Snowden Docs Show GCHQ Tried To DDoS Anonymous

from the picking-the-wrong-target dept

The latest Snowden revelation is just bizarre. According to a new report at NBC (with help from Glenn Greenwald), UK spies at GCHQ decided to mount a DDoS attack against Anonymous and Lulzsec.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.
As the report notes, this seems like incredible overkill. While it's true that Anonymous had been somewhat successful in DDoSing some websites, for the most part, those were just basic defacements. They were the equivalent of kids messing around with graffiti -- hardly the sort of thing you send in the intelligence community to disrupt. Similarly, there are some quite reasonable arguments that the kind of attacks that Anonymous was doing were the equivalent of a sit-in, making them a form of expression.
“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said Gabriella Coleman, an anthropology professor at McGill University and author of an upcoming book about Anonymous. “Some have rallied around the name to engage in digital civil disobedience, but nothing remotely resembling terrorism. The majority of those embrace the idea primarily for ordinary political expression.” Coleman estimated that the number of “Anons” engaged in illegal activity was in the dozens, out of a community of thousands.
NBC News gets former White House cyber security official Jason Healey to point out how ridiculous this kind of attack is:
Jason Healey, a former top White House cyber security official under George W. Bush, called the British government’s DDOS attack on Anonymous “silly,” and said it was a tactic that should only be used against another nation-state.

[....] “This is a slippery slope,” said Healey. “It’s not what you should be doing. It justifies [Anonymous]. Giving them this much attention justifies them and is demeaning to our side.”
Further documents show that GCHQ agents more or less infiltrated Anonymous, trying to buddy up with some key members -- and the documents leaked by Snowden show that GCHQ happily explains that the "outcome" of this effort resulted in charges, arrest and conviction against Edward Pearson, who was involved with Anonymous as GZero. Of course, we thought GCHQ was supposed to be focused on non-UK persons. But Pearson is British. The report details a few other UK hackers arrested because of GCHQ spying -- including one who notes that in the documents concerning his arrest, it is never detailed how he was found.

What's not mentioned in the report is that the intelligence community has a history of totally overreacting to Anonymous. Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing -- not to actually put anyone's lives in danger. But it seems that kind of overreaction to Anonymous went beyond just the NSA and across the pond to GCHQ, which didn't just freak out, but actually spent taxpayer funds to launch offensive denial of service attacks on a bunch of mostly innocent teenagers.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Duke (profile), Feb 5th, 2014 @ 4:19am

    Wondering if this is legal

    My first thought about this was whether this was finally clear evidence that GCHQ was acting illegally. I know that there are a few ongoing cases against them, but this seems pretty clear.

    From my (far from perfect) understanding of GCHQ's legal basis, they are limited to two functions:
    (a) to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material

    (b) to provide advice and assistance about languages, including terminology used for technical matters, and cryptography and other matters relating to the protection of information and other material, to the armed forces of the Crown, to Her Majesty’s Government in the United Kingdom or to a Northern Ireland Department or to any other organisation which is determined for the purposes of this section in such manner as may be specified by the Prime Minister.
    I don't see how DDoSing Anonymous, or cosying up to them fits in (b), and while the former might count as "interfering with electromagnetic emissions" I'm not sure the rest will.

    Perhaps this time GCHQ has gone too far?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 4:26am

    Re: Wondering if this is legal

    >My first thought about this was whether this was finally clear evidence that GCHQ was acting illegally.

    Didn't you know? They're above the law.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    That Anonymous Coward (profile), Feb 5th, 2014 @ 4:42am

    Gee one is left to wonder if the things they claim others were doing/could do was based on fear of knowing what they capable of doing.

    One wonders how many of the rules governing these spy agencies they have to break before someone finally stops them and asks them what the f__k were they thinking.

    But but but terrorism no longer cuts it.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    BentFranklin (profile), Feb 5th, 2014 @ 4:46am

    If you can't control it, kill it.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 4:51am

    Re: Re: Wondering if this is legal

    Only little people are held to legal standards.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    Ninja (profile), Feb 5th, 2014 @ 4:51am

    If it wasn't for the very real problems that the intelligence community is causing or may cause this would be a comedy article. Reminds me of when some lunatics wanted to blow nuclear bombs to speed up the construction of the Panama Canal...

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Arthur Moore (profile), Feb 5th, 2014 @ 4:54am

    Re: Wondering if this is legal

    I was thinking the same, but for different reasons.

    I don't know much about British law, but Techdirt has published several stories about parallel construction. It sounds like GCHQ might have been doing the same thing. It casts doubt over any court cases involving Lulsec and Anonymous.

    I wonder, if The UK have the same problem with most cases ending with the defendant pleading guilty. Here in the US they'll have nice men with badges and guns take family members of the defendant out of work and ask them to call him or her. The threat being that since they also benefited from the alleged crime that they'll be charged as well. Unless, of course, the defendant agrees to immediately plead guilty to the judge that they have waiting down at the courthouse.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 4:57am

    Re:

    Did those lunatics have access to a time machine?

    The United States took over the project in 1904, and took a decade to complete the canal, which was officially opened on August 15, 1914.

    http://en.wikipedia.org/wiki/Panama_Canal


    The Manhattan Project was a research and development project that produced the first atomic bombs during World War II. ... From 1942 to 1946, ...

    http://en.wikipedia.org/wiki/Manhattan_Project

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Arthur Moore (profile), Feb 5th, 2014 @ 4:57am

    Re:

    In the early days nuclear fallout wasn't really understood. If you ignore the radiation, small nukes make handy explosives. Like the ones we use for construction now but larger.

    See Also: https://en.wikipedia.org/wiki/Operation_Plowshare

    Since that didn't work out we ended up buying a bunch of old nukes from the Russians to power our reactors.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Anonymous Howard (profile), Feb 5th, 2014 @ 5:06am

    Re:

    If Anonymous is capable of shutting down your power grid, then you ought to think through your friggin' internet security, because it's ridiculous.

    Also, if 133thax0rkidz can hack your infrastructure, then other nations (russia, china, etc) can too, and you have a bigger problems than internet activists.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:09am

    If DDOS is "like a sit-in", then what GCHQ did wasn't so bad, right? It's just like they're sitting-in... in someone's house... hmm... maybe I need to rethink this analogy.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:12am

    Re:

    I live inside your computer.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:22am

    Re: Re:

    I
    If Anonymous is capable of shutting down your power grid,

    Then you have made the mistake of connecting its control systems to the Internet.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:31am

    The majority of those embrace the idea primarily for ordinary political expression.


    Yeah, that's the latest threat to our way of life. Hadn't you heard?

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:36am

    and remember that DDoSing is illegal as well. also remember that Cameron tried to get the Blackberry network closed down so as to stop people talking to each other during the London riots. as horrendous as they were, it's hardly the thing to suggest doing from a nations Prime Minister. having said that though, he's using the fictitious 'Internet crimes' as the reason censorship has to take place in the UK! the man is losing the plot! it does seem, however, that the UK is using the most ridiculous excuses to achieve it's ends.
    i heard this morning about the 'tube strike' in London. the government is now trying to bring in new laws to stop it happening. it's anything to undermine and remove the rights of the people. Cameron is trying to back peddal the UK to the days when only the rich and famous had the right to anything. he needs to mind he doesn't get hauled up before the EUCHR!

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:45am

    Re: Wondering if this is legal

    The human body generates an electromagnetic field, and this field can be detected with certain electromagnetic field meters.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:46am

    Re:

    he needs to mind he doesn't get hauled up before the EUCHR!


    Or hauled up anything else, for that matter.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:53am

    I know DDoS attacks against IRC servers aren't uncommon...

    But we're talking about an IRC server being DDoS'd by a security agency.

    A place where people go to talk (regardless of how affiliated they are with Anonymous or not.)

    So I'm guessing this means that Freedom of Speech no longer means shit the fascists in charge.

     

    reply to this | link to this | view in thread ]

  19. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Feb 5th, 2014 @ 6:43am

    "The latest Snowden revelation is just bizarre." -- And essentially pointless.

    Again, nothing new or breathtaking here, no more than ginning up the netwits -- who'll soon be exhausted by these little leaks, and ignore anything major -- IF were anything major in the alleged Snowden pile, which I doubt.

    Don't bother commenting here, (hypothetical) visitor! The rabid Techdirt fanboys censor all opposition! Here's one NOT lying about it:
    http://www.techdirt.com/articles/20140204/07522126085/new-zealand-spy-agency-deleted-evidence-about- its-illegal-spying-kim-dotcom.shtml#c341 (198 of 198)

    02:43:42[c-850-6]

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:08am

    I have looked at the PP. Because there is virtually no context provided in the presentation as to why the sites were focused upon, it is not at all clear how you came to the conclusion that such a focus was not warranted.

    It seems as if it is being advocated that the sites should be free from scrutiny to do as they want because "boys will be boys". Without knowing what caught the eye of the government, would that be putting the cart before the horse?

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    David, Feb 5th, 2014 @ 7:17am

    Thinlk!

    Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group who might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing -- not to actually put anyone's lives in danger.

    How is exposing hypocrisy and wrongdoing not putting Alexander's way of life in danger?

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Coyne Tibbets (profile), Feb 5th, 2014 @ 7:27am

    Anonymous as Intelligence Target: Positively

    As an establishment leader (government official or corporate officer closely allied to government) a "terrorist" is anyone who disagrees with policy or embarrasses the policy makers.

    Anonymous does both, and is therefore a "terrorist" organization. Of course you send your intelligence agencies to persecute them.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:31am

    Re: Re: Wondering if this is legal

    This doesn't have anything to do with evidence laundering. This doesn't even have anything to do with evidence gathering or surveillance at all. This has to do with GCHQ launching offensive attacks on targets based on the fact because they decided the the targets needed to be attacked. There is no legal case. No appeal to a court for authorization. No due process. This is a UK government agency stepping way outside of their mandate to unilaterally punish people that they deemed needed punishing.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:37am

    Re:

    The objection to the action has nothing to do with the government scrutinizing a site, and taken legal action where they have evidence of wrongdoing. Th objection is of a government agency exercising power in an arbitrary fashion to silence critics of governments. Such abuse of power should always to objected to, else you will find that you are forced to agree with the government in everything that it does.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:41am

    Re:

    DDoS is a form of protest for individuals and groups that lack the power and authority of the state. Protest is important because it can be an effective counter to abuse of that power and authority. If you already have the power and authority, what could you possibly be protesting? The answer is you aren't protesting at all. You are abusing that power and authority when you engage in such activity. That is the difference and it is a big one.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:44am

    Re: Re:

    But this begs the question "What was the motivation underlying the focus?" Maybe they thought the site hosted communications critical of the government, but then again maybe not. My point was essentially to note that information that would clarify why the focus does not seem to be present, so conclusions/opinions drawn from the information presented would be speculative in nature.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:45am

    Re: Anonymous as Intelligence Target: Positively

    What a perfect definition of tyranny you have there.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:46am

    In the last IA class I took, the FIRST thing we had was to learn about and sign a Code of Ethics. One of those good behaviors to learn is that "hacking back" is NOT an ethical thing to do.

    Not sure how/if that applies, or would ideally apply to feral government agencies, tough.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:50am

    Re: Re: Re:

    I am not certain but I thought that high profile systems, such as the power system control grid, are on a separate network away from the internet.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:51am

    Re: Re:

    Protests are but one of many reasons that are cited as the basis for a DDoS attack, but it must be admitted that a substantial number have been directed at business institutions, government agencies, etc., the disruption of which can cause significant damage to a large segment of the public.

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    That One Guy (profile), Feb 5th, 2014 @ 7:59am

    Re:

    Now see, your first mistake was believing that they follow a 'Code of Ethics', or even know what such a thing is.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 8:15am

    Question

    If GCHQ spooks have time for tailored DDoSs against few kids, how do they sift through copies of tons of internet porn which winds up in their hands daily?

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:01am

    Time until Anonymous DDOSs Britain: 13:37:20.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:04am

    Re: Re: Re:

    I was speaking to his assertion that because the argument is made that DDoS is "like a sit-in" (which is used as a form of protest) then it validates it as ok for people to do. He is implying that because it is ok for the people to do as a form of protest then it should be ok for a government to do as well. I was merely pointing out that the error in the logic there as the reason it is ok as a form of protest is that that protest is against the abuse of power and authority. So if you already have the power and authority, you haven't a valid reason to protest and therefore the use of such action becomes an in and of itself an abuse of that power and authority instead of a protest of such.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:09am

    Re: Re: Re: Re:

    If they aren't someone is getting fired retroactively before they were hired if they have idiocy of that magnitude.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:40am

    Re: Re: Re:

    Actually, protest is an important counter for abuses of power and/or authority of ALL types not just the state. So whether it's a business or the government, it doesn't matter. When DDoS is used as a form of protest against such abuse, it can be justified, however if the entity engaging in such activity already has the power and/or authority it can't be a protest and instead becomes an abuse in and of itself. That's probably a better way to put it.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:43am

    Re: Re:

    There is a reason it's the FIRST thing they learn.

    "Here is the first rule you have to learn. Now that you know that we are going to teach you how to effectively break that rule."

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:47am

    GCHQ is out of control!

     

    reply to this | link to this | view in thread ]

  39.  
    icon
    krolork (profile), Feb 5th, 2014 @ 12:46pm

    We need a revolution.

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 1:36pm

    Re: Re:

    They foolishly used the maximum strength of nuclear devices allowed by the US/USSR 1976 treaty on Peaceful Nuclear Explosions as autodestruction systems, which were one day used against themselves in their foolishness.

    The following picture used on wikipedia in the Nuclear Weapons Testing article, coming from US public domain.

    http://en.wikipedia.org/wiki/Nuclear_weapons_testing
    https://en.wikipedia.org/wiki/File:Types_ of_nuclear_testing.svg

    Makes one think...Sometimes I think the NSA are aware of something awful and so thats why they justify spying everything. But probably not, I'm just a pleb who isn't even american so i'm totally fair game. :3

     

    reply to this | link to this | view in thread ]

  41.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:04pm

    They are not overreacting

    Anonymous is the ONLY group on Earth that is consistently against the programs that these people are running. Simply put, no other group will do nearly as much to harm the intelligence agencies' attempts for power as anonymous will.

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:34pm

    Re: They are not overreacting

    I disagree. I would say groups like the EFF and ACLU are consistently against these programs far more effective at fighting them than Anonymous ever will be.

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:38pm

    "Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing "

    "hypocrisy and wrondoing"

    Yeah.......terrorism!?
    Love, Cameron

     

    reply to this | link to this | view in thread ]

  44.  
    icon
    Sunhawk (profile), Feb 5th, 2014 @ 4:01pm

    Re: Re:

    Indeed. If you're using computer controls for infrastructure, medical devices and such, you *need to have both software and hardware safeties*. I've emphasized this to students in an Ethics in Computing class, and I will again given the opportunity.

    If there's no reason for your generators to run at a sufficient speed to burn out (and there's not), then you prevent it from being physically able to run that fast. You have one or more operators on site - thus controls should not be even capable of being remotely accessed (remote monitoring isn't so bad). If a medical device uses radiation to gather information on a patient, it should not be capable of emitting a harmful amount (a real case, that, from a few years back - the hardware relied on the firmware/software for safety, and the software was poorly installed, poorly maintained and poorly operated... leading to, well, microwaving of tender body parts).

    It's basic computer and network security - expose only what needs to be exposed, and make it as physically impossible as possible to access the rest. A bank or business might use a time-locked vault for a very good reason - so that no matter what happens, the vault simply cannot be opened except at the time when it needs to be open to move stuff out. No matter who's compromised, what information they have, what threats are made, the vault is secure for most of the day or week.

     

    reply to this | link to this | view in thread ]

  45.  
    icon
    M. Alan Thomas II (profile), Feb 5th, 2014 @ 5:22pm

    While there's no specific mandate to do so, I rather wish that my government would object to a foreign government interfering with our residents' constitutional rights (in this case, freedom of association).

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 6:07pm

    Re: Re:

    Any nation can stop power grids, just drop a nuke way high in the skies of multiple cities, BAM, EMP's everywhere.

    Thing is, the real reason nukes exist is that they are never going to be used.

    Except for mini-nukes, those were banned in 1968...officially.

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 6:13pm

    Re:

    Speaking of which, my country (Canada) just lost some more of its sovereignty to the US. Not as bad as previously thought, but...
    http://www.cbc.ca/news/politics/fatca-tax-deal-with-u-s-takes-some-heat-off-canadian-banks-1.2 524444

    Revenue Canada will have to report to the IRS whenever it feels like looking at some Canadian bank accounts from now on. At first it was directly without RC acting as in-between but they struck this "deal". If Canadian banks didn't accept to divulge info they would be basically raped.

    Disgusting.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This