Hacking groups say they are back after FBI arrests

WASHINGTON Thu Jul 21, 2011 3:38pm EDT

WikiLeaks supporters wear masks of the ''Anonymous'' internet activist group and a mask of WikiLeaks founder Julian Assange (R) during a demonstration calling for the release of Assange, in Malaga, southern Spain December 11, 2010. REUTERS/Jon Nazca

WikiLeaks supporters wear masks of the ''Anonymous'' internet activist group and a mask of WikiLeaks founder Julian Assange (R) during a demonstration calling for the release of Assange, in Malaga, southern Spain December 11, 2010.

Credit: Reuters/Jon Nazca

Related Topics

WASHINGTON (Reuters) - After a brief hiatus and an FBI takedown of several alleged "hacktivists," two groups that have claimed responsibility for a recent wave of cyber vandalism say they are back.

A statement was posted online on Thursday jointly by the groups, Anonymous and Lulz Security, after U.S. authorities arrested 16 people earlier this week for several attacks, most prominently Anonymous' attempt to cripple eBay's PayPal site after it stopped accepting donations to the WikiLeaks organization.

The arrests allowed a peek into the lives of those alleged to be hacker-activists -- cyber-criminals who shut down or break into computer systems to make political points or defy authority, rather than to steal credit card numbers or commit espionage.

Some did not seem to have sophisticated technology-oriented jobs. The group included a former janitor, a landscape foreman and a college student, ranging in age from 20 to 42.

"We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea," the hacker groups said in the statement, which could not be independently verified. Lulz Security had previously suggested it was disbanding.

The groups said their statement was a response to comments by Steven Chabinsky, deputy assistant director of the FBI's cyber division, who told National Public Radio it was "entirely unacceptable to break into websites and commit unlawful acts."

The groups promised to continue attacks on governments, which they accused of lying to their citizens and inducing fear and terror by "dismantling their freedom piece by piece."

They also said they would focus on companies as well for working with governments and taking billions of dollars in contracts, but failing to deliver.

"These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies," the statement said.

The FBI declined to comment.

Anonymous and LulzSec also have claimed responsibility for attacking websites in Syria, Tunisia, Egypt and India for political reasons, as well as the public websites of the CIA and the Senate.

ARRESTS AROUND THE COUNTRY

The response came after FBI agents arrested more than a dozen people in nine states and the District of Columbia on charges they participated in cyber attacks on corporate and government websites.

According to the indictment, Mercedes Haefer said on her Facebook page she was a college student in Las Vegas working multiple jobs. She also went by "No" and "MMMM" when she allegedly helped with the attack on PayPal last year.

During her initial appearance earlier this week in federal court, a judge ordered her to stay off any computers except for her pizza job, and to surrender her laptop computer, according to court records. Her public defender was not available for comment.

Vincent Kershaw, 27, who has a day job as a foreman for a Colorado landscaping company, is accused of using the pseudonyms Reaper, Trivette and Triv to participate in the attacks. His public defender declined to comment.

The indictment accused them of using a program dubbed "Low Orbit Ion Cannon" -- a name that harks back to a video game and a Star Wars movie -- to send huge amounts of data to PayPal in a bid to overwhelm it and render it unavailable for legitimate requests.

Scott Arciszewski, 21, a University of Central Florida student and former janitor, was arrested for a separate cyber attack, allegedly uploading malicious files to the website of Tampa Bay InfraGard, an FBI-sponsored group. He then informed LulzSec about the vulnerability, according to court papers.

His public defender was also not available for comment.

The question remains whether the charges of conspiracy and trying to damage a protected computer as well as the related potential prison sentences of up to five and 10 years respectively, will serve as an adequate deterrent.

One cybersecurity expert raised the possibility that the PayPal attack was "just a bunch of kids" messing around, particularly since the threshold to participate was low.

"So many people spend so much time online now, the threshold to becoming a political activist has dropped to close to zero," said James Lewis, with the Center for Strategic and International Studies think tank.

"If we're lucky the arrests send a signal that will tamp down on this kind of thing, but if there's some deeper underlying tension that's driving people to do this or some other external cause we're just going to see more of this," he said.

(Additional reporting by Diane Bartz; editing by Warren Strobel and Mohammad Zargham)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (5)
ahms wrote:
“The groups promised to continue attacks on governments, which they accused of lying to their citizens and inducing fear and terror by ‘dismantling their freedom piece by piece.’”

I’m all for social justice, but aren’t these kids just spreading fear, terror, and dismantling freedom themselves? They’re attacking consumer sites and releasing personal information, or denying sites a right to be online. What does bringing down Paypal, which many people use for day to day transactions, accomplish?

They just sound like a group of insecure folks with a lot of time on their hands, and perhaps a God complex.

Jul 21, 2011 5:26pm EDT  --  Report as abuse
diluded0000 wrote:
Except for the one in Tampa, the extent of this alleged criminal activity is limited to downloading some software and running it. Calling them “hacker-activists — cyber-criminals” in the national news is just abetting the FBI’s goal of demonstrating high profile progress on an embarrassing situation. What they supposedly did is analogous to making a crank call without turning off their caller ID. The Feds are going after the low hanging fruit on this because they stand almost no chance of catching anybody who is capable of the more complex criminal activity. I’m not saying that running these software tools is acceptable, but given limited government resources we should focus on higher value computer crime like credit card fraud.

Jul 21, 2011 6:07pm EDT  --  Report as abuse
JoeMulick wrote:
@ ahms . The reason they DDOS’d Paypal was because Paypal, after US government pressure, stopped taking donations for Wikileaks. Wikileaks as you know supports government transparency.

Jul 21, 2011 6:29pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.