Charting the demise of Anonymous

The end of Anonymous may be near and a series of public and exaggerated claims by the group will now surely be used by governments to justify new legislation.

Hacker collective Anonymous has probably always been bigger than the sum of its individual parts. For the better part of two years it managed to capture headlines for a series of web defacements, denials of service and high profile hacks. And for that time it suited everyone’s purposes:

Governments, for justifying more draconian cyber security laws such as the proposal for ISPs to retain customer data for 2 years; the media for providing a steam of stories about the substantial threat that hackers posed to civil and corporate order everywhere; and most of all to Anonymous themselves for the notoriety that was heaped on its self-declared ranks.

And then people started getting arrested. Over the past two years nearly 60 people have been arrested who have had some association with Anonymous. Most damaging of all was the arrest of Hector Monsegur also known as Sabu who betrayed his fellow hackers by acting as an FBI informant. He was also a prolific presence on social media and his absence has left Twitter quieter as he provided a running commentary on the social issues of the day.

It is possible that Anonymous’ day has passed. Born of the internet in which the lifetime of a “meme” is usually measured in hours, it is amazing that the idea of Anonymous has persisted as long as it has. The end is being hastened however by what seems to be a series of highly public and exaggerated claims.

The first was of the one million Apple device identifiers that Anonymous group AntiSec claimed to have retrieved from an FBI computer. Conspiracy theories bloomed but the truth was more prosaic. The database turned out to have been stolen from a publishing company called BlueToad.

The second event has been the prolonged outage of domain registrar GoDaddy which was claimed as a DDoS attack by a Brazilian hacker who on Twitter is known as AnonymousOwn3r. Acting alone, his claims were always going to be seen as being dubious and GoDaddy eventually announced that the outage was a result of network issues and not because of an attack.

It seems that now any network or computer mishap will be claimed as deliberate and the actual hacks that happen, overblown.  

Unfortunately, this doesn’t mean that there really isn’t a threat from hackers and cyber-terrorism. This is real and the attacks will continue unabated because the real threat has always come from those with financial and nationalist motives. While security firms and governments know about these attacks, they are much harder to publicise because the perpetrators and victims usually do not discuss them in public. This is where groups like Anonymous and AntiSec serve a useful purpose.

They are more than happy to supply the publicity, even if most of it is baseless. The attacks and arrests then serve as a proxy for the real activity that is going on unseen.

Of course, a perhaps logical step in taking advantage of the publicity of a perceived cyber threat would be to actually manufacture that threat deliberately. It will come as no surprise that this has been suggested and AnonymousOwn3r was declared a probable government employee.

But then wouldn’t that just be what Anonymous would really want you to think? 

David Glance is a director at the Centre for Software Practice at The University of Western Australia.