Snowden Docs Show GCHQ Tried To DDoS Anonymous

from the picking-the-wrong-target dept

The latest Snowden revelation is just bizarre. According to a new report at NBC (with help from Glenn Greenwald), UK spies at GCHQ decided to mount a DDoS attack against Anonymous and Lulzsec.

The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder — and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.

As the report notes, this seems like incredible overkill. While it’s true that Anonymous had been somewhat successful in DDoSing some websites, for the most part, those were just basic defacements. They were the equivalent of kids messing around with graffiti — hardly the sort of thing you send in the intelligence community to disrupt. Similarly, there are some quite reasonable arguments that the kind of attacks that Anonymous was doing were the equivalent of a sit-in, making them a form of expression.

“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said Gabriella Coleman, an anthropology professor at McGill University and author of an upcoming book about Anonymous. “Some have rallied around the name to engage in digital civil disobedience, but nothing remotely resembling terrorism. The majority of those embrace the idea primarily for ordinary political expression.” Coleman estimated that the number of “Anons” engaged in illegal activity was in the dozens, out of a community of thousands.

NBC News gets former White House cyber security official Jason Healey to point out how ridiculous this kind of attack is:

Jason Healey, a former top White House cyber security official under George W. Bush, called the British government’s DDOS attack on Anonymous “silly,” and said it was a tactic that should only be used against another nation-state.

[….] “This is a slippery slope,” said Healey. “It’s not what you should be doing. It justifies [Anonymous]. Giving them this much attention justifies them and is demeaning to our side.”

Further documents show that GCHQ agents more or less infiltrated Anonymous, trying to buddy up with some key members — and the documents leaked by Snowden show that GCHQ happily explains that the “outcome” of this effort resulted in charges, arrest and conviction against Edward Pearson, who was involved with Anonymous as GZero. Of course, we thought GCHQ was supposed to be focused on non-UK persons. But Pearson is British. The report details a few other UK hackers arrested because of GCHQ spying — including one who notes that in the documents concerning his arrest, it is never detailed how he was found.

What’s not mentioned in the report is that the intelligence community has a history of totally overreacting to Anonymous. Back in 2012, we wrote about NSA boss Keith Alexander’s bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might shut down power grids — a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they’ve taken, historically, have been to expose hypocrisy and wrongdoing — not to actually put anyone’s lives in danger. But it seems that kind of overreaction to Anonymous went beyond just the NSA and across the pond to GCHQ, which didn’t just freak out, but actually spent taxpayer funds to launch offensive denial of service attacks on a bunch of mostly innocent teenagers.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Snowden Docs Show GCHQ Tried To DDoS Anonymous”

Subscribe: RSS Leave a comment
Duke (profile) says:

Wondering if this is legal

My first thought about this was whether this was finally clear evidence that GCHQ was acting illegally. I know that there are a few ongoing cases against them, but this seems pretty clear.

From my (far from perfect) understanding of GCHQ’s legal basis, they are limited to two functions:

(a) to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material

(b) to provide advice and assistance about languages, including terminology used for technical matters, and cryptography and other matters relating to the protection of information and other material, to the armed forces of the Crown, to Her Majesty?s Government in the United Kingdom or to a Northern Ireland Department or to any other organisation which is determined for the purposes of this section in such manner as may be specified by the Prime Minister.

I don’t see how DDoSing Anonymous, or cosying up to them fits in (b), and while the former might count as “interfering with electromagnetic emissions” I’m not sure the rest will.

Perhaps this time GCHQ has gone too far?

Arthur Moore (profile) says:

Re: Wondering if this is legal

I was thinking the same, but for different reasons.

I don’t know much about British law, but Techdirt has published several stories about parallel construction. It sounds like GCHQ might have been doing the same thing. It casts doubt over any court cases involving Lulsec and Anonymous.

I wonder, if The UK have the same problem with most cases ending with the defendant pleading guilty. Here in the US they’ll have nice men with badges and guns take family members of the defendant out of work and ask them to call him or her. The threat being that since they also benefited from the alleged crime that they’ll be charged as well. Unless, of course, the defendant agrees to immediately plead guilty to the judge that they have waiting down at the courthouse.

Anonymous Coward says:

Re: Re: Wondering if this is legal

This doesn’t have anything to do with evidence laundering. This doesn’t even have anything to do with evidence gathering or surveillance at all. This has to do with GCHQ launching offensive attacks on targets based on the fact because they decided the the targets needed to be attacked. There is no legal case. No appeal to a court for authorization. No due process. This is a UK government agency stepping way outside of their mandate to unilaterally punish people that they deemed needed punishing.

That Anonymous Coward (profile) says:

Gee one is left to wonder if the things they claim others were doing/could do was based on fear of knowing what they capable of doing.

One wonders how many of the rules governing these spy agencies they have to break before someone finally stops them and asks them what the f__k were they thinking.

But but but terrorism no longer cuts it.

Anonymous Howard (profile) says:

Re: Re:

If Anonymous is capable of shutting down your power grid, then you ought to think through your friggin’ internet security, because it’s ridiculous.

Also, if 133thax0rkidz can hack your infrastructure, then other nations (russia, china, etc) can too, and you have a bigger problems than internet activists.

Sunhawk (profile) says:

Re: Re: Re:

Indeed. If you’re using computer controls for infrastructure, medical devices and such, you need to have both software and hardware safeties. I’ve emphasized this to students in an Ethics in Computing class, and I will again given the opportunity.

If there’s no reason for your generators to run at a sufficient speed to burn out (and there’s not), then you prevent it from being physically able to run that fast. You have one or more operators on site – thus controls should not be even capable of being remotely accessed (remote monitoring isn’t so bad). If a medical device uses radiation to gather information on a patient, it should not be capable of emitting a harmful amount (a real case, that, from a few years back – the hardware relied on the firmware/software for safety, and the software was poorly installed, poorly maintained and poorly operated… leading to, well, microwaving of tender body parts).

It’s basic computer and network security – expose only what needs to be exposed, and make it as physically impossible as possible to access the rest. A bank or business might use a time-locked vault for a very good reason – so that no matter what happens, the vault simply cannot be opened except at the time when it needs to be open to move stuff out. No matter who’s compromised, what information they have, what threats are made, the vault is secure for most of the day or week.

Anonymous Coward says:

Re: Re:

Did those lunatics have access to a time machine?

The United States took over the project in 1904, and took a decade to complete the canal, which was officially opened on August 15, 1914.

The Manhattan Project was a research and development project that produced the first atomic bombs during World War II. … From 1942 to 1946, …

Arthur Moore (profile) says:

Re: Re:

In the early days nuclear fallout wasn’t really understood. If you ignore the radiation, small nukes make handy explosives. Like the ones we use for construction now but larger.

See Also:

Since that didn’t work out we ended up buying a bunch of old nukes from the Russians to power our reactors.

Anonymous Coward says:

Re: Re: Re:

They foolishly used the maximum strength of nuclear devices allowed by the US/USSR 1976 treaty on Peaceful Nuclear Explosions as autodestruction systems, which were one day used against themselves in their foolishness.

The following picture used on wikipedia in the Nuclear Weapons Testing article, coming from US public domain.

Makes one think…Sometimes I think the NSA are aware of something awful and so thats why they justify spying everything. But probably not, I’m just a pleb who isn’t even american so i’m totally fair game. :3

Anonymous Coward says:

Re: Re:

DDoS is a form of protest for individuals and groups that lack the power and authority of the state. Protest is important because it can be an effective counter to abuse of that power and authority. If you already have the power and authority, what could you possibly be protesting? The answer is you aren’t protesting at all. You are abusing that power and authority when you engage in such activity. That is the difference and it is a big one.

Anonymous Coward says:

Re: Re: Re:

Protests are but one of many reasons that are cited as the basis for a DDoS attack, but it must be admitted that a substantial number have been directed at business institutions, government agencies, etc., the disruption of which can cause significant damage to a large segment of the public.

Anonymous Coward says:

Re: Re: Re: Re:

I was speaking to his assertion that because the argument is made that DDoS is “like a sit-in” (which is used as a form of protest) then it validates it as ok for people to do. He is implying that because it is ok for the people to do as a form of protest then it should be ok for a government to do as well. I was merely pointing out that the error in the logic there as the reason it is ok as a form of protest is that that protest is against the abuse of power and authority. So if you already have the power and authority, you haven’t a valid reason to protest and therefore the use of such action becomes an in and of itself an abuse of that power and authority instead of a protest of such.

Anonymous Coward says:

Re: Re: Re: Re:

Actually, protest is an important counter for abuses of power and/or authority of ALL types not just the state. So whether it’s a business or the government, it doesn’t matter. When DDoS is used as a form of protest against such abuse, it can be justified, however if the entity engaging in such activity already has the power and/or authority it can’t be a protest and instead becomes an abuse in and of itself. That’s probably a better way to put it.

Anonymous Coward says:

and remember that DDoSing is illegal as well. also remember that Cameron tried to get the Blackberry network closed down so as to stop people talking to each other during the London riots. as horrendous as they were, it’s hardly the thing to suggest doing from a nations Prime Minister. having said that though, he’s using the fictitious ‘Internet crimes’ as the reason censorship has to take place in the UK! the man is losing the plot! it does seem, however, that the UK is using the most ridiculous excuses to achieve it’s ends.
i heard this morning about the ‘tube strike’ in London. the government is now trying to bring in new laws to stop it happening. it’s anything to undermine and remove the rights of the people. Cameron is trying to back peddal the UK to the days when only the rich and famous had the right to anything. he needs to mind he doesn’t get hauled up before the EUCHR!

out_of_the_blue says:

"The latest Snowden revelation is just bizarre." -- And essentially pointless.

Again, nothing new or breathtaking here, no more than ginning up the netwits — who’ll soon be exhausted by these little leaks, and ignore anything major — IF were anything major in the alleged Snowden pile, which I doubt.

Don’t bother commenting here, (hypothetical) visitor! The rabid Techdirt fanboys censor all opposition! Here’s one NOT lying about it: (198 of 198)


Anonymous Coward says:

I have looked at the PP. Because there is virtually no context provided in the presentation as to why the sites were focused upon, it is not at all clear how you came to the conclusion that such a focus was not warranted.

It seems as if it is being advocated that the sites should be free from scrutiny to do as they want because “boys will be boys”. Without knowing what caught the eye of the government, would that be putting the cart before the horse?

Anonymous Coward says:

Re: Re:

The objection to the action has nothing to do with the government scrutinizing a site, and taken legal action where they have evidence of wrongdoing. Th objection is of a government agency exercising power in an arbitrary fashion to silence critics of governments. Such abuse of power should always to objected to, else you will find that you are forced to agree with the government in everything that it does.

Anonymous Coward says:

Re: Re: Re:

But this begs the question “What was the motivation underlying the focus?” Maybe they thought the site hosted communications critical of the government, but then again maybe not. My point was essentially to note that information that would clarify why the focus does not seem to be present, so conclusions/opinions drawn from the information presented would be speculative in nature.

David says:


Back in 2012, we wrote about NSA boss Keith Alexander’s bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group who might shut down power grids — a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they’ve taken, historically, have been to expose hypocrisy and wrongdoing — not to actually put anyone’s lives in danger.

How is exposing hypocrisy and wrongdoing not putting Alexander’s way of life in danger?

Coyne Tibbets (profile) says:

Anonymous as Intelligence Target: Positively

As an establishment leader (government official or corporate officer closely allied to government) a “terrorist” is anyone who disagrees with policy or embarrasses the policy makers.

Anonymous does both, and is therefore a “terrorist” organization. Of course you send your intelligence agencies to persecute them.

Anonymous Coward says:

“Back in 2012, we wrote about NSA boss Keith Alexander’s bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might?shut down power grids?– a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they’ve taken, historically, have been to expose hypocrisy and wrongdoing?”

“hypocrisy and wrondoing”

Love, Cameron

Anonymous Coward says:

Re: Re:

Speaking of which, my country (Canada) just lost some more of its sovereignty to the US. Not as bad as previously thought, but…

Revenue Canada will have to report to the IRS whenever it feels like looking at some Canadian bank accounts from now on. At first it was directly without RC acting as in-between but they struck this “deal”. If Canadian banks didn’t accept to divulge info they would be basically raped.


Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...