Hacker Profile: Anonymous

Key Takeaways

  • Anonymous is a loosely organized Internet group of hackers and political activists that began as a collective in 2003 on an anonymous internet chat board.

  • Anonymous is know for employing DDoS attacks, defacing websites, and stealing and publishing sensitive information of its targets

  • Anonymous has a long rap sheet of attacks but has been less active in recent years

What is Anonymous? 

Anonymous is a decentralized international hacktivist collective known for its various cyber attacks against several governments, corporations, and the Church of Scientology. The group rallies around causes such as opposing censorship and government control and promoting freedom of speech. Without specific goals, former members of the group have said that the only guiding principle is "anti-oppression." In the past, it has expressed support for the Occupy movement and Julian Assange’s WikiLeaks.

As Anonymous is completely decentralized and has no leadership or ranking system, anyone can "join" by simply wishing to do so; its members being referred to as ‘anons’. Cyber attacks are coordinated by means of imageboards, forums, wikis, YouTube, and social networking services. 

The group has its fair share of critics, which calls the group ‘anarchists’ and ‘cyber terrorists’. Several members of the group have been arrested.

The group frequently tops lists of most infamous hacking groups. A timeline of events accredited to Anonymous shows the immense reach of the decentralized virtual community.

A signature characteristic of Anonymous is the Guy Fawkes mask, portrayed in the dystopian novel and film ‘V for Vendetta’. Even beyond the internet, sympathizers of the movement have sported the Guy Fawkes at rallies around the world.

Another attribute of the group is the use of voice changers or text-to-speech programmes that let anons mask their voice in video messages. Anonymous does not use any verified social media handles, with multiple factions using portals such as the ‘AnonNews’ website and Twitter account for disseminating the group’s motives and campaigns.

 

Tactics, Techniques, and Procedures (TTP)

Anonymous is known to vigorously go after its targets. It has been associated with crashing Web servers, website defacement and leaking hacked private information.

Anonymous primarily employs what is known as Distributed Denial of Service (DDoS) attacks, in which hackers swamp a website’s server with data that causes it to crash, making the website inaccessible. These DDoS attacks are often perpetuated through the distributed use of flooding tools such as LOIC (Low Orbit Ion Cannon) and its newer version HOIC (High Orbit Ion Cannon). By recruiting a large number of users to voluntarily participate in such attacks , Anonymous effectively creates a "voluntary botnet" of hundreds or thousands of computers. Using a vast number of machines running LOIC or HOIC to target a fairly large server will often result in denial-of-service.

Another tactic that it uses is defacement– when the target website’s pages are replaced with the hacktivists’ messages and graphics. A related method is redirection– in which a change in the chosen web site’s addressing causes its users to be redirected to another page.

The group also uses more serious methods such as doxing, in which private or sensitive information is stolen, destroying data using computer viruses, and “phishing” for extracting personal data.

 

Most Notable Attacks

The group’s first major hack that received worldwide press was Project Chanology against the Church of Scientology in 2008. Angry with the church for censoring videos on YouTube, members of Anonymous organized a series of DDoS attacks against Scientology websites. 

In 2010, Anonymous was believed to be responsible for cyberattacks on Visa, MasterCard, and PayPal, after the financial services firms blocked donations to the controversial whistleblower WikiLeaks. The attack was part of ‘Operation Payback’ which involved multiple DDoS attacks.

In 2011, Anonymous sabotaged electronics giant Sony’s PlayStation network, after anons accused Sony of backtracking from providing an advertised feature, and for prosecuting George Hotz for jailbreaking the PS3. 

During the 2011 Arab Spring, it went after government websites in Egypt and Tunisia. Anonymous worked with other groups to assist the Arab Spring uprising, specifically in Tunisia and Egypt, by keeping access to the Internet open for organizers on the ground.

A year later, after the US banned the popular file-storage website Megaupload, Anonymous shut down the websites of the Federal Bureau of Investigation (FBI) and the Department of Justice. In April 2012, Time magazine named Anonymous in its World’s 100 Most Influential People list.

Anonymous really reached its peak of popularity and involvement in 2012. The group slowly started to fade out of the spotlight since then, and was rather inactive over the last couple years; however, the group seems to be making a return. 

As protests against the police killing of George Floyd got under way in 2020, reports started to circulate that the shadowy hacker group was back. The rumors of Anonymous’s return began with a Facebook video depicting a figure in the group’s signature Guy Fawkes mask addressing the death of George Floyd and threatening the Minneapolis Police Department. Three weeks later, a person identifying as Anonymous leaked hundreds of gigabytes of internal police files from more than 200 agencies across the U.S. The hack, labeled #BlueLeaks, contained little information about police misconduct.

Since then, the group has once again been somewhat quiet. The most notable cyber attacks in 2020 and 2021 are believed to come from nation-state backed hacking groups that employ hundreds of full-time professional hackers who can openly collaborate and organize themselves as a cohesive team with specific goals. These groups are capable of zero-day attacks and extremely complex intrusions of organizations. It’s possible that Anonymous does not have the talent or resources to keep up with these other groups; regardless, Anonymous will always be mentioned as a top cyber threat to organizations due to its long-standing history of disruption and embarrassment.