Anonymous draws Congressional attention; battles disgruntled members

When Anonymous attacked HBGary Federal back in January, it set off a chain of events that has spawned widespread fascination, fear, anger and some paranoia among the security industry, government, law firms, Congress and even Anonymous itself.

Advice: 7 Ways to avoid getting hacked by Anonymous

The loosely strung collective gained its largest notoriety last year when it leapt to the defense of Wikileaks by attacking Web pages of businesses that helped break access to Wikileaks servers that hosted diplomatic cables stolen from the U.S. State Department.

But sustained interest in the group stems from its theft and publication by Anonymous of 71,800 emails from HBGary in retaliation for its CEO's plan to expose the names of Anonymous members.

The latest fallout is a call by U.S. Rep. Hank Johnson (D-Ga.) for Congress to investigate security firms Palantir Technologies and Berico Technologies both of which hold government contracts. Both were also mentioned in the HBGary emails as part of schemes to discredit Wikileaks, Salon writer Glenn Greenwald and opponents of the U.S. Chamber of Commerce including unions. "I think the investigation should proceed as far as the facts take us," says Johnson in an interview with

So far he's asked the Pentagon to supply copies of contracts it has with the firms, and it's not clear that the Pentagon will have to comply.

As for Anonymous, Johnson says he thinks the Internet needs laws to address activities like the HBGary email theft. "I think we have embarked into a lawless environment with our cyber capabilities now," he says, "and we really need to see what kind of laws are lacking and what laws need to be strengthened to punish any misconduct in cyber space."

Interestingly, he seems aligned with Anonymous in wanting to get to the bottom of some information that came out of the HBGary emails that showed that U.S. Central Command - the Pentagon group running the wars in Iraq and Afghanistan - put out a bid for software that can create and manage multiple social network personalities. Central command says it's to counter violent extremist ideology and enemy propaganda and will be used in Iraq and Afghanistan.

But both Anonymous and Johnson are worried what uses the software might be put to. Anonymous has launched what it calls Operation Metal Gear to investigate what the software does and why it's being developed. "We believe that Metal Gear [the Anonymous code name for the software] involves an army of fake cyber personalities immersed in social networking websites for the purposes of manipulating the mass population via influence, crawling information from major online communities (such as Facebook), and identifying anonymous personalities via correlating stored information from multiple sources to establish connections between separate online accounts, using this information to arrest dissidents and activists who work anonymously."

Since Anonymous claims responsibility for helping disrupt government Web sites in Egypt and other countries to lend support to uprisings, it falls into the category of those who might be arrested.

Johnson makes a connection between the plans to discredit individuals and organizations and the Metal Gear software for which Central Command put out the bid. "When those contractors using that kind of technology, developed pursuant to government contract and utilizing American tax payer dollars, then turn the tools into domestic surveillance and marketing to business organizations, with the goal of discrediting and disrupting and actually destroying organizations that disagree with their clients, doing that domestically is like turning spying tools on the very people who paid for them," Johnson says to

"You should not use tools developed to get at foreign terrorist agents on American citizens who are choosing to exercise their First Amendment rights."

Meanwhile Anonymous allowed journalist Matthew Keys access to one of its chat rooms to participate in conversations among what he describes as top-level Anonymous hackers. He says he kept logs but hasn't decided what to do with them yet.

But two Anonymous members who became disenchanted with the group for its use of teenagers to help execute its activities have taken action against their former colleagues. They formed an entity called Backtrace Security and set up a Web site where they posted chat logs in which Anonymous members discussed the HBGary email theft. The site worked earlier this week, but now redirects to a story that describes the mutual outing going on between Backtrace and Anonymous.

Anonymous posted the names of people it claims make up Backtrace.

Even as the distractions mount, Anonymous has announced another initiative - overturning the government of South Africa, which it says is siphoning off the wealth of the country. A Youtube video featuring a grinning theatrical mask that has been associated with the group is on screen while an electronically altered voice reads a list of the government's shortcomings. "Take to the streets. Take back your country," the voice says. Letters on the screen read, "In 2011 we the people are taking our country back. You will experience the will of the people."

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitylegalcybercrime

More about ExposureFacebookLAN

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place