Cyberattacks Q&A: 'World of pain' for those who don't support WikiLeaks
Gregg Housh, an unofficial spokesman for Anonymous, explains how the hactivist collective's voluntary botnet was powerful enough to bring down Visa and MasterCard websites.
Boston — This is the second installment in a two-part interview. Read the first part.
Mr. Housh, 34, says he has stepped forward as a media contact in part because his name is already well-known to authorities due to past work with Anonymous and his three months in federal prison, as a teenager, for software piracy. He is intimately aware of, but claims no participation in, an Anonymous offensive dubbed "Operation Payback," which managed this week to take down the websites of MasterCard, Visa, and the Swedish government – all organizations that have refused support for WikiLeaks or Mr. Assange.
Housh sat with the Monitor on Dec. 10 – in what he called his 37th interview of the day – and described his role within Anonymous and the goals of the unnamed hactivists who call themselves "Anons."
CSM: Who funds Anonymous? Do any 'Anons' have deep pockets?
GH: I wish. Our servers are always having trouble getting paid every month and things like that. ... It's not that expensive but a lot of these kids running these sites are college kids. We wish there were some big deep pockets. But there aren’t. There haven’t been yet. You know, who knows in the future, especially with this type of stuff going on and all this press coverage. Someone might show up and say "What needs funding?" We would love that.
CSM: If there were some deep pockets, potentially they might have the capacity to buy an involuntary botnet and participate in the attacks that way.
GH: Absolutely. But we would never know unless they came out and told us. And then we would have to question whether they were telling the truth or not.
CSM: You could have inklings based on Anonymous' ability to down a site or not. If you down Amazon.com, then you know that something is going on.
GH: Oh yeah. You absolutely know that someone just went out and bought some gigantic Russian botnet, or one of those big Chinese ones. They went out and bought something huge. If Amazon falls, it was not the voluntary botnet. There’s just no way.
CSM: But then, how do you know MasterCard was actually downed by the voluntary botnet?
GH: Because of how quick and simple it fell. … If you’ve ever seen a botnet operating, it’s hilarious to see how many of them are not working because it’s 3 a.m. in all of Asia and everyone is asleep with their computers off. Half your net is turned off right then. You never know how full powered it is. With this voluntary one, the very interesting fact of it is, the second it’s changed, there’s no user interaction, no one cares. These people who are in the voluntary one are leaving their computers on on purpose. So there’s a ton of computers that that second start sending their requests. And that instantaneousness of it really is the thing that seems to be spiking the servers. They come crashing down under the initial load. Whereas with these other botnets and what not, some of them don’t have that initial gigantic hit. They have a sustained hit, but it’s not initially just oh-my-God-out-of-nowhere gigantic. I will tell you, before the voluntary botnet, they tried downing sites of this size, and they didn’t down a thing. So I really think the voluntary botnet is what’s doing it.
CSM: Why launch these attacks now?
GH: Every one of these targets is someone who has actually actively done something against WikiLeaks. They have specifically done something that has harmed WikiLeaks. And that is why they are targets.
CSM: What does Anonymous hope to accomplish?
GH: The next company that gets that phone call from [Sen. Joseph] Lieberman and is asked very kindly if they would drop WikiLeaks that is on American soil is going to think to themselves, ‘Well, no laws are being broken yet, so the government can’t do anything to us for not dropping WikiLeaks, this is just a request from someone in government. But if we drop them we’re going to get attacked, our websites are going to go down, our services are going to get hurt, we’re going to have a world of pain if we drop them, and if we don’t then nothing really bad is going to happen to us yet. We might not want to drop them yet.’ They might take that into account. And even if they still drop them, the simple fact that they’ve taken it into account is a start. The fact that maybe you don’t need to be that scared of government that they say ‘Jump’ and you say ‘How high?’ No laws have been broken, no charges have been filed, so what are you jumping at?
CSM: But have MasterCard or Visa really suffered from the Anonymous attacks? Their websites are up and running.
GH: Well, for one, it’s unbelievably bad PR. That’s some horrible PR right there. … They probably could have held MasterCard for another four or five days.
CSM: Anonymous is now under attack from someone launching a DDoS against your sites. Any idea who is attacking you?
GH: No. What we know is that a person going by the name of ‘The Jester’ claimed to be taking down the WikiLeaks site. Talks like an idiot. Acts like an idiot. And his writing is at best second-grade level. So we really don’t think he is intelligent enough to actually do the level of attack that was done to WikiLeaks, because it was violent. So what’s probably happened is he probably did attack but wasn’t that skilled, and there was someone else back there who decided to really attack. And as The Jester was speaking up and saying he was doing it, they were more than happy to let him take the limelight. And we think that whoever that was, because it’s the same style of attack at the same bandwidth, is what’s hitting the Anonops IRC severs and the Anonops web servers. Probably the same guy. Whether it’s the Jester or some hidden guy behind him using him as a shield, as a straw man, we don’t know.
CSM: Do you know Julian Assange?
GH: That’s an area I don’t want to get into right now. I want to avoid that because I don’t think it’s necessarily important to this. I have nothing to do with the operation of that site.
CSM: It affects why you’re so supportive of WikiLeaks. If you’re friends with Assange, it gives you more a reason to support him.
GH: Not really. One of my best friends is a devout Christian Republican who voted for Bush both times. We definitely will never agree on anything anywhere near like this kind of stuff. He’s one of my best friends in the world because we grew up together. Whether I am friends with someone or not has nothing to do with whether I actually agree with or act upon any kind of movement or ideal.
CSM: How do I know that you're not participating in these distributed denial of service [DDoS] attacks? Since everyone in Anonymous is indeed anonymous, couldn't you also be launching these attacks?
GH: Absolutely, I could be. I’m not though.
CSM: Why should I take your word on that?
If you see someone like me willing to put my name on something when I know a lot of the people participating are doing illegal acts, you have to think that I wouldn’t put my name out there if I was, knowing the attention it will grab and how quickly I will end up in jail.
CSM: You’re the recipient of emails to Anonymous@WhyWeProtest.net. At that site are ways for how to download these DDoS attacks, right? So how are you not complicit?
GH: I don’t own the hosting. I don’t own the domain. I own nothing. The domain is owned by a French guy. The hosting is run by a guy out in LA. The boxes are currently in LA but they’re about to move to Sweden. I own nothing. My name is on zero.