Threat of 'Anonymous' Cyberattack on Pentagon May Be Overblown

/ Source: SecurityNewsDaily

The Pentagon asked for an investigation yesterday (March 8) into the online “hacktivist” group Anonymous after at least one member of the group threatened to harass military officials in charge of the imprisonment of Army Pvt. Bradley Manning, according to news reports.

Last night, that member, occasional Anonymous spokesman Barrett Brown, gave an incendiary interview to NBC News, vowing a “guerrilla cyberwar” against the U.S. government, major corporations and other targets “that have asked for it.”

And in a rehash of earlier exploits, Anonymous members claimed to have taken down, the website of the music-licensing group Broadcast Music Inc.

Last week, Brown told a Scottish website that Pentagon officials were fair game for Anonymous harassment.

Yet Anonymous has no official spokesmen and no leaders, and it’s not clear — even to him — whether Brown has been speaking for anyone other than himself.

“The NBC segment was fine except that I was referred to as having status of a more official sort than I intended to convey,” Brown told SecurityNewsDaily in an e-mail Wednesday. “Let them call me whatever they like; I am now officially going by the title of F***ot in protest of the press' common failures.”

No harassment of any Pentagon official has been reported, and the busy Anonymous Twitter feeds, currently preoccupied with the rebellion in Libya, have been silent on the issue.

Manning mania

Department of Defense spokesman Col. David Lapan told Agence France-Presse Tuesday that the Pentagon had requested the probe after it learned of Anonymous’ plans to disrupt operations at the Quantico, Va., Marine Corps brig where Manning is being held.

Forbes blogger Andy Greenwald noted Monday that an Anonymous online posting had called on followers to dig up details on Pentagon officials in retaliation for a recent change in Manning’s living conditions and legal status.

Manning, who is widely suspected of being WikiLeaks’ source for secret military documents on Iraq and Afghanistan, as well as a huge trove of secret U.S. diplomatic cables, was arrested in May 2010.

On March 2, new charges were added against him, one of which potentially carries the death penalty, and around the same time he was ordered to be kept naked while in his cell, purportedly to prevent him from committing suicide.

Two days later, Brown told the Scottish tech site The Tech Herald that Anonymous was planning to strike out against Pentagon officials and Manning’s betrayers.

"The Internet is a weapon. It’s already weaponized, and those of us who know how to use this weapon have the advantage,” he told the website. “I know who else was involved in turning [Manning] in. I'm not sure what to do on that yet, but we're speaking among ourselves about that."

A powerful movement of one, all or none

Not all Anonymous members view Brown fondly, which Brown himself seems to be amused by. He tweeted one slam posted on the Anonymous-affiliated discussion site, which called him a “hipster-looking d******bag” and a “fake” who was deliberately trying to entrap the “hacktivist” group.

As readers of SecurityNewsDaily know, Anonymous is a group that’s hard to define. Anyone can join by hopping into one of its several online chat rooms, and anyone can take part in “operations” against specific targets, which seem to be added almost daily.

Participants in “operations” come and go as they please, and despite NBC News’ characterization of Brown as a “leader” and “senior strategist” of Anonymous, most of the movement’s literature is adamant that it has no leaders, hierarchy, official spokesmen or even a set agenda.

Recent Anonymous “operations” have mostly taken the form of distributed denial-of-service attacks against websites operated by MasterCard, Visa and PayPal (in response to their temporary shutdowns of WikiLeaks donation channels), against websites owned by the governments of Egypt, Tunisia and Zimbabwe (in response to WikiLeaks censorship), against websites of organizations affiliated with the music industry, including (in response to legal crackdowns on file-sharing) and, lastly, against websites run by the universally offensive Westboro Baptist Church (after the church dared Anonymous to do it).

Anonymous' most spectacular operation, however, was the digital disembowelment of security firm HBGary Federal last month.

Following the publication of an ill-timed interview with the Financial Times in which HBGary Federal CEO Aaron Barr said he had figured out the identities of Anonymous “leaders” and would soon be speaking to the FBI, Barr arrived at work one Monday morning to find his company’s website down, his Twitter account hijacked, his cell phone and Social Security numbers posted online and his iPad remotely wiped.

Even worse, Anonymous members copied HBGary Federal’s entire e-mail database and posted it online, revealing that the company had been plotting with two other Beltway security firms to illegally hack WikiLeaks and labor union-backed liberal groups at the behest of a powerful law firm that counted Bank of America (a rumored future WikiLeaks target) and the U.S. Chamber of Commerce (opposed by organized labor) as its clients.

Barr resigned from his position as CEO of HBGary Federal on Feb. 28.

Bloomberg News, poking through the HBGary Federal e-mails, also found a lot of previously concealed details about the presumably Chinese-directed “Operation Aurora” and “Night Dragon” network intrusions of Western companies in 2009 and 2010.

The e-mails mentioned that more than 200 companies, among them Morgan Stanley, DuPont, Sony, Johnson & Johnson and Disney, had been the targets of Operation Aurora, and it named the multinational energy companies that fell victim to Night Dragon as BP, ConocoPhillips, ExxonMobil, Marathon and RoyalDutch Shell.