ATLANTA, Georgia — Anonymous, a hacker collective that stays true to its name, appears to be entering the big time.
After hacking the emails of Stratfor, the global intelligence firm, and on Monday cooperating with Wikileaks — already world famous for exposing classified US military documents and diplomatic cables — to publish those emails, Anonymous has gained a new level of notoriety among the public, and attention from authorities.
On Monday morning, twitter account @AnonymousIRC published a series of tweets revealing the hacker group as the source of the Stratfor emails and linking it to Wikileaks. Anonymous first accessed Stratfor's emails in December.
"We promised you those mails and now they'll finally be delivered. Five million (that's 5,000,000) emails at your pleasure," the tweet read.
Anonymous has long defended Wikileaks, most notably in its attacks against Visa, Mastercard and Paypal after those companies blocked customers from using their services to donate money to the secret-sharing site last year. But this appears to be the first time the two organizations have cooperated so directly.
Analysts say that Anonymous' collaboration with Wikileaks, along with recent hacks against the FBI and its release of a video Monday declaring "war" on the US government, has elevated the hacker group in the eyes of US security agencies from its previous status as a petty annoyance to a real threat.
In a hack that was part of the group's weekly campaign against the FBI, which it calls “Fuck FBI Friday,” Anonymous was able to listen in on a conference call on Feb. 3 between FBI agents and Scotland Yard. Besides a discussion about cheese and McDonalds, the call detailed arrests of hackers aligned with Anonymous and an ongoing investigation into the theft of credit card information from a popular gaming platform called Steam. The call was posted to YouTube and the FBI later confirmed it was genuine.
Fear of Anonymous in government circles has grown in tandem with the level of sophistication of the attacks. The National Security Agency (NSA) has warned that Anonymous could have the ability, within the next year or two, to hack portions of the US power grid. Gen. Keith Alexander, the director of the NSA, has discussed the possibility of an Anonymous-led attack in meetings with the White House and other officials, according to a recent report in the Wall Street Journal.
The US Senate too has taken notice and is debating passage of a bill known as the Cyber Security Act, which was introduced by Sen. Joe Lieberman and aims to protect US infrastructure — like the power grid — against a cyber attack.
Anonymous, through the Twitter account @YourAnonNews, dismissed the possibility of an attack on the US power grid and accused the NSA of fear mongering.
"Why would Anons shut off a power grid? There are ppl on life support / other vital services that rely on it. Try again NSA," the tweet read.
“Ridiculous! Why should Anonymous shut off power grid? Makes no sense! They just want to make you feel afraid,” read a post on the AnonOps Communications blog.
The US government and intelligence agencies have good reason to be concerned about the potential of Anonymous attacks. Hours before the Wikileaks release on Monday of what it called the “global intelligence files,” a YouTube account called TheAnonMessage, posted a video announcing — in a computerized voice and dramatic tone fit for Hollywood — the start of “Operation V,” a declaration of "war" against the US government. (Given that Anonymous is a leaderless collective, it's impossible to confirm that the video was posted by the group, but the TheAnonMessage account has been associated with the group in the past, and is the same one used to post the FBI call.)
Naming Google, Wikipedia and Reddit as its allies, Anonymous says in the video that it has decided to "openly declare war on the United States government." The video does not say how it would wage such a war, but notes that simple online attacks and Occupy Wall Street-style protests have so far proven ineffective. The groups then calls for more drastic actions.
"This is a call to arms. We call upon the citizens of the United States to stand beside us in overthrowing this corrupted body and call upon a new era. Our allegiance is to the American people, because they are us, and we are them. Operation V, engaged,” the robotic voice says against the backdrop of a scrambled computer image. "Our time for democracy is here."
Analysts said that Anonymous attacks on government websites and other public organizations so far pales in comparison to the threat the group, and other hacking groups like it, pose to private-sector companies.
“Anonymous is only beginning to scratch the surface with the private sector. They have a huge universe of targets to choose from,” said Richard Stiennon, chief research analyst at IT-Harvest, a risk analysis company focused on technology, and author of the book "Surviving Cyberwar," which was published in 2010.
“Breaches happen when people aren’t doing Security 101, you can’t legislate for these types of risks,” Stiennon said, adding that Anonymous was able to gain root access to Stratfor’s servers using an email Trojan, a relatively simple hack that could have been avoided if the user had been vigilant of suspicious emails.
After Wikileaks published the Strafor emails on Monday, it characterized the company as a “shadow CIA” that was engaged in nefarious dealings with unsavory informants on a global scale. Wikileaks said that Stratfor is a company "that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defense Intelligence Agency. The emails show Stratfor's web of informers, pay-off structure, payment laundering techniques and psychological methods.”
Some analysts rolled their eyes at such statements, criticizing the company’s intelligence reports as little more than glorified Google searches.
“When I worked for the intelligence community, we were provided [paid] access to Stratfor’s data and almost all of it was worthless,” said Joshua Foust, a fellow at the American Security Project and a security columnist for the PBS program Need to Know.
“The analysts responsible for generating information by and large found them laughably bad at what they did,” he added.
Nevertheless, analysts said Anonymous had now clearly demonstrated its willingness to launch attacks on a broad spectrum of groups that it believes are responsible for closing gateways to free information and expression. And now, more than ever, the group's members appear to have the technical expertise and the political will to do so.
Or, perhaps for some of its members, the hacks are still simply launched just for the lulz.