(Translated from the original Italian)
The word "Anonymous " evokes the myth of the hacker in today's society that defends freedom of expression and agrees with sensational cyber operations in the fight against censorship, as well as government's and industries questionable policies.
If Anonymous is perceived by future generations as an attractive ideology to follow, industry and government view with concern the threat posed by the group's operations.
Estimates of the damage done by groups like Anonymous in their frequent operations are as follows:
(click image to enlarge)
The majority of IT and security professionals are convinced that Anonymous and other groups of hacktivists are the main cyber threats because they are able to attack their organizations and have a significant impact on their primary business.
Around the 64% of the nearly 2,000 IT professionals who participated in Bit9's 2012 Cyber Security Survey believe that their companies will be target of a cyber attack during the next six months, and 61% of them chose hacktivists as the likely attackers.
(click image to enlarge)
Of course the main factor that exposes companies to the threat of these groups is their media exposure, their association with policies or international public debates on new regulations.
The groups have demonstrated, in my opinion, a great consistency in their choice of targets, offending companies that have distinguished themselves by embracing topics that are controversial.
No one can be considered safe, from the security provider who is willing to support the new regulations such as the Cyber Intelligence Sharing and Protection Act (CISPA) to the government agency intent on pursuing questionable international policies.
But which is the method of attack that most scares the companies?
Despite the fact that companies are afraid of Anonymous and hacktivism, they are most worried about the use of malware as cyber weapon as opposed to the classic Distributed Denial-of-Service (DDoS) and SQL injection attacks preferred by the hacktivists.
On this data we can make a couple of interesting reflections:
First, companies are scared of hacktivism but consider the mode of attacks not so dangerous. The fear of anonymous attacks is related to the media effect on its operations which could damage the image of the business and also attract other criminals groups to the target.
Second point, it is expected that there will be a radical change in the modus operandi of the Anonymous because it is attracting also many hackers and professional that are interested in its operations.
The skill of the hackers is increasing and the imminent risk is that a 0-day vulnerabilities could be found and exploited by the hacktivists, causing extensive damage.
The scenario described is not so absurd; let's consider in fact that many operations of the groups could be conducted by rogue government supported groups of hackers covertly. In this case, the power of an attack by the groups could be amplified.
Consider also that there is a high risk of infiltration of groups such as Anonymous, which could be compared to a powerful cyber weapon. In that case, operations could be assessed against political targets.
Many experts are sure that behind the recent attacks against China and it's Great Firewall is the involvement of western intelligence agencies, and the same scenario is in play in Syria and in Tibet where groups of hacktivists have provided technological support to dissidents.
Anonymous, and foreign governments, are well aware of the impact that political scandals could have on a country like China, and emblematic is the case of communist party politician Bo Xilai.
Xilai, the former Chongqing party chief, was removed from his position in his party last week because he and his wife, Gu Kailai, are being investigated for the murder of British businessman Neil Heywood. The news has a dramatic effect on Chinese Public opinion, and for this reason immediately the government has increased the monitoring of social media to contain the diffusion of the news.
On the other side of the coin, groups related to Anonymous have started to attack principal government web sites trying to enforce the censorship wall. Information searches for both Bo Xilai and his wife’s name were quickly blocked on Sina Weibo, and mass censorship of comments were begun.
What can we expect from Anonymous in the future?
Nobody in technology, nor in business, can ignore the cyber threat posed by the group and must consider it in its cyber strategy. At the same time, the group has to increase its operations and the media effect by choosing more striking objectives and conducing attacks able to cause even damage. The next steps may include more advanced attack methods such as creating malware to exploit unmitigated vulnerabilities.
Anonymous must be analyzed with a multidisciplinary approach, it is an amorphous creature that quickly changes and is able to adapt its behavior to the context needed for successful attacks, thanks to the large and heterogeneous participation in its collective.
But do not forget that Anonymous, due its notoriety, has become the perfect scape goat with which government and private industry can perform cyber attacks in the name of the group and by employing its crowd sourcing power..
As such, we run the serious risk of being frightened by the entity and directing our efforts against the wrong image reflected in the mirror, and the result of diversions - or worse - of an undercover action.
In my opinion this is the most disturbing aspect of the story. How to avoid this? It’s hard to say, it is an impossible to hazard a forecast. Personally, if I were part of the collective, I would begin to evaluate a social awakening considering that the movement is also an expression of large masses.
That is the real challenge for a movement that may die due its notoriety, but consider that the awakening isn’t so simple because Anonymous has no unified voice and no real control center.
The choice could actually split the group, giving rise to crazy cells, impossible to control and very dangerous.
Cross-posted from Security Affairs