4chan raids (2003–2007)
The name Anonymous itself is inspired by the perceived anonymity under which users post images and comments on the Internet. Usage of the term Anonymous in the sense of a shared identity began on imageboards, particularly the /b/ board of 4chan, dedicated to random content. A tag of Anonymous is assigned to visitors who leave comments without identifying the originator of the posted content. Users of imageboards sometimes jokingly acted as if Anonymous was a single individual. The concept of the Anonymous entity advanced in 2004 when an administrator on the 4chan image board activated a “Forced_Anon” protocol that signed all posts as Anonymous. As the popularity of imageboards increased, the idea of Anonymous as a collective of unnamed individuals became an Internet meme.
Users of 4chan’s /b/ board would occasionally join into mass pranks or raids. In a raid on July 12, 2006, for example, large numbers of 4chan readers invaded the Finnish social networking site Habbo Hotel with identical avatars; the avatars blocked regular Habbo members from accessing the digital hotel’s pool, stating it was “closed due to fail and AIDS”. Future LulzSec member Topiary became involved with the site at this time, inviting large audiences to listen to his prank phone calls via Skype.[a] Due to the growing traffic on 4chan’s boards, users soon began to plot pranks offline using Internet Relay Chat (IRC). These raids resulted in the first mainstream press story on Anonymous, a report by Fox station KTTV in Los Angeles, California in the U.S. The report called the group “hackers on steroids”, “domestic terrorists”, and an “Internet hate machine”.
Encyclopedia Dramatica (2004–present)
Encyclopedia Dramatica was founded in 2004 by Sherrod DiGrippo, initially as a means of documenting gossip related to livejournal, but it quickly was adopted as a major platform by Anonymous for parody and other purposes. The not safe for work site celebrates a subversive “trolling culture”, and documents Internet memes, culture, and events, such as mass pranks, trolling events, “raids”, large-scale failures of Internet security, and criticism of Internet communities that are accused of self-censorship in order to gain prestige or positive coverage from traditional and established media outlets. Journalist Julian Dibbell described Encyclopædia Dramatica as the site “where the vast parallel universe of Anonymous in-jokes, catchphrases, and obsessions is lovingly annotated, and you will discover an elaborate trolling culture: Flamingly racist and misogynist content lurks throughout, all of it calculated to offend.” The site also played a role in the anti-Scientology campaign of Project Chanology.
On April 14, 2011, the original URL of the site was redirected to a new website named Oh Internet that bore little resemblance to Encyclopedia Dramatica. Parts of the ED community harshly criticized the changes. In response, Anonymous launched “Operation Save ED” to rescue and restore the site’s content. The Web Ecology Project made a downloadable archive of former Encyclopedia Dramatica content. The site’s reincarnation was initially hosted at encyclopediadramatica.ch on servers owned by Ryan Cleary, who later was arrested in relation to attacks by LulzSec against Sony.
Project Chanology (2008)
Anonymous first became associated with hacktivism[b] in 2008 following a series of actions against the Church of Scientology known as Project Chanology. On January 15, 2008, the gossip blog Gawker posted a video in which celebrity Scientologist Tom Cruise praised the religion; and the Church responded with a cease-and-desist letter for violation of copyright. 4chan users organized a raid against the Church in retaliation, prank-calling its hotline, sending black faxes designed to waste ink cartridges, and launching DDoS attacks against its websites.
The DDoS attacks were at first carried out with the Gigaloader and JMeter applications. Within a few days, these were supplanted by the Low Orbit Ion Cannon (LOIC), a network stress-testing application allowing users to flood a server with TCP or UDP packets. The LOIC soon became a signature weapon in the Anonymous arsenal; however, it would also lead to a number of arrests of less experienced Anons who failed to conceal their IP addresses. Some operators in Anonymous IRC channels incorrectly told or lied to new volunteers that using the LOIC carried no legal risk.
During the DDoS attacks, a group of Anons uploaded a YouTube video in which a robotic voice speaks on behalf of Anonymous, telling the “leaders of Scientology” that “For the good of your followers, for the good of mankind—for the laughs—we shall expel you from the Internet.” Within ten days, the video had attracted hundreds of thousands of views.
On February 10, thousands of Anonymous joined simultaneous protests at Church of Scientology facilities around the world. Many protesters wore the stylized Guy Fawkes masks popularized by the graphic novel and film V for Vendetta, in which an anarchist revolutionary battles a totalitarian government; the masks soon became a popular symbol for Anonymous. In-person protests against the Church continued throughout the year, including “Operation Party Hard” on March 15 and “Operation Reconnect” on April 12. However, by mid-year, they were drawing far fewer protesters, and many of the organizers in IRC channels had begun to drift away from the project.
Operation Payback (2010)
By the start of 2009, Scientologists had stopped engaging with protesters and had improved online security, and actions against the group had largely ceased. A period of infighting followed between the politically engaged members (called “moralfags” in the parlance of 4chan) and those seeking to provoke for entertainment (trolls). By September 2010, the group had received little publicity for a year and faced a corresponding drop in member interest; its raids diminished greatly in size and moved largely off of IRC channels, organizing again from the chan boards, particularly /b/.
In September 2010, however, Anons became aware of Aiplex Software, an Indian software company that contracted with film studios to launch DDoS attacks on websites used by copyright infringers, such as The Pirate Bay. Coordinating through IRC, Anons launched a DDoS attack on September 17 that shut down Aiplex’s website for a day. Primarily using LOIC, the group then targeted the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA), successfully bringing down both sites. On September 19, future LulzSec member Mustafa Al-Bassam (known as “Tflow”) and other Anons hacked the website of Copyright Alliance, an anti-infringement group, and posted the name of the operation: “Payback Is A Bitch”, or “Operation Payback” for short. Anons also issued a press release, stating:
Anonymous is tired of corporate interests controlling the internet and silencing the people’s rights to spread information, but more importantly, the right to SHARE with one another. The RIAA and the MPAA feign to aid the artists and their cause; yet they do no such thing. In their eyes is not hope, only dollar signs. Anonymous will not stand this any longer.
As IRC network operators were beginning to shut down networks involved in DDoS attacks, Anons organized a group of servers to host an independent IRC network, titled AnonOps. Operation Payback’s targets rapidly expanded to include the British law firm ACS:Law, the Australian Federation Against Copyright Theft, the British nightclub Ministry of Sound, the Spanish copyright society Sociedad General de Autores y Editores, the U.S. Copyright Office, and the website of Gene Simmons of Kiss. By October 7, 2010, total downtime for all websites attacked during Operation Payback was 537.55 hours.
In November 2010, the organization WikiLeaks began releasing hundreds of thousands of leaked U.S. diplomatic cables. In the face of legal threats against the organization by the U.S. government, Amazon.com booted WikiLeaks from its servers, and PayPal, MasterCard, and Visa cut off service to the organization. Operation Payback then expanded to include “Operation Avenge Assange“, and Anons issued a press release declaring PayPal a target. Launching DDoS attacks with the LOIC, Anons quickly brought down the websites of the PayPal blog; PostFinance, a Swiss financial company denying service to WikiLeaks; EveryDNS, a web-hosting company that had also denied service; and the website of U.S. Senator Joe Lieberman, who had supported the push to cut off services.
On December 8, Anons launched an attack against PayPal’s main site. According to Topiary, who was in the command channel during the attack, the LOIC proved ineffective, and Anons were forced to rely on the botnets of two hackers for the attack, marshaling hijacked computers for a concentrated assault. Security researcher Sean-Paul Correll also reported that the “zombie computers” of involuntary botnets had provided 90% of the attack. Topiary states that he and other Anons then “lied a bit to the press to give it that sense of abundance”, exaggerating the role of the grassroots membership. However, this account was disputed.
The attacks brought down PayPal.com for an hour on December 8 and another brief period on December 9. Anonymous also disrupted the sites for Visa and MasterCard on December 8. Anons had announced an intention to bring down Amazon.com as well, but failed to do so, allegedly because of infighting with the hackers who controlled the botnets. PayPal estimated the damage to have cost the company US$5.5 million. It later provided the IP addresses of 1,000 of its attackers to the FBI, leading to at least 14 arrests. On Thursday, December 5, 2013, 13 of the PayPal 14 pleaded guilty to taking part in the attacks.
In the years following Operation Payback, targets of Anonymous protests, hacks, and DDoS attacks continued to diversify. Beginning in January 2011, Anons took a number of actions known initially as Operation Tunisia in support of Arab Spring movements. Tflow created a script that Tunisians could use to protect their web browsers from government surveillance, while fellow future LulzSec member Hector Xavier Monsegur (alias “Sabu”) and others allegedly hijacked servers from a London web-hosting company to launch a DDoS attack on Tunisian government websites, taking them offline. Sabu also used a Tunisian volunteer’s computer to hack the website of Prime Minister Mohamed Ghannouchi, replacing it with a message from Anonymous. Anons also helped Tunisian dissidents share videos online about the uprising. In Operation Egypt, Anons collaborated with the activist group Telecomix to help dissidents access government-censored websites. Sabu and Topiary went on to participate in attacks on government websites in Bahrain, Egypt, Libya, Jordan, and Zimbabwe.
Tflow, Sabu, Topiary, and Ryan Ackroyd (known as “Kayla”) collaborated in February 2011 on a cyber-attack against Aaron Barr, CEO of the computer security firm HBGary Federal, in retaliation for his research on Anonymous and his threat to expose members of the group. Using a SQL injection weakness, the four hacked the HBGary site, used Barr’s captured password to vandalize his Twitter feed with racist messages, and released an enormous cache of HBGary’s e-mails in a torrent file on Pirate Bay. The e-mails stated that Barr and HBGary had proposed to Bank of America a plan to discredit WikiLeaks in retaliation for a planned leak of Bank of America documents, and the leak caused substantial public relations harm to the firm as well as leading one U.S. congressman to call for a congressional investigation. Barr resigned as CEO before the end of the month.
Several attacks by Anons have targeted organizations accused of homophobia. In February 2011, an open letter was published on AnonNews.org threatening the Westboro Baptist Church, an organization based in Kansas in the U.S. known for picketing funerals with signs reading “God Hates Fags”. During a live radio current affairs program in which Topiary debated church member Shirley Phelps-Roper, Anons hacked one of the organization’s websites. After the church announced its intentions in December 2012 to picket the funerals of the Sandy Hook Elementary School shooting victims, Anons published the names, phone numbers, and e-mail and home addresses of church members and brought down GodHatesFags.com with a DDoS attack. Hacktivists also circulated petitions to have the church’s tax-exempt status investigated. In August 2012, Anons hacked the site of Ugandan Prime Minister Amama Mbabazi in retaliation for the Parliament of Uganda‘s consideration of an anti-homosexuality law permitting capital punishment.
In April 2011, Anons launched a series of attacks against Sony in retaliation for trying to stop hacks of the PlayStation 3 game console. More than 100 million Sony accounts were compromised, and the Sony services Qriocity and PlayStation Network were taken down for a month apiece by cyberattacks.
In August 2011, Anons launched an attack against BART in San Francisco, which they dubbed #OpBart. The attack, made in response to the killing of Charles Hill a month prior, resulted in customers’ personal information leaked onto the group’s website.
When the Occupy Wall Street protests began in New York City in September 2011, Anons were early participants and helped spread the movement to other cities such as Boston. In October, some Anons attacked the website of the New York Stock Exchange while other Anons publicly opposed the action via Twitter. Some Anons also helped organize an Occupy protest outside the London Stock Exchange on May 1, 2012.
Anons launched Operation Darknet in October 2011, targeting websites hosting child pornography. In particular, the group hacked a child pornography site called “Lolita City” hosted by Freedom Hosting, releasing 1,589 usernames from the site. Anons also said that they had disabled forty image-swapping pedophile websites that employed the anonymity network Tor. In 2012, Anons leaked the names of users of a suspected child porn site in OpDarknetV2. Anonymous launched the #OpPedoChat campaign on Twitter in 2012 as a continuation of Operation Darknet. In attempt to eliminate child pornography from the internet, the group posted the emails and IP addresses of suspected pedophiles on the online forum PasteBin.
In 2011, the Koch Industries website was attacked following their attack upon union members, resulting in their website being made inaccessible for 15 minutes. In 2013, one member, a 38-year-old truck driver, pleaded guilty when accused of participating in the attack for a period of one minute, and received a sentence of two years federal probation, and ordered to pay $183,000 restitution, the amount Koch stated they paid a consultancy organisation, despite this being only a denial of service attack.
On January 19, 2012, the U.S. Department of Justice shut down the file-sharing site Megaupload on allegations of copyright infringement. Anons responded with a wave of DDoS attacks on U.S. government and copyright organizations, shutting down the sites for the RIAA, MPAA, Broadcast Music, Inc., and the FBI.
In April 2012, Anonymous hacked 485 Chinese government websites, some more than once, to protest the treatment of their citizens. They urged people to “fight for justice, fight for freedom, [and] fight for democracy”.
In 2012, Anonymous launched Operation Anti-Bully: Operation Hunt Hunter in retaliation to Hunter Moore’s revenge porn site, “Is Anyone Up?” Anonymous crashed Moore’s servers and publicized much of his personal information online, including his social security number. The organization also published the personal information of Andrew Myers, the proprietor of “Is Anyone Back”, a copycat site of Moore’s “Is Anyone Up?”
In response to Operation Pillar of Defense, a November 2012 Israeli military operation in the Gaza Strip, Anons took down hundreds of Israeli websites with DDoS attacks. Anons pledged another “massive cyberassault” against Israel in April 2013 in retaliation for its actions in Gaza, promising to “wipe Israel off the map of the Internet”. However, its DDoS attacks caused only temporary disruptions, leading cyberwarfare experts to suggest that the group had been unable to recruit or hire botnet operators for the attack.
Million Mask March
On 5 November 2013, Anonymous protesters gathered around the world for the Million Mask March. Demonstrations were held in 400 cities around the world to coincide with Guy Fawkes Night. This has not been the only march; there have been quite a few others over the years, such as the 2015 march, which formed into a riot and went out of control in London, UK.
Operation Oklahoma was a Mutual Aid effort responding to the 2013 flash floods and wind storms in the United States.
Operation Safe Winter
Operation Safe Winter was an effort to raise awareness about homelessness through the collection, collation, and redistribution of resources. This program began on 7 November 2013 after an online call to action from Anonymous UK. Three missions using a charity framework were suggested in the original global spawning a variety of direct actions from used clothing drives to pitch in community potlucks feeding events in the UK, US and Turkey.
The #OpSafeWinter call to action quickly spread through the mutual aid communities like Occupy Wall Street and its offshoot groups like the open-source-based OccuWeather. With the addition of the long-term mutual aid communities of New York City and online hacktivists in the US, it took on an additional three suggested missions. Encouraging participation from the general public, this operation has raised questions of privacy and the changing nature of the Anonymous community’s use of monikers. The project to support those living on the streets while causing division in its own online network has been able to partner with many efforts and organizations not traditionally associated with Anonymous or online activists.
Shooting of Michael Brown
In the wake of the fatal police shooting of unarmed African-American Michael Brown in Ferguson, Missouri, “Operation Ferguson”—a hacktivist organization that claimed to be associated with Anonymous—organized cyberprotests against police, setting up a website and a Twitter account to do so. The group promised that if any protesters were harassed or harmed, they would attack the city’s servers and computers, taking them offline. City officials said that e-mail systems were targeted and phones died, while the Internet crashed at the City Hall. Prior to August 15, members of Anonymous corresponding with Mother Jones said that they were working on confirming the identity of the undisclosed police officer who shot Brown and would release his name as soon as they did. On August 14, Anonymous posted on its Twitter feed what it claimed was the name of the officer involved in the shooting. However, police said the identity released by Anonymous was incorrect. Twitter subsequently suspended the Anonymous account from its service.
It was reported on 19 November 2014 that Anonymous had declared cyber war on the Ku Klux Klan (KKK) the previous week, after the KKK had made death threats following the Ferguson riots. They hacked the KKK’s Twitter account, attacked servers hosting KKK sites, and started to release the personal details of members.
Shooting of Tamir Rice
On November 24, 2014, Anonymous shut down the Cleveland city website and posted a video after Tamir Rice, a twelve-year-old boy armed only with a BB gun, was shot to death by a police officer in a Cleveland park. Anonymous also used BeenVerified to uncover the phone number and address of a police officer involved in the shooting.
Charlie Hebdo shootings
In January 2015, Anonymous released a video and a statement via Twitter condemning the attack on Charlie Hebdo, in which 12 people, including eight journalists, were fatally shot. The video, claiming that it is “a message for al-Qaeda, the Islamic State and other terrorists”, was uploaded to the group’s Belgian account. The announcement stated that “We, Anonymous around the world, have decided to declare war on you, the terrorists” and promises to avenge the killings by “shut[ting] down your accounts on all social networks.” On January 12, they brought down a website that was suspected to belong to one of these groups. Critics of the action warned that taking down extremists’ websites would make them harder to monitor.
Anti-Islamic “Reclaim Australia” rally
Anonymous opposed Anti-Islamic Reclaim Australia rallies and described it as “an extreme right-wing group inciting religious hatred.” It also promised to organize counter-rallies on April 4, 2015.
On June 17, 2015, Anonymous claimed responsibility for a Denial of Service attack against Canadian government websites in protest of the passage of bill C-51—an anti-terror legislation that grants additional powers to Canadian intelligence agencies. The attack temporarily affected the websites of several federal agencies.
On 28 October 2015, Anonymous announced that it would reveal the names of up to 1,000 members of the Ku Klux Klan and other affiliated groups, stating in a press release, “You are terrorists that hide your identities beneath sheets and infiltrate society on every level. The privacy of the Ku Klux Klan no longer exists in cyberspace.” On November 2, a list of 57 phone numbers and 23 email addresses (that allegedly belong to KKK members) was reportedly published and received media attention. However, a tweet from the “@Operation_KKK” Twitter account the same day denied it had released that information The group stated it planned to, and later did, reveal the names on November 5.
Since 2013, Saudi Arabian hacktivists have been targeting government websites protesting the actions of the regime. These actions have seen attacks supported by the possibly Iranian backed Yemen Cyber Army.
In November 2015, Anonymous announced a major, sustained operation against ISIS following the November 2015 Paris attacks, declaring, “Anonymous from all over the world will hunt you down. You should know that we will find you and we will not let you go.” ISIS responded on Telegram by calling them “idiots”, and asking “What they gonna to [sic] hack?” By the next day, however, Anonymous claimed to have taken down 3,824 pro-ISIS Twitter accounts, and by the third day, more than 5,000, and to have doxxed recruiters. A week later, Anonymous increased their claim to 20,000 accounts and released a list of the accounts. The list included the Twitter accounts of Barack Obama, Hillary Clinton, The New York Times and BBC News. The BBC reported that most of the accounts on the list appeared to be still active. A spokesman for Twitter told The Daily Dot that the company is not using the lists of accounts being reported by Anonymous, as they have been found to be “wildly inaccurate” and include accounts used by academics and journalists.
In 2015, a group that claims affiliation with Anonymous group, calling themselves as AnonSec, claimed to have hacked and gathered almost 276 GB of data from NASA servers including NASA flight and radar logs and videos, and also multiple documents related to ongoing research. AnonSec group also claimed gaining access of a Global Hawk Drone of NASA, and released some video footage purportedly from the drone’s cameras. A part of the data was released by AnonSec on Pastebin service, as an Anon Zine. NASA has denied the hack, asserting that the control of the drones were never compromised, but has acknowledged that the photos released along with the content are real photographs of its employees, but that most of these data are already available in the public domain.
#BoycottThailand: Thailand jail hack
The Blink Hacker Group, associating themselves with the Anonymous group, claimed to have hacked the Thailand prison websites and servers. The compromised data has been shared online, with the group claiming that they give the data back to Thailand Justice and the citizens of Thailand as well. The hack was done in response to news from Thailand about the mistreatment of prisoners in Thailand.
2016 US presidential election
In March 2016, Anonymous was reported to have declared war on Donald Trump. However, the “Anonymous Official” YouTube channel released a video denouncing #OpTrump as an operation that “goes against everything Anonymous stands for” in reference to censorship and added “we are for everyone letting their voices be heard, even, if the person at hand … is a monster.”[third-party source needed]
In late 2017, QAnon, a pro-Trump group claiming to be the “real” Anonymous, first emerged on 4chan. In response, anti-Trump members of Anonymous warned that QAnon was stealing the collective’s branding.
South African corruption
A group calling themselves Anonymous Africa launched a number of DDoS attacks on websites associated with the controversial South African Gupta family in mid-June 2016. Gupta-owned companies targeted included the websites of Oakbay Investments, The New Age, and ANN7. The websites of the South African Broadcasting Corporation and a political parties Economic Freedom Fighters and Zimbabwe’s Zanu-PF were also attacked for “nationalist socialist rhetoric and politicising racism.”
United Nations hack
In February 2020, Anonymous hacked the United Nations‘ website and created a page for Taiwan, a country which has not had a seat at the UN since 1971. The hacked page featured the Flag of Taiwan, the KMT emblem, a Taiwan Independence flag, and the Anonymous logo along with a caption. The hacked server belonged to the United Nations Department of Economic and Social Affairs.
Killing of George Floyd
In the wake of protests across the U.S following the killing of George Floyd, Anonymous released a video on Facebook as well as sending it out to the Minneapolis Police Department on May 28, 2020, titled “Anonymous Message To The Minneapolis Police Department”, in which they state that they are going to seek revenge on the Minneapolis Police Department, and “expose their crimes to the world”. According to Bloomberg, the video was initially posted on an unconfirmed Anonymous Facebook page on May 28.
According to BBC News, that same Facebook page had no notoriety and published videos of dubious content linked to UFOs and “China’s plan to take over the world”. It gained repercussions after the video about George Floyd was published and the Minneapolis police website, which is responsible for the police officer, was down. Later, Minnesota Governor Tim Walz said that every computer in the region suffered a sophisticated attack. According to BBC News, the attack on the police website using DDoS (Distributed Denial of Service) was unsophisticated.
According to researcher Troy Hunt, these breaches of the site may have happened from old credentials. Regarding unverified Twitter posts that also went viral, where radio stations of police officers playing music and preventing communication are shown, experts point out that this is unlikely to be due to a hack attack – if they are real. Later, it was confirmed by CNET that the leaks made from the police website are false and that someone is taking advantage of the repercussions of George Floyd’s death to spread misinformation.
Trump-Epstein rape lawsuit and other high-profile accusations
On May 31, 2020, a person or group claiming to be part of the Anonymous collective tweeted that they have uploaded a number of documents to the Scribd account OpDeathEaters that contain incriminating evidence against U.S. President Donald J. Trump and Jeffrey Epstein in multiple cases of paedophilia, rape and sexual assault. According to what they found Epstein and Trump were co-defendants in the one case.[third-party source needed]
They further claimed to have evidence that the British royal family had Princess Diana murdered because she had incriminating evidence against the royal family’s involvement in a sex-trafficking ring. Other high-profile accusations involved Bill Gates and Naomi Campbell. Anonymous, issued an open letter to Gates. In the letter, Anonymous claimed Gates had advocated for strict measures, including a surveillance system that could track infected people. Anonymous said: “In the midst of a historical pandemic, much of the world is looking to you for solutions, and it seems that this is no mistake, because you have positioned yourself as the Nostradamus of disease.” Gates recently suggested implementing a “national tracking system similar to South Korea” during an online Ask Me Anything (AMA) session on Reddit. Gates also advocated for social distancing as a viable way to reduce the number of infections. Later the same day most of these tweets disappeared from their accounts, but continued circulating as screenshots on Twitter, Facebook and Reddit.
Buffalo New York Website Hacking
On June 6, 2020, the Buffalo NY website was supposedly hacked by Anonymous. While the website was up and running after a few minutes, Anonymous tweeted again on twitter urging that it be taken down. A few minutes later, the Buffalo NY website was taken down again.
In May 2011, the small group of Anons behind the HBGary Federal hack—including Tflow, Topiary, Sabu, and Kayla—formed the hacker group “Lulz Security”, commonly abbreviated “LulzSec”. The group’s first attack was against Fox.com, leaking several passwords, LinkedIn profiles, and the names of 73,000 X Factor contestants. In May 2011, members of Lulz Security gained international attention for hacking into the American Public Broadcasting Service (PBS) website. They stole user data and posted a fake story on the site that claimed that rappers Tupac Shakur and Biggie Smalls were still alive and living in New Zealand. LulzSec stated that some of its hacks, including its attack on PBS, were motivated by a desire to defend WikiLeaks and its informant Chelsea Manning.
In June 2011, members of the group claimed responsibility for an attack against Sony Pictures that took data that included “names, passwords, e-mail addresses, home addresses and dates of birth for thousands of people.” In early June, LulzSec hacked into and stole user information from the pornography website www.pron.com. They obtained and published around 26,000 e-mail addresses and passwords. On June 14, 2011, LulzSec took down four websites by request of fans as part of their “Titanic Take-down Tuesday”. These websites were Minecraft, League of Legends, The Escapist, and IT security company FinFisher. They also attacked the login servers of the multiplayer online game EVE Online, which also disabled the game’s front-facing website, and the League of Legends login servers. Most of the takedowns were performed with DDoS attacks.
LulzSec also hacked a variety of government-affiliated sites, such as chapter sites of InfraGard, a non-profit organization affiliated with the FBI. The group leaked some of InfraGard member e-mails and a database of local users. On June 13, LulzSec released the e-mails and passwords of a number of users of senate.gov, the website of the U.S. Senate. On June 15, LulzSec launched an attack on cia.gov, the public website of the U.S. Central Intelligence Agency, taking the website offline for several hours with a distributed denial-of-service attack. On December 2, an offshoot of LulzSec calling itself LulzSec Portugal attacked several sites related to the government of Portugal. The websites for the Bank of Portugal, the Assembly of the Republic, and the Ministry of Economy, Innovation and Development all became unavailable for a few hours.
On June 26, 2011, the core LulzSec group announced it had reached the end of its “50 days of lulz” and was ceasing operations. Sabu, however, had already been secretly arrested on June 7 and then released to work as an FBI informant. His cooperation led to the arrests of Ryan Cleary, James Jeffery, and others. Tflow was arrested on July 19, 2011, Topiary was arrested on July 27, and Kayla was arrested on March 6, 2012. Topiary, Kayla, Tflow, and Cleary pleaded guilty in April 2013 and were scheduled to be sentenced in May 2013. In April 2013, Australian police arrested the alleged LulzSec leader Aush0k, but subsequent prosecutions failed to establish police claims.
Beginning in June 2011, hackers from Anonymous and LulzSec collaborated on a series of cyber attacks known as “Operation AntiSec”. On June 23, in retaliation for the passage of the immigration enforcement bill Arizona SB 1070, LulzSec released a cache of documents from the Arizona Department of Public Safety, including the personal information and home addresses of many law enforcement officers. On June 22, LulzSec Brazil took down the websites of the Government of Brazil and the President of Brazil. Later data dumps included the names, addresses, phone numbers, Internet passwords, and Social Security numbers of police officers in Arizona, Missouri, and Alabama. AntiSec members also stole police officer credit card information to make donations to various causes.
On July 18, LulzSec hacked into and vandalized the website of British newspaper The Sun in response to a phone-hacking scandal. Other targets of AntiSec actions have included FBI contractor ManTech International, computer security firm Vanguard Defense Industries, and defense contractor Booz Allen Hamilton, releasing 90,000 military e-mail accounts and their passwords from the latter.
In December 2011, AntiSec member “sup_g” (alleged by the U.S. government to be Jeremy Hammond) and others hacked Stratfor, a U.S.-based intelligence company, vandalizing its web page and publishing 30,000 credit card numbers from its databases. AntiSec later released millions of the group’s e-mails to Wikileaks.
Arrests and trials
Since 2009, dozens of people have been arrested for involvement in Anonymous cyberattacks, in countries including the U.S., UK, Australia, the Netherlands, Spain, and Turkey. Anons generally protest these prosecutions and describe these individuals as martyrs to the movement. The July 2011 arrest of LulzSec member Topiary became a particular rallying point, leading to a widespread “Free Topiary” movement.
The first person to be sent to jail for participation in an Anonymous DDoS attack was Dmitriy Guzner, an American 19-year-old. He pleaded guilty to “unauthorized impairment of a protected computer” in November 2009 and was sentenced to 366 days in U.S. federal prison.
On June 13, 2011, officials in Turkey arrested 32 individuals that were allegedly involved in DDoS attacks on Turkish government websites. These members of Anonymous were captured in different cities of Turkey including Istanbul and Ankara. According to PC Magazine, these individuals were arrested after they attacked websites as a response to the Turkish government demand to ISPs to implement a system of filters that many have perceived as censorship.
Chris Doyon (alias “Commander X”), a self-described leader of Anonymous, was arrested in September 2011 for a cyberattack on the website of Santa Cruz County, California. He jumped bail in February 2012 and fled across the border into Canada.
In September 2012, journalist and Anonymous associate Barrett Brown, known for speaking to media on behalf of the group, was arrested hours after posting a video that appeared to threaten FBI agents with physical violence. Brown was subsequently charged with 17 offenses, including publishing personal credit card information from the Stratfor hack.
Operation Avenge Assange
Several law enforcement agencies took action after Anonymous’ Operation Avenge Assange. In January 2011, the British police arrested five male suspects between the ages of 15 and 26 with suspicion of participating in Anonymous DDoS attacks. During July 19–20, 2011, as many as 20 or more arrests were made of suspected Anonymous hackers in the US, UK, and Netherlands. According to the statements of U.S. officials, suspects’ homes were raided and suspects were arrested in Alabama, Arizona, California, Colorado, Washington DC, Florida, Massachusetts, Nevada, New Mexico, and Ohio. Additionally, a 16-year-old boy was held by the police in south London on suspicion of breaching the Computer Misuse Act 1990, and four were held in the Netherlands.
AnonOps admin Christopher Weatherhead (alias “Nerdo”), a 22-year-old who had reportedly been intimately involved in organising DDoS attacks during “Operation Payback”, was convicted by a UK court on one count of conspiracy to impair the operation of computers in December 2012. He was sentenced to 18 months’ imprisonment. Ashley Rhodes, Peter Gibson, and another male had already pleaded guilty to the same charge for actions between August 2010 and January 2011.
Evaluations of Anonymous’ actions and effectiveness vary widely. In a widely shared post, blogger Patrick Gray wrote that private security firms “secretly love” the group for the way in which it publicises cyber security threats. Anonymous is sometimes stated to have changed the nature of protesting, and in 2012, Time called it one of the “100 most influential people” in the world.
In 2012, Public Radio International reported that the U.S. National Security Agency considered Anonymous a potential national security threat and had warned the president that it could develop the capability to disable parts of the U.S. power grid. In contrast, CNN reported in the same year that “security industry experts generally don’t consider Anonymous a major player in the world of cybercrime” due the group’s reliance on DDoS attacks that briefly disabled websites rather than the more serious damage possible through hacking. One security consultant compared the group to “a jewelry thief that drives through a window, steal jewels, and rather than keep them, waves them around and tosses them out to a crowd … They’re very noisy, low-grade crimes.” In its 2013 Threats Predictions report, McAfee wrote that the technical sophistication of Anonymous was in decline and that it was losing supporters due to “too many uncoordinated and unclear operations”.
Graham Cluley, a security expert for Sophos, argued that Anonymous’ actions against child porn websites hosted on a darknet could be counterproductive, commenting that while their intentions may be good, the removal of illegal websites and sharing networks should be performed by the authorities, rather than Internet vigilantes. Some commentators also argued that the DDoS attacks by Anonymous following the January 2012 Stop Online Piracy Act protests had proved counterproductive. Molly Wood of CNET wrote that “[i]f the SOPA/PIPA protests were the Web’s moment of inspiring, non-violent, hand-holding civil disobedience, #OpMegaUpload feels like the unsettling wave of car-burning hooligans that sweep in and incite the riot portion of the play.” Dwight Silverman of the Houston Chronicle concurred, stating that “Anonymous’ actions hurt the movement to kill SOPA/PIPA by highlighting online lawlessness.” The Oxford Internet Institute‘s Joss Wright wrote that “In one sense the actions of Anonymous are themselves, anonymously and unaccountably, censoring websites in response to positions with which they disagree.”
Gabriella Coleman has compared the group to the trickster archetype and said that “they dramatize the importance of anonymity and privacy in an era when both are rapidly eroding. Given that vast databases track us, given the vast explosion of surveillance, there’s something enchanting, mesmerizing and at a minimum thought-provoking about Anonymous’ interventions”. When asked what good Anonymous had done for the world, Parmy Olson replied:
In some cases, yes, I think it has in terms of some of the stuff they did in the Middle East supporting the pro-democracy demonstrators. But a lot of bad things too, unnecessarily harassing people – I would class that as a bad thing. DDOSing the CIA website, stealing customer data and posting it online just for shits and giggles is not a good thing.
Quinn Norton of Wired wrote of the group in 2011:
I will confess up front that I love Anonymous, but not because I think they’re the heroes. Like Alan Moore’s character V who inspired Anonymous to adopt the Guy Fawkes mask as an icon and fashion item, you’re never quite sure if Anonymous is the hero or antihero. The trickster is attracted to change and the need for change, and that’s where Anonymous goes. But they are not your personal army – that’s Rule 44 – yes, there are rules. And when they do something, it never goes quite as planned. The internet has no neat endings.
Furthermore, Landers assessed the following in 2008:
Anonymous is the first internet-based super-consciousness. Anonymous is a group, in the sense that a flock of birds is a group. How do you know they’re a group? Because they’re travelling in the same direction. At any given moment, more birds could join, leave, peel off in another direction entirely.
Sam Esmail, the creator of the USA Network show Mr. Robot, said in an interview with Motherboard that he was inspired by Anonymous when creating the hacktivist drama. Furthermore, Wired calls the “Omegas”, a fictitious hacker group in the show, “a clear reference to the Anonymous offshoot known as LulzSec“. A member of Anonymous called Mr. Robot “the most accurate portrayal of security and hacking culture ever to grace the screen”. In the TV series Elementary a hacktivist collective called “Everyone” plays a recurring role; there are several hints and similarities to Anonymous.