FBI's Anonymous challenge: Cast a wide net vs. distributed hacking group
Federal Bureau of Investigation agents conducted a series of raids Tuesday in an ongoing investigation into Anonymous, the hacking group. But the challenges with taking out a distributed gang are enormous.
CBS News has learned that FBI agents conducted raids on the New York homes Tuesday. PCs and gear were taken under search warrants. Two homes were on Long Island with another two in Brooklyn and the Bronx. CBS News also confirmed that additional raids were conducted in California and 14 arrests have been made so far.
Related: FBI makes 14 arrests in Anonymous raids
Overall, there are more than a dozen raids being conducted across the U.S. in a "major law enforcement operation," according to CBS News. For now, these raids are related to searches.
A Fox News report highlighted the raids earlier. As CNET News' Don Reisinger noted, the FBI had some success targeting Anonymous members and has more than 40 search warrants aimed at the group.
The big challenge is that law enforcement agencies are playing a game of Whac-A-Mole. As new members are targeted others appear. Hacking groups like Anonymous---and spin offs such as LulzSec---are decentralized by design. You cut off the head---or what you think is the head---and something else regenerates.
Scotland Yard last month arrested Ryan Cleary, a 19 year old in London, in connection with a series of attacks on Britain's Serious Organized Crime Agency. The problem: LulzSec blared on its Twitter account that the arrest was misplaced. However, LulzSec later went silent---until it hacked a Rupert Murdoch's Sun newspaper site for giggles.
Michael Chertoff, former Department of Homeland Security chief, said last month that the big challenge with combating hacking groups is attribution. In a decentralized group there are various flavors of bad guys. The FBI has to take out many bad actors---and associated servers---in hopes of getting a big score.
Chertoff said:
“Do we respond if we don’t know who had bad intent, but can locate the server that is a weapon against us? Do we take out the server in real life or cyberspace? There’s not going to be a clear line and we may take that server out in physical and cyber domains.”
The conundrum is akin to battling a terrorist network where you have to cast a wide net to get any traction against Anonymous.
In that respect, the FBI's raid Tuesday is just the latest installment in what is likely to be a series of ongoing attempts to derail Anonymous and similar groups.
Image courtesy of Wikipedia.
- DoD: 24,000 files swiped in March from military contractor systems
- Anonymous leaks 90,000+ emails from compromised military contractor Booz Allen Hamilton
- Anonymous releases private emails, government contracts, VPN credentials, and more
- Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges
- Cybersecurity by the numbers: How bad is it?
- LulzSec: “Snitches get stitches”
- LulzSec: Is it too cocky for its own good?
- Operation Anti-Security: LulzSec and Anonymous target banks and governments
- Wikileaks: How ‘Anonymous’ subverted the most powerful governments