Five Things CIOs Need to Know about Anonymous

1. Nobody's in charge. "We are Anonymous. We are legion." This cryptic slogan is used by a band of hackers who call themselves Anonymous. Active for nearly a decade now, the group catapulted into prominence in the past year with attacks on PayPal, Visa, HBGary and Sony. Often called a hacking collective, Anonymous is essentially a movement. There is no central authority. From time to time, participants band together to launch "operations," led by a small group of trusted associates. The operation leaders write up orders and invite anyone who is interested to participate. Operations can happen online or in the real world.

2. Their attacks seem random. Roughly stated, Anonymous cares about digital freedom and exposing hypocrisy and corruption. Motives for their attacks may seem obscure to upper-level management, but they often make sense to geeks. The group first gained prominence for attacking the Church of Scientology and the Recording Industry Association of America. When PayPal, MasterCard and Visa stopped processing payments for WikiLeaks late last year, Anonymous saw this as a threat to the free exchange of information and attacked.

3. They're capable. Early on, Anonymous's hacking didn't amount to much more than the occasional distributed denial-of-service attack. Lately it's shown a scarier, more technically adept side. In February, members broke into HBGary's mail server and website, ultimately posting tens of thousands of the company's private emails online. Subsequent attacks linked to Anonymous, and its spin-off group Lulz Security, demonstrated mastery of attacks such as SQL injection, social engineering and controlling botnets. A favorite attack is to "dox" a company they don't like: This means breaking in and exposing the personal information of corporate officers and their families.

4. They're international. Although English is the language of choice for most communications, alleged members have been arrested in Holland, France, Italy, Spain, the U.K. and the United States. And Anonymous has encouraged spinoff groups globally.

5. The P.R. motivates them. Many of those who join Anonymous see themselves as hacktivists--a new breed of online protester whose activities gum up cyberspace in much the same way massive demonstrations gum up city streets. The ultimate goal seems to be changing public perception more than disrupting business. PayPal, MasterCard and Visa experienced some Web downtime, but payment processing was unaffected by the attacks. The real pressure comes from the news stories. Nobody wants their brand linked to a hacker attack.

Show Comments