout for teenagers, with a kind of denial-of-service
revolt. They flooded the hotel with Afro-sporting avatars resembling
“sharply dressed disco dancers” and blocked access to the hotel’s pool,
according to Parmy Olson, who charted the rise of Anonymous and its
splinter groups in her book
We Are Anonymous.
The group’s focus turned to more serious matters in 2008 with
Operation Basement Dad, in which members also got their first taste of
widespread attention. The group created the @basementdad Twitter account
in response to reports that Josef Fritzl, an Austrian man, had
imprisoned and raped his daughter in the family’s basement for 24 years.
Although the Twitter account was created just for laughs, it drew
nearly half a million followers before Twitter shuttered the account.
But the group really got notice that same year when it took on the
Church of Scientology after the church pressured YouTube into deleting a
leaked video of an impassioned Tom Cruise
extolling the church’s power and influence. Driven in part by reports
that the church brainwashed members and punished those who challenged or
questioned its dogma and leaders, Anonymous launched Project Chanology,
a massive campaign against Scientology, beginning with DDoS attacks
against its websites. The campaign, however, also moved offline with
protests held outside Church of Scientology facilities and popularized
two of the Anonymous memes that would become the group’s hallmarks:
YouTube videos announcing their intentions using a computerized voice
and the tagline “We are Anonymous; We are Legion” and the grinning Guy
Fawkes mask members wore in public.
Just as Anonymous gained mainstream notice, however, it seemed to
disappear. Little was heard from the group again until 2010, when
Anonymous defended the cause of file-sharers with DDoS attacks aimed at
the Motion Picture Association of America and others. But the move that
really got the group attention was
Operation: Payback
(.pdf), a series of DDoS attacks against PayPal, Visa and MasterCard
for their refusal to process donations to WikiLeaks after the site began
publishing the leaks of Chelsea Manning.
When WikiLeaks drew attention to the DDoS attacks, interest in
Anonymous grew exponentially. Participation on the public channel where
members and spectators communicated jumped tenfold from 700 to 7,000
people, Coleman says.
But with the group’s new focus came conflict. The initial plan to
support WikiLeaks only called for creating a mirror of the
organization’s server and site. But then some in the group launched the
DDoS against PayPal. This angered other members, who argued that the
protocol for voting on the group’s actions had been breached, Coleman
says. Some factions within the loosely affiliated collective developed a
“hunger for leaking and hacking,” creating further division. The schism
prompted the creation of AnonOps, a platform for organizing and
managing different operations that was serviced by technical teams who
provided support for the various operations.
The division in interests came into sharp relief in 2011 with the
hacks of HBGary and HBGary Federal,
which occurred around the same time that AnonOps was actively
supporting the social revolutions of the Arab Spring. When some members,
surprised by the ease with which HBGary was hacked, wanted to hack
other corporations for amusement and for the purpose of exposing their
poor security, it became clear that this kind of recreational hacking
had to be separated from the political activism that was increasingly
becoming the mark of Anonymous and AnonOps. Out of this division Lulzsec
was born.
“The name Anonymous had become so synonymous with political activity,
even if it was quite subversive and chaotic,” says Coleman. “[But] they
started accessing data that had no political message. Lulzsec became
the banner of doing it just for the laughs or for exposing bad security.
Most of them were quite serious about their political causes, but also
just loved to hack for the heck of it.”
Sabu’s Reign
Anonymous was a loose collective with a decentralized command and
leadership that fell to whomever had the skills or personality to seize
it. Hector Monsegur, an experienced hacker who never finished high
school, had both.
Monsegur, as “Sabu” had been part of a faction that, among other
things, supported social revolutionaries in the Middle East. But he also
had a hidden history of
hacking for fun and, occasionally, profit–something
that recently came to light in court documents. And so in May 2011 he
shifted his attention from political activism to corporate and
government hacking through LulzSec, which he founded with five others
and led from his apartment in a public housing complex on New York’s
Lower East Side.
Over 50 days, the group targeted media outlets, government agencies
and private companies in an ongoing campaign that included a
headline-grabbing hack of Sony Pictures Entertainment. During this time, Monsegur was a brash and bold leader who boasted loudly about LulzSec’s activities over Twitter.
“For many people he was a very symbolic figure. Although Anonymous
claimed to have no leaders, it definitely had celebrities. Sabu was
probably one of the biggest,” says Olson.
Offline, Monsegur was an unemployed, 28-year-old who bore the
difficult responsibility of tenderly caring for two little girls, his
cousins, who were left on their own after their mother was jailed.
But online, as Sabu, he was a temperamental man who was charismatic
and friendly but was also feared as much as he was loved, Olson says. He
regularly used his influence to his advantage.
“People loved giving vulnerability information [about web sites and
servers] to LulzSec because they might get a pat on the head from Sabu,”
Olson says.
The LulzSec logo.
But Sabu’s reign didn’t last long before it unraveled.
Aided by hackers who
“doxxed” him by leaking information about his identity online
the feds came knocking on his door on June 7, 2011 asking questions.
Monsieur quickly admitted his guilt, although he hadn’t yet been charged
with any crimes, and even confessed to criminal activity the feds
didn’t know about. According to court documents, he flipped immediately
and was already helping investigators target his cohorts the next day.
Rumor spread that he’d been arrested–fueled in part by his online
disappearance for 24 hours after the feds seized his computers and by
the previous doxxing. But despite this, many in the community were in
denial and resumed their communication with him once he re-appeared.
“The people in Anonymous are not hackers,” Olson says. “They’re just
young people getting swept up in this with no real understanding of
hacker culture and the fact that informants are a huge part of hacker
culture.”
This, she says, was their undoing. “I think that part of the reason
it fell so quickly is that it was built on this superficial foundation
of believing in this cause, but not really understanding the risks and
consequences the way perhaps people who had spent years in hacker
culture and hacker communities would have understood.”
Not long after Sabu returned online, members of LulzSec decided to
disband their group. In the vacuum created by this decision, a new group
named AntiSec formed to take its place. Sabu announced the change in a
tweet sent on June 25, 2011: “We are working under the #antisec flag now
gentlemen. LulzSec will live on forever as a successful operation. Much
love to all.”
Monsegur, fully in charge of this new group whose work was now being
directed by the feds, led AntiSec in a series of new hacks, including
the December 2011 breach of the private intelligence firm Stratfor that
resulted in thousands of the company’s emails being leaked online.
The hacking campaign continued for nine months until Fox News publicly exposed Monsegur in March 2012 in a story
identifying him as an informant. Confirmation of what many had suspected for a long time hit Anonymous hard.
“That’s when people stopped going on the IRC channel. It was like
tumbleweeds [in there],” Olson says. “People just became paranoid. They
realized they couldn’t really trust anyone in Anonymous anymore.”
Three months after becoming an informant, when speculation about his
work with the feds was still just that, Monsegur had talked about the
possibility of being arrested in a phone call with Olson. He told her
the feds “have no way to prove where I am or what I’ve done” and said he
had no fear of going to jail should he ever be caught.
“If I get caught, I will plead guilty to the charges,” she says he
told her. “All these kids want to play hacker, but when they get a visit
from the police they all turn over. They would love to get a confession
out of me. The truth is that the only way is if they use my kids
against me. If they say they’ll take my kids away. I will not assist
them. I will go down as a martyr, not a snitch.”
Notably, he also told her, “the FBI gives [informants] immunity to hack. You don’t understand [the] corruption.”
The reference is significant, because the FBI has been accused of
using Monsegur to direct Jeremy Hammond and others to hack multiple victims. Hammond, who was convicted of hacking Stratfor, has said Sabu
directed him to hack the company and
provided a list of other targets.
“It is kind of funny that here they are sentencing me for hacking Stratfor,” Hammond told
The Guardian last year, “but at the same time as I was doing that an FBI informant was suggesting to me foreign targets to hit.”
While Hammond was sentenced to ten years, Monsegur was
sentenced on May 27 to time served – just seven months – as a reward for the assistance he gave investigators.
Authorities say he helped them nab at least eight of his former
colleagues. Hammond’s lengthy sentence, no doubt, is intended to send a
message to other hackers that their sentence will be severe if caught.
Sabu’s sentence sends a different message, former federal prosecutor
Mark Rasch says.
“Once you’re caught, you want to be the first one to testify” against
your colleagues, he says. Because once prosecutors have secured the
cooperation of one suspect, he says, they won’t be so eager to make
deals with others. Sabu’s sentence also suggests that hackers who can
provide extensive technical assistance to authorities in the way that
Monsegur did stand a greater chance of leniency than run-of-the-mill
suspects who have no special skills.
“If you’re caught in a scheme that is sophisticated and difficult for
the government to understand, you have a better chance of mitigating
your sentence [by providing expertise] than if you’re the average mope
getting caught in some kind of criminal enterprise,” he says.
Whatever message the sentences of Hammond and Monsegur send, it
remains unclear what long-term effect they will have on Anonymous.
Hector Xavier Monsegur, aka “Sabu,” leaves federal court after having been granted a sentence of time served.
Where Anonymous Goes From Here
Olson says that Monsegur’s betrayal scarred Anonymous to some degree
and has had an effect on it. But she says the movement was also a victim
of its own success and notoriety.
“The catch-22 of Anonymous is that for it to be successful, it has to
get a lot of attention,” she says. But it also “becomes so much easier
to track them when people try to get notoriety.”
She suspects the collective is having trouble finding its footing
without new leaders to move it forward. She believes most people are
reluctant to expose themselves to the same risks Monsegur did. “Nobody
else really had the balls to try, and perhaps rightly so, to fill that
leadership vacuum because they could see very plainly that there are
huge risks to trying to be a leader, even a symbolic leader,” she says.
The problem lies in part to the fact that the qualities needed to
lead Anonymous are antithetical to maintaining anonymity. The job
requires someone who is charismatic to inspire people to support a
cause, but who also has the skill and discipline to maintain anonymity.
It is difficult to master both of these equally.
But Olson cautions against writing off Anonymous. The collective has
ebbed and flowed over the years, taking long breaks between attacks.
“I wouldn’t write off their existence completely just because they’ve
gone quiet,” she says. “You never know what’s going to happen.”
Don’t be too quick to write off Monsegur, either, she says. He may
well be back. Hacking, Olson says, is a game where people switch sides
with some regularity. It’s hard to see Anons welcoming Sabu back, but
Olson isn’t ruling out the possibility that he’ll be back in the game in
some way.
“The internet has a short memory,” she says, “so a couple of years
from now, he can reinvent himself. Who knows what he’ll be doing?”
