Fluid structure, leadership keep Anonymous' threat alive

Hacktivist group thriving under collective resources and leadership, which security watchers say will prolong their threat and caution organizations to factor it in their risk assessments.

Anonymous will continue to stay undefined and operate without having clear leaders even as more signs of organizational structure emerges in the form of dedicated public relations and analytics Web sites, one member reveals.

This, in turn, means the hacktivist group will be in the IT security scene for a long time and companies will have to be more diligent in their risk analysis and mitigation processes, analysts noted.

ZDNet Asia spoke to one Anonymous member, who goes by the pseudonym KnowledgeUS, via e-mail and found out that the "group" does not decide on any single decision as an organization would since it is not a group, organization, and has no plans to define itself as such. There are also no specific leaders, even though it appears to have several, and everyone works together to achieve the end results they want, the spokesperson said.

"It doesn't matter how many public relations (PR) sites are reporting on Anonymous or Internet Relay Chat (IRC) networks. We might all be in the same 'collective' but we all have different mindsets, philosophies, ideals, and motives, not to mention the goals we seek," KnowledgeUS noted.

For instance, the group's resources are generated from the individuals in the collective network, and members use almost all means of communications to spread information and awareness among themselves--which makes the group stronger, he explained. It is through such meetings, conversing, interacting, and teaming up with other Anonymous members that they learn something new and gain the necessary resources, he added.

The hacker's comments come after the group established its PR arm--Anonymous Public Relations (AnonPR), Anonymous Analytics (AnonAnalytics), and Facebook page Anonymous News Network.

The AnonPR project is one example of how capital was collected from within the network of hackers to pay for the monthly and annual fees of the services used by the hacktivist group. These include the hosting and server fees for the IRC networks and other sites, Knowledge US stated.

"The world seems to have an image painted of us as basement-dwelling teenagers with nothing else better to do. Many of us are [in fact] regular citizens with jobs and careers who rather do something about a situation than sit on our couches and let the corruption roll by," he said.

Additional risk analysis measures needed
Alexandu Catalin Cosoi, chief security researcher at BitDefender, said the organized nature of Anonymous' setup means the hacktivist group will likely be in the IT security scene for a long time in one form or another.

The Internet-driven activism and ideologies has already become more ingrained in today's online culture, Cosoi added.

Thus, it will be more difficult to stop Anonymous with its various "branches and fragments", noted Phil Hassey, owner of research firm CapioIT. The group will be difficult to track down and will pursue the objectives of the various benefactors supporting it, he added.

Some of the hackers within the Anonymous network may also become "radicalized" and look to seek more public or impact-oriented targets, which will pose a bigger threat to more organizations in the future, Hassey warned.

As such, he urged governments and enterprises to stay aboveboard and avoid illegal or unethical activities in order to stay out of the hacktivist group's crosshairs.

Cosoi suggested companies and governments add another layer to their risk analyses to factor in what the group might do next, how the organizations may react to these actions, and what must be done to prepare and prevent a breach in their corporate networks.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All