Anonymous and LulzSec: Robin Hoods of the Web?
Hackers are usually shadowy, secretive figures. So why are Anonymous and LulzSec dancing in the lime light, painting themselves as charismatic outlaws?
(Page 3 of 3)
Still, Anti-Sec is a large and mutable campaign, and it's often hard to tell which attacks have been perpetrated for political reasons, and which have been perpetrated because the targets were simply vulnerable.Skip to next paragraph
Subscribe Today to the Monitor
The "antigovernment and anticorruption stance is great cover to just cause random mayhem," says "Space Rogue," a security consultant and editor of the Hacker News Network who publishes under his Internet pseudonym. "I mean, you can attack almost anything, claim it was anticorruption or anti-big business or whatever and get away with it in the public's mind. This, of course, just perpetuates your 'brand' and garners more support."
Moreover, Space Rogue continues, the bluster of the Anti-Sec hackers helps disguise the fact that the exploits in question aren't necessarily the most proficient.
"What kind of upsets me is that there is little to no actual hacking going on here, at least not in the traditional sense of the word," he says. "I mean, if I spend 10 minutes Googling 'rootkit,' download a program, read the directions, and start infecting machines, have I really 'hacked' anything? Seriously, it is that easy. A caveman could do it.... But because people don't understand it, they fear it, and fear sells."
Riding off into digital sunset
Fear sells particularly well in the media, which worries analysts such as Mr. Wisniewski, of Sophos. Fans of Anonymous and LulzSec sometimes overlook the fact that they have become "collateral damage" in someone else's war, he says. Earlier this year, for instance, Anonymous aided an attack against Sony – a frequent Anti-Sec target – that exposed more than 100 million user accounts.
"Here you have a bunch of guys deciding your [ZIP] Code, your birthday, your Social Security number is just a disposable thing in a battle they perceive as having against corporate America," Wisniewski says. "You can be cast aside."
Meanwhile, in soaking up mainstream media attention, LulzSec and Anonymous have provided a distraction from more serious security concerns.
"We've got the Pentagon talking about cyberwar," Wisniewski says. "We've got mass fraud on Facebook. We've got credit card [numbers] being stolen. We've got literally billions of dollars bilked out of people by Russian cybercriminals, but we're not talking about that. It's disappointing."
In July, in an interesting postscript to the Arizona attacks, LulzSec revealed that it had decided to disband.
"I know people won't believe this, but we genuinely ended [LulzSec] because it was classy," Topiary told the Guardian. The group, he said, wanted to wrap things up on "a high note, a classy ending, a big bang, then a sail into the distance."
A less generous explanation might go something like this: A small and boisterous gang of hackers soaks up the spotlight for a couple of weeks and disappears before the public gets tired of their antics – and before police expose them, as occurred in a series of raids against alleged Anonymous members on July 19.
[Editor's note: The original version of this story used the wrong name when describing the hackers and their underdog fight. The correct allusion is David and Goliath.]