Snowden Docs Show GCHQ Tried To DDoS Anonymous

from the picking-the-wrong-target dept

The latest Snowden revelation is just bizarre. According to a new report at NBC (with help from Glenn Greenwald), UK spies at GCHQ decided to mount a DDoS attack against Anonymous and Lulzsec.
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.
As the report notes, this seems like incredible overkill. While it's true that Anonymous had been somewhat successful in DDoSing some websites, for the most part, those were just basic defacements. They were the equivalent of kids messing around with graffiti -- hardly the sort of thing you send in the intelligence community to disrupt. Similarly, there are some quite reasonable arguments that the kind of attacks that Anonymous was doing were the equivalent of a sit-in, making them a form of expression.
“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said Gabriella Coleman, an anthropology professor at McGill University and author of an upcoming book about Anonymous. “Some have rallied around the name to engage in digital civil disobedience, but nothing remotely resembling terrorism. The majority of those embrace the idea primarily for ordinary political expression.” Coleman estimated that the number of “Anons” engaged in illegal activity was in the dozens, out of a community of thousands.
NBC News gets former White House cyber security official Jason Healey to point out how ridiculous this kind of attack is:
Jason Healey, a former top White House cyber security official under George W. Bush, called the British government’s DDOS attack on Anonymous “silly,” and said it was a tactic that should only be used against another nation-state.

[....] “This is a slippery slope,” said Healey. “It’s not what you should be doing. It justifies [Anonymous]. Giving them this much attention justifies them and is demeaning to our side.”
Further documents show that GCHQ agents more or less infiltrated Anonymous, trying to buddy up with some key members -- and the documents leaked by Snowden show that GCHQ happily explains that the "outcome" of this effort resulted in charges, arrest and conviction against Edward Pearson, who was involved with Anonymous as GZero. Of course, we thought GCHQ was supposed to be focused on non-UK persons. But Pearson is British. The report details a few other UK hackers arrested because of GCHQ spying -- including one who notes that in the documents concerning his arrest, it is never detailed how he was found.

What's not mentioned in the report is that the intelligence community has a history of totally overreacting to Anonymous. Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing -- not to actually put anyone's lives in danger. But it seems that kind of overreaction to Anonymous went beyond just the NSA and across the pond to GCHQ, which didn't just freak out, but actually spent taxpayer funds to launch offensive denial of service attacks on a bunch of mostly innocent teenagers.

Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    Duke (profile), Feb 5th, 2014 @ 4:19am

    Wondering if this is legal

    My first thought about this was whether this was finally clear evidence that GCHQ was acting illegally. I know that there are a few ongoing cases against them, but this seems pretty clear.

    From my (far from perfect) understanding of GCHQ's legal basis, they are limited to two functions:
    (a) to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material

    (b) to provide advice and assistance about languages, including terminology used for technical matters, and cryptography and other matters relating to the protection of information and other material, to the armed forces of the Crown, to Her Majesty’s Government in the United Kingdom or to a Northern Ireland Department or to any other organisation which is determined for the purposes of this section in such manner as may be specified by the Prime Minister.
    I don't see how DDoSing Anonymous, or cosying up to them fits in (b), and while the former might count as "interfering with electromagnetic emissions" I'm not sure the rest will.

    Perhaps this time GCHQ has gone too far?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 4:26am

      Re: Wondering if this is legal

      >My first thought about this was whether this was finally clear evidence that GCHQ was acting illegally.

      Didn't you know? They're above the law.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Arthur Moore (profile), Feb 5th, 2014 @ 4:54am

      Re: Wondering if this is legal

      I was thinking the same, but for different reasons.

      I don't know much about British law, but Techdirt has published several stories about parallel construction. It sounds like GCHQ might have been doing the same thing. It casts doubt over any court cases involving Lulsec and Anonymous.

      I wonder, if The UK have the same problem with most cases ending with the defendant pleading guilty. Here in the US they'll have nice men with badges and guns take family members of the defendant out of work and ask them to call him or her. The threat being that since they also benefited from the alleged crime that they'll be charged as well. Unless, of course, the defendant agrees to immediately plead guilty to the judge that they have waiting down at the courthouse.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 7:31am

        Re: Re: Wondering if this is legal

        This doesn't have anything to do with evidence laundering. This doesn't even have anything to do with evidence gathering or surveillance at all. This has to do with GCHQ launching offensive attacks on targets based on the fact because they decided the the targets needed to be attacked. There is no legal case. No appeal to a court for authorization. No due process. This is a UK government agency stepping way outside of their mandate to unilaterally punish people that they deemed needed punishing.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 5:45am

      Re: Wondering if this is legal

      The human body generates an electromagnetic field, and this field can be detected with certain electromagnetic field meters.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    That Anonymous Coward (profile), Feb 5th, 2014 @ 4:42am

    Gee one is left to wonder if the things they claim others were doing/could do was based on fear of knowing what they capable of doing.

    One wonders how many of the rules governing these spy agencies they have to break before someone finally stops them and asks them what the f__k were they thinking.

    But but but terrorism no longer cuts it.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      Anonymous Howard (profile), Feb 5th, 2014 @ 5:06am

      Re:

      If Anonymous is capable of shutting down your power grid, then you ought to think through your friggin' internet security, because it's ridiculous.

      Also, if 133thax0rkidz can hack your infrastructure, then other nations (russia, china, etc) can too, and you have a bigger problems than internet activists.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 5:22am

        Re: Re:

        I
        If Anonymous is capable of shutting down your power grid,

        Then you have made the mistake of connecting its control systems to the Internet.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 5th, 2014 @ 7:50am

          Re: Re: Re:

          I am not certain but I thought that high profile systems, such as the power system control grid, are on a separate network away from the internet.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Feb 5th, 2014 @ 9:09am

            Re: Re: Re: Re:

            If they aren't someone is getting fired retroactively before they were hired if they have idiocy of that magnitude.

             

            reply to this | link to this | view in chronology ]

      •  
        icon
        Sunhawk (profile), Feb 5th, 2014 @ 4:01pm

        Re: Re:

        Indeed. If you're using computer controls for infrastructure, medical devices and such, you *need to have both software and hardware safeties*. I've emphasized this to students in an Ethics in Computing class, and I will again given the opportunity.

        If there's no reason for your generators to run at a sufficient speed to burn out (and there's not), then you prevent it from being physically able to run that fast. You have one or more operators on site - thus controls should not be even capable of being remotely accessed (remote monitoring isn't so bad). If a medical device uses radiation to gather information on a patient, it should not be capable of emitting a harmful amount (a real case, that, from a few years back - the hardware relied on the firmware/software for safety, and the software was poorly installed, poorly maintained and poorly operated... leading to, well, microwaving of tender body parts).

        It's basic computer and network security - expose only what needs to be exposed, and make it as physically impossible as possible to access the rest. A bank or business might use a time-locked vault for a very good reason - so that no matter what happens, the vault simply cannot be opened except at the time when it needs to be open to move stuff out. No matter who's compromised, what information they have, what threats are made, the vault is secure for most of the day or week.

         

        reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 6:07pm

        Re: Re:

        Any nation can stop power grids, just drop a nuke way high in the skies of multiple cities, BAM, EMP's everywhere.

        Thing is, the real reason nukes exist is that they are never going to be used.

        Except for mini-nukes, those were banned in 1968...officially.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    BentFranklin (profile), Feb 5th, 2014 @ 4:46am

    If you can't control it, kill it.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Ninja (profile), Feb 5th, 2014 @ 4:51am

    If it wasn't for the very real problems that the intelligence community is causing or may cause this would be a comedy article. Reminds me of when some lunatics wanted to blow nuclear bombs to speed up the construction of the Panama Canal...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:09am

    If DDOS is "like a sit-in", then what GCHQ did wasn't so bad, right? It's just like they're sitting-in... in someone's house... hmm... maybe I need to rethink this analogy.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 5:12am

      Re:

      I live inside your computer.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 7:41am

      Re:

      DDoS is a form of protest for individuals and groups that lack the power and authority of the state. Protest is important because it can be an effective counter to abuse of that power and authority. If you already have the power and authority, what could you possibly be protesting? The answer is you aren't protesting at all. You are abusing that power and authority when you engage in such activity. That is the difference and it is a big one.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 7:51am

        Re: Re:

        Protests are but one of many reasons that are cited as the basis for a DDoS attack, but it must be admitted that a substantial number have been directed at business institutions, government agencies, etc., the disruption of which can cause significant damage to a large segment of the public.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 5th, 2014 @ 9:04am

          Re: Re: Re:

          I was speaking to his assertion that because the argument is made that DDoS is "like a sit-in" (which is used as a form of protest) then it validates it as ok for people to do. He is implying that because it is ok for the people to do as a form of protest then it should be ok for a government to do as well. I was merely pointing out that the error in the logic there as the reason it is ok as a form of protest is that that protest is against the abuse of power and authority. So if you already have the power and authority, you haven't a valid reason to protest and therefore the use of such action becomes an in and of itself an abuse of that power and authority instead of a protest of such.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Feb 5th, 2014 @ 9:40am

          Re: Re: Re:

          Actually, protest is an important counter for abuses of power and/or authority of ALL types not just the state. So whether it's a business or the government, it doesn't matter. When DDoS is used as a form of protest against such abuse, it can be justified, however if the entity engaging in such activity already has the power and/or authority it can't be a protest and instead becomes an abuse in and of itself. That's probably a better way to put it.

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:31am

    The majority of those embrace the idea primarily for ordinary political expression.


    Yeah, that's the latest threat to our way of life. Hadn't you heard?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:36am

    and remember that DDoSing is illegal as well. also remember that Cameron tried to get the Blackberry network closed down so as to stop people talking to each other during the London riots. as horrendous as they were, it's hardly the thing to suggest doing from a nations Prime Minister. having said that though, he's using the fictitious 'Internet crimes' as the reason censorship has to take place in the UK! the man is losing the plot! it does seem, however, that the UK is using the most ridiculous excuses to achieve it's ends.
    i heard this morning about the 'tube strike' in London. the government is now trying to bring in new laws to stop it happening. it's anything to undermine and remove the rights of the people. Cameron is trying to back peddal the UK to the days when only the rich and famous had the right to anything. he needs to mind he doesn't get hauled up before the EUCHR!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 5:53am

    I know DDoS attacks against IRC servers aren't uncommon...

    But we're talking about an IRC server being DDoS'd by a security agency.

    A place where people go to talk (regardless of how affiliated they are with Anonymous or not.)

    So I'm guessing this means that Freedom of Speech no longer means shit the fascists in charge.

     

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Feb 5th, 2014 @ 6:43am

    "The latest Snowden revelation is just bizarre." -- And essentially pointless.

    Again, nothing new or breathtaking here, no more than ginning up the netwits -- who'll soon be exhausted by these little leaks, and ignore anything major -- IF were anything major in the alleged Snowden pile, which I doubt.

    Don't bother commenting here, (hypothetical) visitor! The rabid Techdirt fanboys censor all opposition! Here's one NOT lying about it:
    http://www.techdirt.com/articles/20140204/07522126085/new-zealand-spy-agency-deleted-evidence-about- its-illegal-spying-kim-dotcom.shtml#c341 (198 of 198)

    02:43:42[c-850-6]

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:08am

    I have looked at the PP. Because there is virtually no context provided in the presentation as to why the sites were focused upon, it is not at all clear how you came to the conclusion that such a focus was not warranted.

    It seems as if it is being advocated that the sites should be free from scrutiny to do as they want because "boys will be boys". Without knowing what caught the eye of the government, would that be putting the cart before the horse?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 7:37am

      Re:

      The objection to the action has nothing to do with the government scrutinizing a site, and taken legal action where they have evidence of wrongdoing. Th objection is of a government agency exercising power in an arbitrary fashion to silence critics of governments. Such abuse of power should always to objected to, else you will find that you are forced to agree with the government in everything that it does.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 7:44am

        Re: Re:

        But this begs the question "What was the motivation underlying the focus?" Maybe they thought the site hosted communications critical of the government, but then again maybe not. My point was essentially to note that information that would clarify why the focus does not seem to be present, so conclusions/opinions drawn from the information presented would be speculative in nature.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    David, Feb 5th, 2014 @ 7:17am

    Thinlk!

    Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group who might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing -- not to actually put anyone's lives in danger.

    How is exposing hypocrisy and wrongdoing not putting Alexander's way of life in danger?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Coyne Tibbets (profile), Feb 5th, 2014 @ 7:27am

    Anonymous as Intelligence Target: Positively

    As an establishment leader (government official or corporate officer closely allied to government) a "terrorist" is anyone who disagrees with policy or embarrasses the policy makers.

    Anonymous does both, and is therefore a "terrorist" organization. Of course you send your intelligence agencies to persecute them.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 7:46am

    In the last IA class I took, the FIRST thing we had was to learn about and sign a Code of Ethics. One of those good behaviors to learn is that "hacking back" is NOT an ethical thing to do.

    Not sure how/if that applies, or would ideally apply to feral government agencies, tough.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      That One Guy (profile), Feb 5th, 2014 @ 7:59am

      Re:

      Now see, your first mistake was believing that they follow a 'Code of Ethics', or even know what such a thing is.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Feb 5th, 2014 @ 9:43am

        Re: Re:

        There is a reason it's the FIRST thing they learn.

        "Here is the first rule you have to learn. Now that you know that we are going to teach you how to effectively break that rule."

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 8:15am

    Question

    If GCHQ spooks have time for tailored DDoSs against few kids, how do they sift through copies of tons of internet porn which winds up in their hands daily?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:01am

    Time until Anonymous DDOSs Britain: 13:37:20.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 9:47am

    GCHQ is out of control!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    krolork (profile), Feb 5th, 2014 @ 12:46pm

    We need a revolution.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:04pm

    They are not overreacting

    Anonymous is the ONLY group on Earth that is consistently against the programs that these people are running. Simply put, no other group will do nearly as much to harm the intelligence agencies' attempts for power as anonymous will.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 5th, 2014 @ 2:34pm

      Re: They are not overreacting

      I disagree. I would say groups like the EFF and ACLU are consistently against these programs far more effective at fighting them than Anonymous ever will be.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 5th, 2014 @ 2:38pm

    "Back in 2012, we wrote about NSA boss Keith Alexander's bizarre attempt to spread FUD by claiming that Anonymous was the equivalent of a terrorist group that might shut down power grids -- a move that seems way outside of the kinds of things participants in Anonymous have any interest in. The actions they've taken, historically, have been to expose hypocrisy and wrongdoing "

    "hypocrisy and wrondoing"

    Yeah.......terrorism!?
    Love, Cameron

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    M. Alan Thomas II (profile), Feb 5th, 2014 @ 5:22pm

    While there's no specific mandate to do so, I rather wish that my government would object to a foreign government interfering with our residents' constitutional rights (in this case, freedom of association).

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.