'Anonymous' defends the use of web attacks

Julian Assange Anonymous members launched web attacks in support of Julian Assange's Wikileaks

Related Stories

Web activist group Anonymous has criticised the arrest of its members claiming the web attacks they launched were a legitimate form of protest.

Five men were arrested yesterday in connection with web attacks carried out in support of Wikileaks.

Overnight, US law enforcers said they had executed 40 search warrants in conjunction with UK operation.

Anonymous said the action was a "serious declaration of war" by the UK government against it.

Despite Anonymous' claims, in an open letter published online that denial of service attacks are a legitimate way to protest, UK law says such attacks, which bombard sites with data, are illegal.

The arrests of five of its members was "a sad mistake" by the UK authorities, Anonymous.

Distributed denial of service (DDoS) attacks should not be confused with malicious hacking, instead be regarded as "a new way of voicing civil protest", it added.

What is a DDoS attack?

  • A Distributed Denial of Service (DDoS) attack aims to make websites inaccessible
  • Attackers commonly use networks of compromised computers - called a botnet - that they control to launch the attacks
  • However, the Anonymous attacks recruited volunteers to download a tool to create a "virtual" botnet
  • By overwhelming the target site with requests, the attackers can ensure that genuine visitors cannot reach the site
  • These requests look like genuine web traffic so can be hard to filter out
  • Typically, such attacks have been aimed at high-profile websites, such as those belonging to government departments, banks and political organisations
  • They are illegal in most countries

Detectives from the Metropolitan Police's Central e-Crime Unit arrested five men, aged between 15 and 26 in connection with offences under the Computer Misuse Act 1990.

The men were arrested at residential addresses in the West Midlands, Northamptonshire, Hertfordshire, Surrey and London.

Not so anonymous

That legislation makes it clear that launching DDoS attacks is illegal, said Graham Cluley, senior security analyst at Sophos.

"Most of the people that took part in the attacks in support of Wikileaks volunteered to do so," he told BBC News.

The web attacks were mounted against firms such as Mastercard, PayPal and Amazon which had withdrawn their services to Wikileaks, in the wake of its publication of leaked embassy cables.

The DDoS attacks launched against those companies was done using a web toll known as the Low Orbit Ion Cannon (Loic).

That made it easy for authorities to locate those responsible, as Loic does nothing to mask the IP address of those initiating the flood of web traffic, said Cluley.

"Once you know someone's IP address it's relatively simple to find their physical address," he said.

In December two Dutch teenagers were taken into custody and subsequently released over allegations that they had helped coordinate the attacks.

The five men arrested in the UK have been released on bail.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

Elsewhere on the BBC

  • SleepSleep on it

    Is it possible to strengthen your brain's synapses while you slumber?

Programmes

  • A man holds a sign which reads Bring Back Our GirlsHARDtalk Watch

    Why there is still hope and optimism for the rescue of Nigeria’s kidnapped schoolgirls

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.