Anonymous hacks US Sentencing Commission, distributes files

Anonymous hacks US Sentencing Commission, distributes files

Summary: Late evening Friday, January 25, U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in what the group calls "Operation Last Resort." UPDATE: site restored.

SHARE:
TOPICS: Security, Legal
133

Hacktivist group Anonymous took control of the U.S. Sentencing Commission website Friday, January 25 in a new campaign called "Operation Last Resort."

The first attack on the website was early Friday morning. The second - successful - attack came around 9pm PST that evening. 

anonymous

By 3am PST ussc.gov was down (it had been dropped from the DNS), yet as of this writing the IP address (66.153.19.162) still returned the defaced site's contents.

Update January 26, 8pm PST: ussc.gov is restored.

It appears that via the U.S. government website, Anonymous had distributed encrypted government files and left a statement on the website that de-encryption keys would be publicly released (thus releasing the as-yet unkonwn information held on the stolen files) if the U.S. government did not comply with Anonymous' ultimatum demands for legal reform.

Anonymous explained that they used this webiste for symbolic reasons.

The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced ussc.gov website Anonymous cited the recent suicide of hacktivist Aaron Swartz as a "line that has been crossed."

The statement suggested retaliation for Swartz's tragic suicide, which many - including the family - believe was a result of overzealous prosecution by the Department of Justice and what the family deemed a "bullying" use of outdated computer crime laws.

Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court Justices.

According to the statement:

Warhead – U S – D O J – L E A – 2013 . A E E 256 is primed and armed. It has been quietly distributed to numerous mirrors over the last few days and is available for download from this website now. We encourage all Anonymous to syndicate this file as widely as possible.

This appears to be Anonymous sending a threatening message to whoever knows what might be on the encrypted files.

Anonymous has encouraged anyone and everyone to distribute the files, so it is unknown who has the files or how many have been distributed. The files are useless without the encryption keys.

The contents are various and we won’t ruin the speculation by revealing them. Suffice it to say, everyone has secrets, and some things are not meant to be public.

At a regular interval commencing today, we will choose one media outlet and supply them with heavily redacted partial contents of the file. Any media outlets wishing to be eligible for this program must include within their reporting a means of secure communications.

Currently two of the mirrors are slow, and one has gone offline completely.

It is possible, as suggested by the file names, that Anonymous may have taken files pertaining to each of the Justices (all of whom were named on filenames at the bottom of the defaced page, such as "Scalia.warhead1") and put them in a file (named "Warhead-US-DOJ-LEA-2013.aes256") and then appended a command to the file that would nuke the file. 

This suggests that Anonymous may have obtained files and nuked the compromised server.

Anonymous Tweeted that the group left a backdoor and made it editable in a way that encourages other hackers to come and shell the server.

In the defacement text, Anonymous also said it placed "multiple warheads" on "compromised systems" on various unnamed websites, and encouraged members to download the encrypted files from ussc.gov that are "primed, armed and quietly distributed to numerous mirrors."

Anonymous called the launch of it new campaign a "warhead."

Anonymous posted the following video to the site stating that this attack is the beginning of what it calls "Operation Last Resort."

A few websites have republished the defacement text; full transcript below.

Citizens of the world,

Anonymous has observed for some time now the trajectory of justice in the United States with growing concern. We have marked the departure of this system from the noble ideals in which it was born and enshrined. We have seen the erosion of due process, the dilution of constitutional rights, the usurpation of the rightful authority of courts by the “discretion” of prosecutors. We have seen how the law is wielded less and less to uphold justice, and more and more to exercise control, authority and power in the interests of oppression or personal gain.

We have been watching, and waiting.

Two weeks ago today, a line was crossed. Two weeks ago today, Aaron Swartz was killed. Killed because he faced an impossible choice. Killed because he was forced into playing a game he could not win — a twisted and distorted perversion of justice — a game where the only winning move was not to play.

Anonymous immediately convened an emergency council to discuss our response to this tragedy. After much heavy-hearted discussion, the decision was upheld to engage the United States Department of Justice and its associated executive branches in a game of a similar nature, a game in which the only winning move is not to play.

Last year the Federal Bureau of Investigation revelled in porcine glee at its successful infiltration of certain elements of Anonymous. This infiltration was achieved through the use of the *same tactics which lead to Aaron Swartz’ death. It would not have been possible were it not for the power of federal prosecutors to thoroughly destroy the lives of any hacktivists they apprehend through the very real threat of highly disproportionate sentencing.

As a result of the FBI’s infiltration and entrapment tactics, several more of our brethren now face similar disproportionate persecution, the balance of their lives hanging on the severely skewed scales of a broken justice system.

We have felt within our hearts a burning rage in reaction to these events, but we have not allowed ourselves to be drawn into a foolish and premature response. We have bidden our time, operating in the shadows, adapting our tactics and honing our abilities. We have allowed the FBI and its masters in government — both the puppet and the shadow government that controls it — to believe they had struck a crippling blow to our infrastructure, that they had demoralized us, paralyzed us with paranoia and fear. We have held our tongue and waited.

With Aaron’s death we can wait no longer. The time has come to show the United States Department of Justice and its affiliates the true meaning of infiltration. The time has come to give this system a taste of its own medicine. The time has come for them to feel the helplessness and fear that comes with being forced into a game where the odds are stacked against them.

This website was chosen due to the symbolic nature of its purpose — the federal sentencing guidelines which enable prosecutors to cheat citizens of their constitutionally-guaranteed right to a fair trial, by a jury of their peers — the federal sentencing guidelines which are in clear violation of the 8th amendment protection against cruel and unusual punishments. This website was also chosen due to the nature of its visitors. It is far from the only government asset we control, and we have exercised such control for quite some time…

There has been a lot of fuss recently in the technological media regarding such operations as Red October, the widespread use of vulnerable browsers and the availability of zero-day exploits for these browsers and their plugins. None of this comes of course as any surprise to us, but it is perhaps good that those within the information security industry are making the extent of these threats more widely understood.

Still there is nothing quite as educational as a well-conducted demonstration…

Through this websites and various others that will remain unnamed, we have been conducting our own infiltration. We did not restrict ourselves like the FBI to one high-profile compromise. We are far more ambitious, and far more capable. Over the last two weeks we have wound down this operation, removed all traces of leakware from the compromised systems, and taken down the injection apparatus used to detect and exploit vulnerable machines.

We have enough fissile material for multiple warheads. Today we are launching the first of these. Operation Last Resort has begun…

Warhead – U S – D O J – L E A – 2013 . A E E 256 is primed and armed. It has been quietly distributed to numerous mirrors over the last few days and is available for download from this website now. We encourage all Anonymous to syndicate this file as widely as possible.

The contents are various and we won’t ruin the speculation by revealing them. Suffice it to say, everyone has secrets, and some things are not meant to be public. At a regular interval commencing today, we will choose one media outlet and supply them with heavily redacted partial contents of the file. Any media outlets wishing to be eligible for this program must include within their reporting a means of secure communications.

We have not taken this action lightly, nor without consideration of the possible consequences. Should we be forced to reveal the trigger-key to this warhead, we understand that there will be collateral damage. We appreciate that many who work within the justice system believe in those principles that it has lost, corrupted, or abandoned, that they do not bear the full responsibility for the damages caused by their occupation.

It is our hope that this warhead need never be detonated.

However, in order for there to be a peaceful resolution to this crisis, certain things need to happen. There must be reform of outdated and poorly-envisioned legislation, written to be so broadly applied as to make a felony crime out of violation of terms of service, creating in effect vast swathes of crimes, and allowing for selective punishment. There must be reform of mandatory minimum sentencing. There must be a return to proportionality of punishment with respect to actual harm caused, and consideration of motive and mens rea. The inalienable right to a presumption of innocence and the recourse to trial and possibility of exoneration must be returned to its sacred status, and not gambled away by pre-trial bargaining in the face of overwhelming sentences, unaffordable justice and disfavourable odds. Laws must be upheld unselectively, and not used as a weapon of government to make examples of those it deems threatening to its power.

For good reason the statue of lady justice is blindfolded. No more should her innocence be besmirked, her scales tipped, nor her swordhand guided. Furthermore there must be a solemn commitment to freedom of the internet, this last great common space of humanity, and to the common ownership of information to further the common good.

We make this statement do not expect to be negotiated with; we do not desire to be negotiated with. We understand that due to the actions we take we exclude ourselves from the system within which solutions are found. There are others who serve that purpose, people far more respectable than us, people whose voices emerge from the light, and not the shadows. These voices are already making clear the reforms that have been necessary for some time, and are outright required now.

It is these people that the justice system, the government, and law enforcement must engage with. Their voices are already ringing strong with a chorus of determined resolution. We demand only that this chorus is not ignored. We demand the government does not make the mistake of hoping that time will dampen its ringing, that they can ride out this wave of determination, that business as usual can continue after a sufficient period of lip-service and back-patting.

Not this time. This time there will be change, or there will be chaos…

-Anonymous

Topics: Security, Legal

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

133 comments
Log in or register to join the discussion
  • BEWARE OF THAT COMMAND!

    That isn't just a command to nuke the file itself. "/" is the root of the linux filesystem. If you run that "rm -rf /" at the end of that command, you will delete your system.

    It's a way to troll people who aren't tech savvy.

    So just remove the "&&" and everything after it, and you should be fine.
    Amaroq
    • Hmmm

      You understand you cannot run rm -fr / unless you are root right? This way you will delete only your own stuff, not the whole OS.
      kirovs@...
      • True.

        But still not a wise move to run that command.
        Amaroq
      • root

        You understand that one can use a weak account with sudo rights to run a root command, and lazy administrators are a dime for a dozen.
        startx.jeff
    • out of control

      1% motorcycle clubs have been dealing with this out of control FBI,DOJ,ATF or what ever law enforsement bullshit for years.welcome to are world!!
      dog1313
      • Yes, just because it is a computer geek it is a problem?

        Take any legal but politically incorrect position and be extremely vocal about it and see what the government will do to put you in prison. You don't have to be a criminal for prosecutorial overreach just somebody getting in the way of what government wants to do.
        MarkinLA
  • File Sizes

    Anyone downloaded those files? Can we compare notes on how big they are? Slow and untrustworthy servers can break file downloads, which at least on my browser, just ends the download with the file not complete.
    Amaroq
    • warhead sizes

      Alito 150 mb
      Breyer 150 mb
      Ginsburg 150 mb
      Kagan 132.73 mb
      Kennedy 108.35 mb
      Roberts 22.78 mb
      Scalia 150 mb
      Sotomayor 100.62 mb
      Thomas 150 mb
      boldbrew1
      • Not the prime players

        Obama and Holder are responsible.
        pfwag@...
        • Swartz didn't face prison until feds took over case

          http://news.cnet.com/8301-13578_3-57565927-38/swartz-didnt-face-prison-until-feds-took-over-case-report-says/

          Swartz didn't face prison until feds took over case, report says

          The late Internet activist was facing a stern warning from local prosecutors. But then the U.S. Attorney's office, run by Carmen Ortiz, chose to make an example of Aaron Swartz, a new report says.

          by Declan McCullagh January 25, 2013 1:14 PM PST

          State prosecutors who investigated the late Aaron Swartz had planned to let him off with a stern warning, but federal prosecutor Carmen Ortiz took over and chose to make an example of the Internet activist, according to a report in Massachusetts Lawyers Weekly.

          Middlesex County's district attorney had planned no jail time, "with Swartz duly admonished and then returned to civil society to continue his pioneering electronic work in a less legally questionable manner," the report (alternate link) said. "Tragedy intervened when Ortiz's office took over the case to send 'a message.'"

          ... "Continuance without a finding" was the anticipated disposition of the case were the charge to remain in state court, with the Middlesex County District Attorney to prosecute it. Under such a disposition, the charge is held in abeyance ("continued") without any verdict ("without a finding"). The defendant is on probation for a period of a few months up to maybe a couple of years at the most; if the defendant does not get into further legal trouble, the charge is dismissed, and the defendant has no criminal record. This is what the lawyers expected to happen when Swartz was arrested for "trespassing at MIT." But then the feds took over the case, and the rest is tragic history. ...
          commenter8
      • where can i get the actual files?

        You state the actual file sizes..Where can I get them? The actual links that work give only computer code....which requires a key to unlock
        Dan Kahraman
        • "actual files"

          I think if you ask Anonymous for the trigger-key nicely they may give it to you, or release enough info that it is easily guessed the way wikileaks did.
          boldbrew1
          • Two obstacles:

            1) How to contact Anonymous
            2) Get the key
            Dan Kahraman
          • Keys

            http://www.facebook.com/notes/usa-government-took-you-over/anonymous-releases-warhead-encryption-keys-warhead-us-doj-lea-2013aes256/202266033246726
            Bill McCormick
          • Keys

            Don't have the warheads but I have the keys downloaded, in case the FB page crashes.
            Bill McCormick
          • I think whoever posted that had it mixed up.

            Those were the warhead, and not the key.
            Amaroq
          • Contact/Keys

            1) Anonymous has a Twitter feed:

            http://twitter.com/OpLastResort/status/295747510163632128

            2) Anonymous has the key. It's not released yet, not in any public way.
            screamino
          • Twitter

            Oops - that was a sub. This is the Twitter to use: @AnonymousIRC
            screamino
          • Contacted Violet Blue...

            Will find out where this will lead ;)
            Dan Kahraman
          • a faster mirror?

            The original mirrors are really d4mn slow, the files will take 2 days to download. Maybe heavy traffic.

            Has anyone seen these files on a faster mirror?

            If you have downloaded them, repost them on another mirror. It is your duty to help spread these files around. I will do the same as soon as my downloads have completed.
            Chester Molster