The Hacks That Mattered in the Year of the Hack
A year ago, few people had heard of Anonymous, understood what a DDoS attack was, or even realized that hackers were capable of bringing down entire networks.
A year ago, few people had heard of Anonymous, understood what a DDoS attack was, or even realized that hackers were capable of bringing down entire networks. But as geek bloggers love to point out, 2011 was the year of the hack, the year that Anonymous became a household name and armies of its devotees took to the streets, all wearing Guy Fawkes masks like that final, mind-blowing, Parliament-exploding scene in V Is for Vendetta. Anonymous, of course, has been around a lot longer than a year -- the collective can trace its roots back to the early days of 4chan, nearly a decade ago -- but you'd be hard-pressed to find anyone who would disagree that this year was the hacktivists' watershed moment.
Or rather, series of moments. However, not every assault launched by Anonymous and spinoff groups like LulzSec and AntiSec needed to make headline news, though they almost always did. If you take a step back and look at the really big ones, though, the ones that matter, you can start to see how hackers have been pulling the strings of the marionette that is mankind lately.
The Arab Spring
We're really swinging for the fences with this one, so bear with us. Anonymous, of course, didn't break down Mubarak's door in Cairo or storm Qaddafi's compound in Tripoli, but they did work their asses off to help the protesters on the ground, especially those who'd been blocked from accessing the Internet by government firewalls. Anonymous was there from the beginning of the region's revolution in January with Operation Tunisia and Operation Egypt both of which targeted government websites in direct denial of service (DDoS) attacks and aimed to enable protesters to beter use the Internet for their cause. It's also believed that because of this, the struggling regimes targeted hacktivists in an attempt to prevent a revolution. They did not succeed. Similar operations happened in solidarity with the dissidents in Libya, Bahrain and Syria.
The HBGary Hack
In February, Anonymous decided to declare war on Aaron Barr, chief executive of the once-relatively little known cyber security firm HBGary Federal. Barr had made the silly mistake of publicly announcing that he'd infiltrated the collective and knew about its inner workings. Anonymous did not appreciate the threatening-sounding rhetoric and decided to infiltrate HBGary instead. With the help an SQL injection -- one of the grossest-sounding and most effective weapons in the hacker arsenal -- the collective managed to scoop up 68,000 internal emails from HBGary that included details about everything from Barr's private life to a rather disconcerting Powerpoint presentation (reportedly paid for by Bank of America) about Wikileaks and journalists like Glenn Greenwald who supported the whistleblower organization. It implied that drastic measures may be required to remove guys like Greenwald from the equation. We've been told that, despite HBGary being in the security business itself, Barr's sloppy password habits led the hackers to discover and download all of the emails, a trove of secrets that Anonymous continues to expose. We've also heard that the same hackers who masterminded the HBGary attack went on to create Lulz Security, the Anonymous spinoff better known as LulzSec that fascinated the media all spring long. By March, Aaron Barr had resigned as HBGary Federal's chief executive as the company faced a federal investigation into its "use of subversive tactics."
The Sony Takedown(s)
Bringing down despotic regimes and exposing the shady business practices of private security firms is one thing, but the fact that hackers made Sony lose tens of millions of dollars in revenue all thanks to a shockingly simple assault -- well, that's just mind-boggling. This time it was the jokesters at LulzSec who were doing the hacking. Using the SQL injection method, largely considered the most basic of all cyber attacks that (again) is also a very effective one, LulzSec brought down Sony's Playstation Network around the globe for 44 days, eventually costing the entertainment company an estimated $171 million. The security breach turned from an on-going tech emergency -- Sony's network was eventually attacked many times -- into a legal headache, due in part to a residual LulzSec attack that caused the personal information of about 75,000 SonyPictures.com users to be leaked. However, Sony sort of got the last laugh. A few months later when law enforcement agencies finally started tracking down and arresting some from the original LulzSec bunch, it was the Sony attack that helped them learn key information about the true identities of the hackers. That's assuming that Sony can laugh at losing dozens of millions of dollars all thanks to a bunch of disgruntled gamer types.
The Occupy Movement
Before we saw a single tent in Zuccotti Park or heard the first soundcheck of a human microphone, Anonymous helped lay the foundation for the Occupy movement. Of course, the official story is that it was a hashtag effort started by Adbusters over the summer and propelled into the spotlight of the mainstream media (MSM, if you will) thanks to a bunch of cops pepper-spraying helpless hippies. But if you've been paying attention to the digital components of the global protest movement for the rights of the 99 Percent, you'll know that Anonymous's solidarity with most things Occupy is a powerful thing. Many have weighed in on the validity of the claim that Anonymous sort of secretly built the viral success of Occupy; some have conversely argued that the hacktivists made a lot of promises they didn't keep and maybe even undermined the grassroots, brick-and-mortar elements of the protests. That's kind of hard to swallow, though, especially given the extent to which the lasting icon of Occupy trademark will inevitably be the same Guy Fawkes masks that Anonymous made famous. That and the extent to which Anonymous helped identify and attempted to ruin the lives of those pepper-spraying cops.
The Stratfor Attack
We're probably jumping the gun on this one a little bit, but since it will probably serve as the last big hack of 2011, we have to include it. The attack on Stratfor, a private intelligence services company, might also represent the future of the hacktivist movement, especially how it's splintering off into smaller, more focused (and arguably more capable) hacker groups. AntiSec, a spinoff crew of former Anonymous and LulzSec hackers, took credit for the breach around Christmastime and announced the final week of 2011 would see a series of releases and assaults on its enemies. We're not sure how to pronounce LulzXmas, and for that reason alone, it's a fitting metaphor for the mysterious, even mystifying allure of the 21st-century hacker. It's not the weird, shiny-pants-wearing, spiked, neon green hair stereotype we associate with hackers in the 90s. The hacker we met this year is amorphous, uncontrollable and, yes, anonymous.