In a video sent to American news portal News2share yesterday, the hacker group ‘Anonymous’ demonstrated the results of attacks made against HK government computers. They also threatened to hack Chinese Government websites if the Government did not stop their actions against protesters. Ford Fischer, the Executive Producer of News2share.com who has been in contact with the Anonymous members and told HT that Anonymous next intends to hack about 150 specific Chinese governmental websites.
Two weeks ago, Anonymous released a video comparing the tear gas used by Hong Kong riot police on Umbrella Movement protesters to American police tactics used in Ferguson, Missouri earlier this year. Threats were made in the video to organise attacks on government websites as the group expressed displeasure at how the Police had been dealing with protesters. The video has now received nearly 300,000 views.
Until this moment, Anonymous has attacked quite a number of websites. Examples are: http://www.news.gov.hk/, http://www.autismpartnership.com.hk , http://www.abaca.hk/ , http://wpll.com.hk/ , http://www.synctech.hk/ , and http://www.mmcl.com.hk/ . Some were defaced, while others were taken down completely. Most of them have been repaired over time but some still remain down. In the video sent yesterday, members of Anonymous flaunted the email addresses and other sensitive information of Hong Kong and China officials. Anonymous said it had already leaked 50,000 usernames and emails.
Ford Fischer said the Anonymous group doesn’t seem to have a very specific set of demands, although their purpose for the attacks are stated as retribution for the way the police have handled the protestors. The group’s basic intention is to show solidarity with the protestors on the world stage. They have been using Facebook to communicate in a core chat, which has allowed Fischer to observe, ask questions, and use the info at his discretion.
In the video, Anonymous has stated their next target will be Central Government websites. Fischer adds that the group has exhausted the number of Hong Kong Governmental websites vulnerable enough for them to deface and are reframing their mission in order to get a fresh set of targets in China, “They have a list of the URLs and IP addresses of about 150 specific Chinese governmental websites they intend to hack. While they aren’t perfect, when they release lists like this to try to mobilize others to participate, they tend to be quite successful.” Fischer is confident in the action by Anonymous, “I’d be shocked if any less than 100 of those websites hasn’t been impacted in the next week.”
Concerning the attack on Hong Kong Government websites, the Commercial Crime Bureau arrested five suspect hackers, aging from 13 to 39, on October 6th. When asked whether the arrests have affected the group, Fischer points out that some of the hackers arrested in Hong Kong did not even identify themselves as Anonymous members, but he quotes something that was said in the Facebook chat, “It doesn’t matter what they call themselves. We’re all Anons.”
Gareth Hayes, Director of IT at Corporate Intelligence and Risk Mitigation Asia (CIRMA), raised his concerns over the attacks by Anonymous. In an article contributed to HT, Hayes mentions the attacks by the group have thus far done little to help the movement and pose minimal risk to the Hong Kong government. The websites targeted have been ‘low hanging fruit’ from a security perspective. However, Hayes adds there is potential, and the groundwork has been laid, for the attacks to paralyze Hong Kong government and business IT infrastructure.”
“The individual people involved have not understood the goals of the protesters and while many mainland government websites have been targeted, they appear to simply be attacking practically any website associated with China or Hong Kong that has weak security, even a small hair salon in one case.
Over the last few days, their attacks have become more directed and focused specifically against mainland government websites, however the majority of websites that have faced a data breach or been taken offline are old sites with poor security, many of which have not been updated since 2006 and do not seem to be in active use.
A total of around 50,000 user credentials have been leaked however only around 5,000 of these are government related, the rest are private individuals, and none are from Hong Kong related websites.
It appears that Anonymous does not have sufficient numbers engaged in this operation to cause serious damage, nor do they have sufficient communication with anyone within the protest movement to aid in the selection of appropriate targets.
As yet, there is not a strong “leadership crew” for this operation, however the government should take notice because this is how previously paralyzing operations against Visa and Mastercard as well as the FBI also started – very poorly.
A typical Anonymous operation begins with unorganized and poorly thought out attacks, however each successful exploit motivates greater numbers and a strong leadership crew emerges from amongst them. This ultimately ends in financial loss and/or public humiliation of the targets. If this level of attack is mobilized against Hong Kong, the government must expect that most of their IT infrastructure will become paralyzed for days, and none of their past emails will remain private. Businesses and media outlets that have made pro-Beijing statements should expect a similar outcome.
The groundwork for an expansion into a paralyzing attack has been laid with the hacked credentials and defaced websites making news, and it will become clear over the next few days whether or not a critical mass of Anonymous members will be joining the operation or not – much of it will depend on the government’s next move and how that is perceived by members on an individual level.”
Charles Mok (莫乃光), LegCo Member for the IT functional constituency, says to HT that he does not support such hacking attacks as a means to push for a particular cause, despite his support for the occupation movement.
He shares a similar view to Hayes that the group does not have much knowledge about Hong Kong, and may bring forth unwanted destruction, “the situation now is particularly worrying in that the attackers do not seem to be very familiar with Hong Kong, and so far quite some collateral damages has been caused to organizations including NGOs unrelated to the political issues on hand.” Mok points out that, as most government websites or servers tend to be better equipped and protected than other NGOs or SMEs in Hong Kong, the end result may be that more damages are caused on “bystanders” than the government itself. He doubts the effect on the outcome of the movement will be substantial.