Assignment 2: RA 2: Contemporary Issues and Methods: Anonymous
In today’s world, technology must be considered when examining the psychology of espionage. Additionally, societal response is a key in understanding the impact of these acts. In this assignment, you will have the opportunity to analyze the relationship between cyber activity compromising national security information and the social media response.
The government organization for which you work has taken notice of the actions of a group named “Anonymous” against the Church of Scientology, among others. In order to better prepare, your organization wants you to analyze, from a forensic psychological perspective, a potentially significant compromise of national security information via a cyber attack. You have been instructed to use the attack on Scientology, the HBGary attack, or other significant cyber attacks credited to Anonymous as your basis of comparison.
Using the Argosy University online library resources and other reputable, valid sources, research the group Anonymous and its cyber-hacking activities, paying particular attention to the actions against the group’s methods. Use your interrogatories (who, what, where, when, how, and why) to guide your research.
Write a 10- to 12-page report that analyzes the impact this group has (or may have) on the U.S. (societal impact, including economic and infrastructure), corporate America (business impact), and the government (political impact).
In your report, address the following:
Provide a synopsis of the group’s methods, goals, and activities. Make sure you address its actions against its target as well as its overall activities, goals, and methods. Also, include an explanation of the group’s members and its makeup (e.g., the demographics and characteristics of the group members).
Discuss motivations and possible explanations for the group’s behavior. Identify the psychological constructs and processes and explain the group’s actions. For example, describe what types of social psychological constructs reinforce its membership. Social psychology research on group dynamics will help in this explanation.
Analyze the impact of a potential attack on the US government. At minimum, address the following:
How vulnerable is the US government to a potential cyber attack?
What parts of the IC are most affected by a potential cyber attack on US systems? Why?
Analyze the impact of a potential attack on society. At minimum, address the following:
What role would the social media play in future incidents of espionage and counterintelligence (CI) activities?
What would be society’s response to the attack? Would society be supportive or nonsupportive? How would it be divided? Justify your answers.
What would be the real and intangible consequences of Anonymous’s hacking activities? What would be the positive and negative impacts of its actions on society? Overall, would society benefit from or be hurt by such actions? Justify your answers.
Summarize key points and provide a conclusion, based on your analysis, of what can be done in the IC to avoid future compromises.
Contemporary Issues and Methods: Anonymous
The Anonymous hacktivist group has made a significant societal, business, and political impacts across the United States. The hacktivist group poses a growing challenge to various kinds of businesses, government organizations, and high-ranking individuals. The group achieves its objectives by disrupting business operations or by leaking sensitive information to the public. Such actions have far-reaching consequences upon business organizations, the government, and individuals. In the face of the growing cyber threats, modern governments and business entities cannot survive without the internet. As such, they have to develop the means and mechanisms of protecting themselves from cyberattacks. While there exists various means of preventing cyber intrusions, hacktivist groups such as Anonymous have been able to stay ahead of technology, perpetrating attacks even on the most secure websites. This paper examines the Anonymous hacktivist group operations in cyberspace and the potential consequences to the societal, business, and political arenas.
Synopsis of the Group’s Methods, Goals, and Activities
In 2008, the hacktivist group Anonymous made headlines after successfully launching a devastating cyberattack on the Church of Scientology’s official website. The group launched a DDOS (distributed denial of service) attack against the Church of Scientology’s website in protest against the church’s alleged brainwashing (Dipankar & Denise, 2013). In particular, Anonymous made allegations against the church that it engaged in campaigns of suppression of dissent, misinformation, and its litigious nature. Anonymous launched the attacks after the church attempted to remove a YouTube video by Tom Cruise, a movie star, professing his acknowledgement of the Scientology’s activities. This was in an effort by the church to ensure that people did not access the copyrighted video.
Hacktivist groups such as Anonymous use complex methods to steal data or information from the internet and cause disruptions in normal operations involving the internet. The group mostly uses DDOS attacks (distributed denial of service) to bar users from accessing the internet, causing disruption if service provision (Dipankar & Denise, 2013; McCarthy, 2015). This is what was used in the Church of Scientology attack. The group uses DDOS attacks on corporate websites, government websites, and religious websites. DDOS attacks involve overwhelming a particular online service with traffic originating from different and multiple sources. Anonymous may also use conventional tools used by hackers such as Havij to steal data from various applications. Havij is an SQL injection tool that enables users to retrieve data. This is the reason why hackers apply this tool for stealing data and information from applications.
Unlike other hacktivist groups that have clear goals, Anonymous seem to lack clearly defined goals. Anonymous does not have a specific course for its hacktivist activities. Instead, the group has multiple goals and targets. The targets keep on changing from government websites, corporations, to individuals and for diverse reasons (McCarthy, 2015). Despite the lack of a clear or specific goal, the group’s activities points to an overarching desire to promote freedom of information and curtail government censorship. As such, the group aims at preventing any forms of censorship or efforts by governments or other organizations to deny their citizen the freedom of information. The Church of Scientology had made efforts to prevent access by members of the public a copyrighted video on YouTube. Anonymous does not comprise of any specific membership, but includes a diverse membership from different races, age groups, and gender. Moreover, Anonymous lacks a clear organizational structure in that it does not have a top and neither central command. The mode of the group’s operation involves reaching informal mutual agreements to conduct specific attacks (McCarthy, 2015). This makes it difficult to control the group.
Motivations and Possible Explanations for the Group’s Behavior
The major motivation behind Anonymous’ behavior is to combat censorship of information especially by governments. The hope is that through its actions, the group can promote the freedom of speech by exposing even sensitive information to the public. In the Church of Scientology attack, the major contentions were alleged misinformation and dissent by the church. The group takes political dimensions at times but lacks affiliation to any party. The Anonymous group is also against any corporation or individual that threatens free sharing of information. In the past, Anonymous has launched attacks to organizations such as Recording Industry Association of America (RIAA), which have attempted to curtail information sharing over file-sharing websites such as Pirate Bay (Sauter, 2013). Anonymous group also launches attacks against any entities and individuals that attempts to undermine its activities.
Various psychological constructs and processes can help explain the group’s actions and the manner in which it operates. Social processes play a critical role in binding together members of a particular group. One of the key social processes is the interdependence of the individuals that make up the group. Group interdependence refers to the ability of the group to create interrelationships among members, enhance social interactions, and achieve common goals. Group interdependence plays a critical role in ensuring that Anonymous attracts and retains members. Another social psychological construct is group cohesion. This refers to the forces or processes that enhance connectivity of the group members at all times (Phan, Rivera, Volker, & Garrett, 2004). Group cohesion is also defined as the willingness of group members to stick together. Group cohesion may arise from a number of factors that are characteristic of the group. Some of the factors influencing the Anonymous group cohesion include belongingness, social attraction, a sense of support, and the need to achieve common goals.
Another social psychological construct that reinforces the group’s membership is altruism. This refers to an overbearing concern for the welfare of others (Phan et al., 2004). The altruism construct enables group members to feel helpful and that their actions are actually necessary for the welfare of others. Altruism also entails the desire to gain respect by unconditionally helping others overcome their problems. Thus to group members, the mere action of helping others creates a sense of satisfaction. Group Synonymous fights for the public’s right to information without any direct gains, which reflects altruism. Universality is another important element in the Synonymous group. Universality involves sharing a sense of connection among the group members and developing feelings of acceptance by other group members (Phan et al., 2004). Universality enables the group members to perceive that the problems they are facing are not unique to them but apply to different people.
Impact of a potential attack on the US government
The U.S. government is quite vulnerable to potential cyber-attacks basing on the recent history and patterns of attacks. Big corporation such as Citigroup, Sony, Verizon, the International Monetary Funds, JPMorgan, and others have experienced cyberattacks over the last decade. These firms are just a pointer to the fluidity of the security situation involving computer systems. The cyberattack threat is ubiquitous problem across the entire country, and involving corporations, government, and even individuals. The government faces serious challenges in averting the possibility of cyber warfare. A major reason for this is the rapid rate of technological evolution taking place across the country. Information technology has been a major force revolutionizing business across the world. However, the interlinked computer network has increased vulnerabilities of countries experiencing cyberattacks from any part of the world (Shackelford, 2013). The countries at greatest risk include the United States, China, Israel, United Kingdom, and Russia. This means they may experience attacks targeting their economics, military, and critical infrastructure networks such as power.
The emergence of new cyber powers has complicated policy development efforts that could see the enactment of regulations to improve cybersecurity. Moreover, growing tension between the United States and other counties such as North Korea, Russia, China, and others complicates the policy development process. The United States is highly vulnerable to cyberattacks that target its critical infrastructural systems such as electrical power supply, financial services provision, military command information systems, and government websites. According to Shackelford (2013), there have been attempts in the past to disrupt the country’s electrical system using logic bombs. Such cyberattacks, if successful, could lead to catastrophic results. On the other hand, some studies indicate that over 50% of companies have experienced cyberattacks in the US.
The motivations for cyberattacks are diverse. They range from espionage, terrorism, theft of confidential information such as customer financial data, and others. Currently, the US has recorded various instances of espionage attacks aimed at stealing the country’s economic and military secrets. One of the worst forms of cyberattacks is those that are state-sponsored. These may target private or public firms and cause much damage. According to Shackelford (2013), the U.S. government websites face over 1 billion attacks in a span of one month. However, only a fraction of these attacks reaches the mainstream media. Most of the cyberattacks reported are those of a high magnitude involving millions of dollars and many people. For instance in 2008, Georgia experienced serious cyberattacks that threatened the state’s entire internet infrastructure. This involved the use of botnets and DDOS attacks to overwhelm the state’s internet infrastructure, thereby crippling government service provision.
The current strategies for prevention and responding to potential cyberattacks are ineffective. Part of this problem lies in the use of legacy architecture in most of the country’s critical infrastructure. Legacy infrastructure is more vulnerable to cyberattacks comparing to newer architectures. The newer architectures offer resilience, flexibility, and functionality. The US lacks the appropriate policy frameworks that can help in tackling cyber insecurity. One of the major challenges in this relates to the inability to develop multilateral initiatives that can help countries develop and apply the appropriate legal frameworks. The government must also increase the workforce involved in cybersecurity operations. It is also critical to improve the cybersecurity workforce skills and knowledge in dealing with emerging cyber threats.
The vulnerabilities of the US government to cyberattacks are likely to persist in the near future. This is due to a number of inherent challenges relating to enhancing of cybersecurity. One of the challenges relates to design in that developers tend to overlook security features while concentrating more on features (Fischer, 2016). This is because of economic reasons. Another challenge in enhancing cybersecurity is the lack of incentives. While cybercrime is relatively safe, cheap, and profitable, cybersecurity on the other hand is an expensive undertaking with low returns. This discourages private firms and individuals from venturing into cybersecurity. There is also the lack of consensus among different stakeholders concerning how to implement cybersecurity. This is because of the different degree of risks that each organization faces. Another challenge contributing to the continued vulnerability is the ever-changing technological environment. Technology is rapidly evolving, with new applications and computing methods emerging every day.
Cyber threats in the US may have significant impacts in a number of areas. This may subsequently affect various parts of the IC. One of the key areas under threat is the information and communication systems. Cyberattacks may affect the communication infrastructure. The intelligence community heavily relies on the communication infrastructure to relay important information to the relevant authorities (Fischer, 2016). Military aviation systems are also at increased risk. The intelligence community relies heavily on the military and other law enforcement agencies for responding to potential threats. The other part that is most affected is data storage. With the ever-looming potential for a cyberattack, the intelligence community, just like other organizations lacks a full proof method of keeping sensitive data from unauthorized persons. Another part that could be most affected is the electrical power distribution system. An attack on this system could spell disaster since it could be difficult to keep communication lines open.
The impact of a potential attack on society
Another role that social media would play in an incident of espionage and counterintelligence is spreading of misinformation and rumors. Social media is a critical tool for availing real time information to a large segment of the populace. Cyber criminals can use social media to boast about their espionage victories either to law enforcement agencies or to the public. This may damage the reputation of the organizations involved. Hacktivist groups can use social media platforms to call members to action. For instance, Anonymous group is known to marshal members to conduct simple tasks such as directing traffic to particular sites. Hackers can impersonate people in a bid to steal sensitive information during espionage activities. Social media provides intelligence services with excellent opportunities to identify and establish relationships with potential spies who may be working in the country. The intelligence services can learn more about them by going through their social media accounts. For instance, it is possible to learn about their political views, their employers, people they interact with, and many other details.
Social media is already playing an increasingly pivotal role in espionage and counterintelligence activities. Intelligence services can be able to identify potential targets and develop social media accounts that appeal to their potential targets. For instance, intelligence services or spies have been able to develop fake social media accounts that depict owners as sharing similar interests as those of the potential target. With time, the intelligence service or spy can develop friendship with the potential target and get to know more about them. The intelligence service or spy can then send phishing messages to their potential victims. Once the real social media account clicks on the message with a phishing ling, the spy or intelligence service can be able to infect their devices with malware that transmit vital information without the victim’s knowledge. Social media is thus a vital tool in future incidents of espionage and counterintelligence activities.
In case of an attack, the society may be either supportive or non-supportive. This depends on the nature of attack as well as who or what organization the attack is directed. The public would be non-supportive in case a cyberattack targets the critical infrastructure. For instance, disruption of electrical power supply may significantly affect every individual thus developing a negative attitude towards such an attack. The public could be unsupportive of an attack instigated by a foreign country, and one that affects the critical infrastructure. The public may be supportive of cyberattacks that target particular institutions that have established a negative image or bad rapport with the public. For instance, the public may be supportive of cyberattacks targeting institutions that dump harmful waste in a reckless manner. The public may also support cyberattacks targeting institutions working against the people’s interests. For instance, the public has past been supportive of cyberattacks for quite some time.
The public may be divided along age segments concerning being supportive or non-supportive of an attack. A recent study by Pew Research Center (2014) indicates that 57% of young Americans between ages 18 and 29 believe that Wikileaks serves in the best interests of the public. Between ages 30 to 49, only 48% of the respondents agree that it has served the interest of the public. Between ages 50 to 64, the figure is 39% while above age 65 only 35% indicated that Wikileaks serves the interests of the public (“Pew Research Center,” 2014). Indeed, these findings are not surprising. The findings reflect the differences in perceptions among various age groups regarding cyberattacks. Public opinion could also be divided along various other factors, and depending on the personal interests of the people.
Political affiliations also play a significant role in influencing the public’s opinion on cyberattacks. In the last general election, claims emerged linking Russia to interference with the general elections. According to Kreps and Das (2017), there are divisions of public opinion concerning whether Russia is an enemy or a friend. The divisions reflect party identification among citizens. As such, there are sharp divisions over whether the government should take retaliatory action against Russia. Some people have questioned whether Russia actually conducted the cyberattacks, while others feel that Russia was fully responsible. This depends on party affiliations during the last general elections. One faction of the political divide, mainly the Democrats, has called for sanctions against Russia. On the other hand, the Republicans maintain Russia had nothing to do with the elections. Nonetheless, both parties agree that the US may take retaliatory action in case of cyberattacks that result to casualties.
There growing fears that Anonymous group may lead to serious consequences befalling the country. Anonymous hacking activities could lead to an increase in number and scale of cyberattacks and cybercrime in the country. This is because the group’s success acts as motivation for other groups to engage in cyber-activism and cyber-terrorism. Another consequence of the group’s activities relates to leaking of sensitive government information to spies and enemy states. Some of the sensitive information may increase tension among states or even lead to war. Anonymous group may cause the public, government, organizations, and individuals to lose trust in the internet, especially when they lose sensitive information. With increasing threats from Anonymous and other groups, there is a possibility that the government may opt to increase restrictions and fragmentation of the internet. The group’s activities could also lead to a cyber-warfare with devastating consequences.
The positive impacts of groups such as Anonymous are that they promote uncensored distribution of information to the public. Anonymous is part of groups fighting to end information asymmetries that arise due to government censorship of the right to information (McCathy, 2015). Anonymous can help promote freedom of information by enabling the free flow of information and deliberations. Anonymous group promotes the concept of human rights to societies by availing information that may otherwise be kept away from the public for personal interests. On the other hand, there are negative impacts for the group’s actions. One possible impact is breaching of intellectual property rights. For instance, Anonymous activists believe that intellectual property should be public good (McCarthy, 2015). Another negative impact is the denial of service. Anonymous group sometimes work by disrupting government or private websites, which denies member of the public their right to access services. Another negative impact is loss of sensitive customer information. Anonymous group may target financial institutions with an aim of revealing customer data to the public, putting them at risk of data theft and financial losses.
Overall, the society will suffer such actions by Anonymous group. By revealing government secrets, the group will likely damage the relation between the US and other governments. This will lead to tension between the US and other states; hence reduced trade and economic cooperation. This will hurt the society more. Although the public has the right to information, there is need to enhance confidentiality and privacy. Another reason why the society may not benefit is that groups such as Anonymous operate outside the confines of the law. As such, what they do is illegitimate. Moreover, they are not responsible for their actions even if they lead to losses upon innocent victims. For instance, many people may experience losses especially when denial of service attacks occurs.
Summary and Conclusion
Anonymous is a hacktivist group that mainly uses DDOS attacks to cause denial of service to internet users. The group lacks clear goals and neither does it have a clearly defined organizational structure. The major aim of the group is to ensure that the public retains unrestricted access to information. In other words, the group aims at curtailing government censorship, although its goals may change depending on circumstances. The analysis indicates that the United States is highly vulnerable to a cyberattack that may cripple its critical infrastructure systems. The increased use of social media has given hackers a tool that they can use to their advantage in collecting information through various means. In order to avoid future compromises, this study recommends that the government upgrades its legacy infrastructure and replace it with newer architectures that offer resilience to cyberattacks.
Dasgupta, D., & Ferebee, D. (2013). Consequences of diminishing trust in cyberspace. International Conference on Information Warfare and Security, , 58.
Fischer, E. A. (2016). Cybersecurity issues and challenges: in brief. Congressional Research Service. Retrieved from https://fas.org/sgp/crs/misc/R43831.pdf
Kreps, S., & Das, D. (2017, Jan. 19). Americans are united on retaliating against Russian cyberattacks. The Washington Post.
McCarthy, M. T. (2015). Toward a free information movement. Sociological Forum, 30(2): 439- 455.
Pew Research Center. (2014). Most young Americans say Snowden has served the public interest. Retrieved from http://www.pewresearch.org/fact-tank/2014/01/22/most-young- americans-say-snowden-has-served-the-public-interest/
Phan, L. T., Rivera, E. T., Volker, M. A., & Garrett, M. T. (2004). Measuring group dynamics: an exploratory trial. Canadian Journal of counselling, 38(4): 234-243.
Sauter, M. (2013). LOIC will tear us apart: The impact of tool design and media portrayals in the success of activist DDOS attacks. American Behavioral Scientist, 57(7), 983-1007. doi:10.1177/0002764213479370
Shackelford, S. J. (2013). Toward cyberpeace: managing cyberattacks through polycentric governance. American University Law Review, 62(5), 1273-1364