Anatomy of an Anonymous Attack - 1 views
-
Stephen R on 25 Mar 12This article, recently published by security firm Imperva, investigates how an Anonymous attack is mounted. A Particularly interesting point is that this article makes no mention of IRC channels, instead painting Facebook, Twitter and Youtube channels as the main methods of communication for Anonymous. Also interesting is that such communication is referred to as recruitment, recruitment of technically savvy hackers and not so technically savvy activists who are willing to participate in the attack. Particular attention should be paid to pages 6-8 which outline the recruitment activities over Facebook, Youtube and Twitter. Imperva outline the technical methods used to stage the attack, mentioning that there are 10 -15 'Anons' working to analyse the victim website for security vulnerabilities. These are more experienced hackers who are searching for a vulnerability that might allow them to retrieve private data from the victim (p.6). Although not mentioned in this article, perhaps these experienced hackers collaborate using Internet Relay Chat. When no vulnerability was found, Imperva notes that Anonymous instead tries a DDoS attack, but instead of employing the LOIC, a web based version is used for ease of participation (p.13). This way, users of any device can be recruited (through social media) into participate in the attack with minimum of barriers to entry. Although this article focusses heavily on the technical aspect of the attack, a significant portion of the article deals with the recruitment of participant through social media, alongside discussion of the online variant of the LOIC collaborative Denial of Service tool. Anatomy of an Anonymous Attack. 2012. Imperva. http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf
-
ianzed on 10 Apr 12This document may prove to be quite a significant additional reference to my focus of my chosen topic of the Anonymous movement and hacktivism. This article discusses precisely what Mansfield-Devine (2011) neglected to note; that within the Anonymous movement, there are a number of individuals with significant hacking skills who are able to retrieve valuable data from the targets of Anonymous attacks. The article quite thoroughly deconstructs the order in which Anonymous attacks typically occur, the differences between the two major types of individuals who participate, and circumstances under which Anonymous attacks are generally able to be successfully performed (2012). Of particular interest, is the emphasis placed on the importance of acknowledging the fact that Anonymous attacks are not always as harmless as they may appear. Another interesting note is found within the conclusion of the report. The report suggests that targeted, small-scale data retrieval attacks are the preferred means of attack for the Anonymous movement and that "DDoS is the hacker's last resort" (Anatomy of an Anonymous Attack, 2012). This would suggest that unlike many sources of information regarding Anonymous hacktivism attacks, Imperva has identified the serious nature of many incidents involving the Anonymous movement, which do not necessarily receive as much immediate attention as a simple DDoS attack may. Anatomy of an Anonymous Attack. (2012). Imperva. Retrieved from http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf Mansfield-Devine, S. (2011). Anonymous: Serious threat or mere annoyance? Network Security 1: 4-10. Retrieved from http://www.sciencedirect.com.dbgw.lis.curtin.edu.au/science/article/pii/S1353485811700046