Hacker arrests: Why Anonymous might not be so anonymous
This week's arrests of 21 members of Anonymous in the US and Europe show that, given time and resources, cybersleuths can track down hackers. But doubts remain over whether authorites caught any big fish.
The arrests of 21 individuals Tuesday connected with the Anonymous group and other computer hackers suggest that the suite of digital tools that hackers use to obscure their identities is not foolproof and can be cracked with significant sleuthing.Skip to next paragraph
Subscribe Today to the Monitor
Questions remain about whether the 14 are relatively novice hackers that were easy to track. But often the greater question in solving an Internet attack is not whether a breakthrough can be made, but rather whether it is worth the time and resources needed.
Often, perpetrators are caught bragging on online forums. Other are caught making elementary mistakes. But finding and nabbing the top hackers takes time and money.
"If [hackers] use the right privacy measures to mask their Internet service provider, it would take international cooperation and a lot of hard work to get at them," says Ashera, the pseudonym for a cyber security investigator at Backtrace Security, who spoke on condition of anonymity. "These guys say, 'Ok, I've got my IRC, my chain proxies, I'm logged into a shell, and I'm logged onto another computer, too….’ But they're not as anonymous as they think they are."
The 21 people arrested Tuesday come from 10 states, the District of Columbia, Britain, and the Netherlands. Of those, at least 16 were linked by authorities to cyberattacks against PayPal last year, in which hackers claiming to be part of Anonymous clogged access to the PayPal website for customers.
Anonymous and an affiliated hacker group called LulzSec have been taunting law enforcement authorities for months, breaking into corporate websites like Monsanto, the Arizona Department of Public Safety, Sony, and PBS – and then bragging about it.
That bravado can sometimes be the undoing of hackers. A student at the University of Central Florida, for example, tweeted victory message from a Twitter account dubbed "voodooKobra" after he broke into a server belonging to Infragard, a site for companies and federal authorities involved in homeland security, and stole three files.
Authorities used the information in the tweet and other digital snippets to track down the culprit.
In cracking such a hacking case, much depends on how much time and effort law enforcement authorities are willing to devote to tracking down a perpetrator.