LulzSec bust a blow to Anonymous? Not so fast

When an FBI official crowed to FoxNews earlier today that " We're chopping off the head of LulzSec," was there truth in the boast or just a bunch of hyperbole?

Clearly the agency chopped off something. As was widely reported, law enforcement agents on two continents arrested three top members of the computer hacking group and charged two more with conspiracy, based on evidence gathered by LulzSec's leader, who multiple sources said had been secretly working for the government for months, at least since his arrest last summer.

But security experts say it's too early to tell how much damage has been done to the hacking groups that operate under the loose affiliation of Anonymous.

Nick Selby, a Texas police officer and information security consultant, likens it to the U.S. government taking out Osama bin Laden. That was a severe blow to al Qaeda, but it did not eliminate the threat.

"The nature of these groups is that leaders are important and serve as role models, but the group itself is amorphous," he says.

Chet Wisniewski, senior security adviser at Sophos, says he thinks authorities may have "pretty well mopped up" LulzSec. "But they were a pretty small group. To say that they've put a real dent in the Anonymous movement -- we don't really know that yet."

And Graham Cluley, also of Sophos, wrote in a blog post, "It's cloud cuckoo land to believe that the hacktivist element of Anonymous will fall apart because of this."

Still, both Selby and Wisniewski say the damage could be significant for several reasons: First, neither disputes a quote reported in the New York Times from Cole Stryker, an author who has researched Anonymous. According to Stryker, "Anonymous is a handful of geniuses surrounded by a legion of idiots."

To that, Rob Rachwald, writing on the Imperva Data Security Blog adds, "It seems the FBI is taking down the geniuses to paralyze the idiots."

Or, as Selby puts it, "What is the barrier to entry for somebody who wants to be part of it? It's extremely low. It doesn't require massive technical skills -- just reasonable knowledge and a willingness to break the law.

Second, Wisniewski says among those arrested are some "strong leaders. I'm surprised they messed up. Some of them are really quite clever."

That, he says, sends a message that even the smart ones can get taken down.

Third is that, in the case of LulzSec, one of their own turned against them.

The hacker "Sabu," whose name is Hector Xavier Monsegur, 28, is described as an unemployed Puerto Rican father of two, living in a public housing project in New York's Lower East Side.

According to the US Attorney's office for the Southern District of New York, Monsegur pled guilty last August to three counts of computer hacking conspiracy, five counts of computer hacking, one count of computer hacking in furtherance of fraud, one count of conspiracy to commit access device fraud, one count of conspiracy to commit bank fraud, and one count of aggravated identity theft. He faces a maximum sentence of 124 years and six months in prison.

All it took for him to compromise himself, Wisniewski says, was one careless mistake. "He logged into a chat room and forgot to anon himself, and that gave away his identity and other personal information."

His arrest, charges and possible sentence, says Wisniewski, was also probably more than enough to flip him to helping the FBI.

"We're all pretty soft," he says, "not the kind of guys you would confuse with mob heavies. To people like us, it's kind of scary that FBI has been able to flip people in the past and will do so again."

So, while Anonymous might try to launch a new string of attacks in retaliation for the arrests, Wisniewski also believes the day's events may also chill communication within the group.

"They may worry that there are other people on the inside feeding information to the FBI," he says, so they may anonymize themselves from others on the inside, which is possible with electronic crime."

The message is also out there that while Anonymous may gain followers and publicity with stunts like putting confidential law enforcement telephone conversations on YouTube, or with their "F--- FBI Friday" that they have been running for a year or more, that law enforcement is as tenacious as they are.

"Part of the Anonymous slogan is, 'We do not forgive. We do not forget.' Well, that's what the FBI does too," Wisniewski says.

"I think there may be something of a crisis of confidence, with the knowledge that there was a rat in their midst."

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Join the CSO newsletter!

Error: Please check your email address.

More about FBIImpervaSophos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place