A British spy agency waged cyberattacks against the online chat rooms of Anonymous and LulzSec hacktivists, documents leaked by Edward Snowden (pdf) and obtained by NBC News reveal. And they used computerized “weapons” similar to those used by the hacktivists themselves to do it.
In a PowerPoint presentation created for the 2012 NSA conference SIGDEV, slides show that Government Communications Headquarters (GCHQ), Britain’s NSA counterpart, used denial of service (DoS) attacks against IRC chat rooms used by Anonymous and LulzSec. The mission, dubbed Rolling Thunder, was carried out by GCHQ’s special spy unit Joint Threat Research Intelligence Group (JTRIG), and is said to have scared off some 80-percent of the IRC chat room users.
Launched in 2011, Rolling Thunder came in response to Anonymous’s late-2010 “Operation: Payback” campaign against PayPal, MasterCard, Visa, and others, which was itself launched in retaliation for these companies’ blockage of donations to WikiLeaks. The hacktivists used a downloadable tool known as the Low Orbit Ion Cannon, or LOIC, to wage distributed denial of service (DDoS) attacks – which are similar to DoS attacks – against targeted websites.
JTRIG agents apparently posed as supporters of Anonymous, and infiltrated the IRC chat rooms to identify individuals who engaged in hacking government websites or waging DDoS attacks. The agents also used Facebook, Twitter, email, Skype, and instant to inform alleged hacktivists that “DDOS and hacking is illegal, please cease and desist,” according to the documents.
While a GCHQ spokesperson told NBC News that the agency’s work is “carried out in accordance with a strict legal and policy framework,” some believe the government’s use of DoS attacks – which generally cause no lasting damage but instead overwhelm networks with a bombardment of traffic – tramples innocent citizens’ rights to free speech.
“Punishing thousands of people, who are engaging in their democratic right to protest, because a couple people committed vandalism is … an appalling example of overreacting in order to squash dissent,” Gabriella Coleman, an author and expert on Anonymous, told NBC News.
A number of hackers identified by GCHQ have gone to jail for violating cyber-crime laws. And as of late 2013, many of the hacktivists said to be responsible for the “Operation: Payback” campaign, a group commonly known as the “PayPal 14,” were still involved in legal battles in the US over their alleged involvement in the attacks.
What do you think? Was GCHQ right to use DoS attacks against hacktivists?