Game Theory, Anonymous Causality, and 2012

Sunday, February 05, 2012

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

Anonymous Factions and Influences

Anonymous being what it is, has always been susceptible to influence and infiltration from the outside as well as the inside.

The nature of the movement is such that it resembles the cell structure of terrorist action groups like Al Qaeda that have adopted over the years:

  • Decentralized
  • Autonomous (to an extent)
  • Headless (perceived only in some cases)
  • They have “wings” (action wings, propaganda wings, technical wings etc)
  • Small cells with distinct leadership working in compartmented protocols

In the anonymous world, the communications take a stratified approach as well. IRC is the medium for much of the communications, but there are hidden chat rooms on various servers where the core meet to plan and talk.

I am sure there are other means that they utilize as well such as i2p email addresses and other anonymized means of communication. Due to the nature of Anonymous though, it would seem that the various players do not form a cohesive whole for the most part. So the cell’s that are out there can affect to greater and lesser extents due to the members of the cell and their capabilities.

An example of this would be the core group called AntiSec. AntiSec, comprised of the more technical hackers from what has been gathered, has been attacking various sites for the lulz as well as perhaps with an agenda to cause the government and corporations pain by releasing embarrassing and or compromising data (See HBGary for an example).  

Over the last year we have seen an evolution within Anonymous and its various movements. The latest being the AntiSec movement that really came out swinging after the LulzBoat set sail once their 50 day run was over.

It is this latest group that has people concerned and may in fact be the more cohesive core of Anonymous, one that has a set group of leaders at its core, leaders with an agenda… Anarchy.

Escalation and Over Reaction

The latest “hack” and release this last Friday (#FFF frak FBI Friday’s) is a case in point and I think as I started this post over Shmoocon weekend, it is only appropriate to use the FBI conference call as a focus today.

Over the year AntiSec has been performing more and more actions against whoever they could attack. It seems that from the attack vectors to date (except this last one) have been attacks of opportunity with some direction (such as look for all police departments with holes on the internet) others seem to be perhaps fortuitous hacks given to the movement by those out there sympathetic to Anon or just looking to have their lulz while others perform the dirty work.

Either way, the stakes have been rising and the escalation has been seen over the last year into this one between the governments (in my case the US) and Anonymous and AntiSec. With the leaking of the FBI/MET con call this last Friday, we will see another evoution to the escalation because now, the Anon’s have directly shamed the FBI, the Met, and other orgs seeking to prosecute them.

Think of it as the angry bee’s nest Colbert spoke of about Aaron Barr.. Except this time AntiSec has deliberately slapped the bee’s nest with a bat as they walked away pointing and laughing. This will not end well for either really I think. As of today the FBI has stared yet another case file on the hack of the email accounts attached to the distribution list that the invitation for the call went out to.

The assumption here is that someone forwarded the email to a private acct, one that had been compromised earlier and was the source of the email that allowed the Anon’s to dial into the call.

Meanwhile, Sabu has tweeted that AntiSec has been monitoring FBI communications for a while now and still had access as of Friday. I am unsure that this is truly the case but it cannot be discounted as just another braggadocio about their hacking prowess.

You see, the Feds for the most part are not the most tech savvy as a group, especially within the rank and file SA’s or SSA’s. So, it is possible that there has been some pwnage and that the net effect is they have been compromised to the point where investigations may become harder to prosecute.

(Think about it this way.. Hacked FBI accts etc leave much for a good defense attorney to work with on the idea of reasonable doubt).

This is going to make the FBI over react and possibly over reach. This in turn will also put the government on a back footing as well and make them more apt to do things in a knee jerk fashion as well. You all thought ACTA and SOPA were bad.. Wait until these government guys feel the burn of future hacks on them as well as what just happened.

Of course I am not condoning either side here, but, I am trying to get across that we once again have the Batman conundrum. “You made me… I made you…Let’s dance”...

Meanwhile, the collateral damage piles up and the innocent are the ones most likely to feel the bite from both sides. Ironically, while both sides tell us all that what they do is for our own good.

Heh.

A Master Plan or Unintended Consequences?

Since the beginning of the Anonymous movement’s gaining critical mass and bearing the AntiSec fruit, I have been wondering if there is indeed a master plan here. Anonymous claims that they are autonomous, amorphous, a swarm, but I think that is a generalization that only fits when you look at the whole.

When you start to bore down into the cells out there, you can readily see that there are pockets of cohesive groups. One of these groups is of course AntiSec. This group I think has acquired a certain amount of play within the Anonymous circle and thus would be a leadership cell.

Recent posts of the “Coming Insurrection” on sites that have been hacked by AntiSec have lead me to believe that there is a fair amount of Anarchist belief and activity within this cell of Anonymous. In fact, there seems to be from information sources, that AntiSec is in fact running the show now or would like to.

As the hacking wing, so to speak, of Anonymous, they wield a certain cachet and also, from same sources, may in fact intimidate the moral fags a bit. All of this means that the core of AntiSec and their acolytes are really making the agenda as well as performing the actions to drive their agenda.. More than the penumbra of Anonymous as a whole.

So, in looking at the use of the Coming Insurrection and the propaganda by the “Sabu’s” on Twitter, it has become more and more clear in my mind, that the agenda is not only Anarchy, but also quite a socialist (for lack of a better term) bent.

By watching the Sabu account on Twitter, one can also see the socio-political bents of “Free Palestine” as well as a general call for the downtrodden to rise up against the government. Is this just Sabu being Sabu? Is there an agenda that the others within the AntiSec core also believe?

As well, the use of the “AntiSec” name comes directly from a movement of Hackers and Anarchists back in the 90′s who did not believe that the nascent “Security Industry” was a good thing and that ideas like responsible disclosure of vulnerabilities was a bad thing. It all just fed a cycle where the corporations out there could hide vulnerabilities, keep writing bad code, and generally skate on their responsibilities to keep things secure.

Oddly enough, all of those things today are in effect and still we have issues where companies are not doing the right thing as well as have a security “Industry” that contains many charlatans.

The AntiSec of yesterday I am told by sources, do not like the current AntiSec core out there today. In fact, some are a bit peeved from what I have been told.So, if today’s AntiSec is not a descendant of this original group.. Who are they? As best as can be figured by me, they took the name as they liked it but for the most part, there seems to be an Anarchist and Nihilist bent within their ranks and their agenda..

This begs the question though, just how much of their action has been just to sow anarchy and how much has been part of a goal to fight the government for perceived crimes against those they govern? For me, it seems that perhaps the overall goal here may be in fact to push the issue until there is a civil war of sorts. How would this play out?

Well, I think we are seeing the beginnings of this now:

  • More governance of the internet
  • Less privacy
  • Additions to laws concerning terrorists and terrorism that now center on the internet and “cyber-issues”
  • knee jerk reactions creating bills with over-reaching language allowing for abuses of power

Granted, some of this may have organically been created from today’s issues over hacking and the so called cyber-warfare ongoing between countries. However, i think that this has sped up quite a bit as Anonymous? AntiSec push the buttons more and more against the police and the government.

The net effect is that AntiSec is baiting the government and the authorities into over reacting. With each dump of data and compromise of site, they push and push the fools running the country into being more fearful that they cannot control the situation.

The reality is that they can’t control it... Hell, they barely understand it…  And this makes it all the worse.

Predictive Behavioral Analysis of Both Anonymous and Government (USA) Using Game Theory

I have been watching this Greek tragedy play itself out over the last year and frankly I just don’t see this going well for anyone. It really boils down to a couple of outcomes and neither one I think is good:

  1. AntiSec becomes even more brazen attacking more frequently as they gain more power/synergy with more followers and people willing to help them
  2. The government will continue to attempt to catch the players. Some will get caught and there will be trials.
  3. The trials will escalate the anger and the AntiSec crew will seek more and more directed targets to shame and disrupt the authorities cases
  4. Laws will be enacted restricting the internet and the privacy we all should be able to have

The thing here is that AntiSec will not just go away... Nor will the governments of the world change their ways. If indeed AntiSec’s core believe in anarchy as a way of life, then they will go on sowing it. This will cause the government to over react and do some pretty stupid things as well.

It’s really Batman and the Joker all over again... And as I think about it more, it becomes a very apt allusion to what is going on. Except that the government is not as smart as Batman or as moral/ethical…

Normally, the use of “Game Theory” attempts to determine the best outcomes for winners and losers within games, politics, economics etc. In this case though, the real loser I think is the third party here… You and I.

This game cannot be won. It will continue back and forth and there will only be collateral damage. Think of it this way… This war being waged by AntiSec and our government/authorities can be seen as the next war between all parties in the Middle East.

Fought over thousands of years because of perceived differences of opinion over religion and land. Like the Shia and the Sunni, or the Israeli’s and Iranian’s this tribal tit for tat will continue on and there will be no clear winner... Ever.

Perhaps WOPPR said it best… “A strange game. The only winning move is not to play. How about a nice game of chess?”

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
10117
Network->General
Information Security
Government FBI terrorism Anonymous Hacktivist Law Enforcement Lulzsec AntiSec Anarchy Scot Terban OpSec Krypt3ia Game Theory
Post Rating I Like this!
D551093f5d8af724e17929c91eb90d63
Andrea Zapparoli Manzoni Hi Scot,

during the seventies in Italy we had a period called "the lead years" (lead meaning the metal bullets are made of), because of endless terrorist attacks, both from the extreme left and the extreme right, which made several hundred of casualties, keeping the whole country hostage of fear and uncertainty.

To make a very, very long story short, 30-40 years later it is becoming increasingly clear that much of this terror was due to (or remotely controlled by) our government and foreign agencies, trying to force the middle class to ask for more control and protection, while avoiding that the communists could win the elections.

Today, if I'd want to implement and enforce more government (and corporate) control over the Internet, I would invent/tolerate/amplify something like Anonymous, Lulzsec, Antisec and the like... wouldn't you?
1328552540
Da3ca2c61c4790bcbd81ebf28318d10a
Krypt3ia Andrea, Something along the lines of Operation GLADIO you mean?
1328557507
D551093f5d8af724e17929c91eb90d63
Andrea Zapparoli Manzoni Well of course Gladio was one among many secret operations. The Red Brigades themselves (willing or not) were apparently infiltrated and often eterodirected by external influencers.

I made this example because I suspect there is some sort of "strategy of tension" also behind the mirabolant (but fortunately, until now, mostly harmless) cyber-stunts executed by the "Anonymous" brand.

Time will tell.
1328605169
A22d865efb1586145b9b6e7c6c7d9853
Sara Hald I was at a conference yesterday where a former head of the Danish Police Intelligence Service was a speaker. He was worried that the Danes in general did not seem to care at all about increased surveillance, governmental control, and loss of privacy. I share his point of view - I regularly see people actually demand to give up their liberty and privacy to be able to shop shoes online and play Farmville with nothing to disturb them (if you have nothing to hide, you don't need privacy, right?). I agree that we all will probably be the victims in this game, but I am afraid that the general populace won't see it until it is way too late and perhaps not even then.
1328701567
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.