They were described as a leaderless, anarchic group of “hacktivists” who briefly brought down MasterCard, Visa and PayPal after those companies cut off financial services to WikiLeaks.
But inside Anonymous, the Guardian has found that the organisation is more hierarchical — with a hidden cabal of around a dozen highly skilled hackers co-ordinating attacks across the web.
The secretive group that directs the Anonymous network was also behind the assault on the Gawker websites in the U.S. at the weekend, according to documents seen by the Guardian . That led to e-mail addresses and passwords of more than 1.3 million Gawker users being made public, and spawned a spam attack on Twitter that is now being investigated by the FBI.
In the last 10 days, Anonymous has also orchestrated Operation Payback, which attacked Visa, MasterCard and PayPal for cutting off financial services to WikiLeaks under pressure from the U.S. government. Given the youthful demographic of the group, insiders expect the attacks to be stepped up in the next week as schools, colleges and universities break up for Christmas.
Several members of Anonymous have contacted the Guardian , wanting to provide more information about their motives and how the group works. Although some have been prepared to reveal their identities in private, none is willing to be named in public for fear of a backlash within the hacker group.
One member said the group's “command and control” centres are invite-only, adding: “It's to protect people, but if you have proven trustworthy you get invited — it's not hard to do. It's not some elitist structure but a way to keep the press and the odd bit of law enforcement seeing who issues commands.” Members of the group and outside experts such as Gabriella Coleman, a New York University professor who has studied Anonymous, estimate that up to 1,000 people are members of the broader network, who make their computers available to co-ordinated cyber attacks. But the majority of members — put at 99 per cent by one insider — have virtually no influence over the direction of the group or its strategy.
“Our project has no leader structure, only different roles. The degree of leadership and organisation in the various projects various a lot,” one long-term insider explained. “It's all very chaotic, but we communicate and co-operate with each other. I see us as different cells of the same organism.” The leaders of the group use internet relay chat (IRC) technology, which can allow groups of people to communicate clandestinely. Some in the upper echelons are understood to have control over “botnets” comprising more than 1,000 Windows PCs that have been infected with a virus and can be controlled without the user's knowledge to direct “distributed denial of service” (DDOS) attacks against target organisations.
It was during an invite-only chat on one of Anonymous's IRC channels that the group discussed taking revenge on the Gawker websites for derogatory remarks made by its British owner, Nick Denton, about internet messageboard 4chan, which is popular among a large number of Anonymous members.
Analysis by Joseph Bonneau, of the computer security group at Cambridge University, suggests Anonymous used a concentrated attack to deduce Mr. Denton's password for a business planning site, and then used passwords gleaned from there to break into Gawker's computers. “Gawker's security [was] probably above average,” Mr. Bonneau noted. Even so, it was broken.
WikiLeaks has no affiliation with Anonymous, and has neither endorsed nor condemned the online war being waged on its behalf. But Julian Assange this week urged his supporters to protect the site from “instruments of U.S. foreign policy”, citing Visa, MasterCard and PayPal. Days later the group toppled the Swedish prosecutor's website as Mr. Assange faced a U.K. court hearing over rape charges in Sweden. The list of targets is much longer than just those who have hindered WikiLeaks. The first co-ordinated Anonymous attack was on the Church of Scientology in 2008, after it demanded the removal from the web of a recruitment video featuring Tom Cruise.
The attack on Gawker was dubbed Operation Overlord, which aims to carry out more damaging hacks into the systems and databases of the group's “enemies”. Other activities include Operation Leakspin, which distributes U.S. diplomatic cables from WikiLeaks that the group thinks are underexposed.
On Thursday, Anonymous released a multi-authored — but unsigned — three-page statement, entitled: “Free Thinking Citizens of the World”. The angry tract said: “Many people think they understand Anonymous, but as an amorphous, opt-in entity, Anonymous is ... fractitious [sic] at best and anything but unanimous.” Despite the bravado, there are signs the group is at risk of breakup as law enforcement agencies chase down its members under the media glare. At least three people suspected of taking part in Operation Payback, including two Dutch teenagers, have been arrested. — © Guardian Newspapers Limited, 2010
