Cyberattacks Q&A: 'World of pain' for those who don't support WikiLeaks
Gregg Housh, an unofficial spokesman for Anonymous, explains how the hactivist collective's voluntary botnet was powerful enough to bring down Visa and MasterCard websites.
This is the second installment in a two-part interview. Read the first part.Skip to next paragraph
Subscribe Today to the Monitor
Mr. Housh, 34, says he has stepped forward as a media contact in part because his name is already well-known to authorities due to past work with Anonymous and his three months in federal prison, as a teenager, for software piracy. He is intimately aware of, but claims no participation in, an Anonymous offensive dubbed "Operation Payback," which managed this week to take down the websites of MasterCard, Visa, and the Swedish government – all organizations that have refused support for WikiLeaks or Mr. Assange.
Housh sat with the Monitor on Dec. 10 – in what he called his 37th interview of the day – and described his role within Anonymous and the goals of the unnamed hactivists who call themselves "Anons."
CSM: Who funds Anonymous? Do any 'Anons' have deep pockets?
GH: I wish. Our servers are always having trouble getting paid every month and things like that. ... It's not that expensive but a lot of these kids running these sites are college kids. We wish there were some big deep pockets. But there aren’t. There haven’t been yet. You know, who knows in the future, especially with this type of stuff going on and all this press coverage. Someone might show up and say "What needs funding?" We would love that.
CSM: If there were some deep pockets, potentially they might have the capacity to buy an involuntary botnet and participate in the attacks that way.
GH: Absolutely. But we would never know unless they came out and told us. And then we would have to question whether they were telling the truth or not.
CSM: You could have inklings based on Anonymous' ability to down a site or not. If you down Amazon.com, then you know that something is going on.
GH: Oh yeah. You absolutely know that someone just went out and bought some gigantic Russian botnet, or one of those big Chinese ones. They went out and bought something huge. If Amazon falls, it was not the voluntary botnet. There’s just no way.
CSM: But then, how do you know MasterCard was actually downed by the voluntary botnet?
GH: Because of how quick and simple it fell. … If you’ve ever seen a botnet operating, it’s hilarious to see how many of them are not working because it’s 3 a.m. in all of Asia and everyone is asleep with their computers off. Half your net is turned off right then. You never know how full powered it is. With this voluntary one, the very interesting fact of it is, the second it’s changed, there’s no user interaction, no one cares. These people who are in the voluntary one are leaving their computers on on purpose. So there’s a ton of computers that that second start sending their requests. And that instantaneousness of it really is the thing that seems to be spiking the servers. They come crashing down under the initial load. Whereas with these other botnets and what not, some of them don’t have that initial gigantic hit. They have a sustained hit, but it’s not initially just oh-my-God-out-of-nowhere gigantic. I will tell you, before the voluntary botnet, they tried downing sites of this size, and they didn’t down a thing. So I really think the voluntary botnet is what’s doing it.
CSM: Why launch these attacks now?