I was interested to read an article by Rain Ottis on Cyber
Militia Models –Offensive http://uscyberlabs.com/blog/2012/02/15/cyber-militia-models-offensive/
where he described three organisational models for cyber militia groups, in the
article he goes into details about the models with their strengths and
weakness. The models he describes are
·
The forum· The cell
· The hierarchy
What struck me is that these models also apply to hacker
groups and the strengths and weakness will apply to hackers groups as well as
cyber militia.
Most hactivist groups will be based around the forum or the
cell organisations models and probably most operate a hybrid model of where a
first tier of skilled hackers operated within a cell structure with the cells
using a forum structure to coordinate activities between themselves and with a
second tier of followers
Recent events with LulzSec and Anonymous seemed to indicate
that LulzSec was a smaller group organised along the lines of a single cell, in
the case of LuzSec it appears the FBI turned the key member of the group
allowing the rest of the cell to be identified and arrested. With Anonymous and
the arrest of 25 members last week http://news.cnet.com/8301-1009_3-57387203-83/interpol-sweep-nets-25-anonymous-suspects/?tag=mncol;txt,
it appears to be a larger grouping with a hybrid structure where small number
of skilled hacker cells working within a forum structure to organise and
coordinate activates with other cells and less skilled followers. From online
posts it appears a forum was infiltrated and the 25 users of that forum where
arrested. This organisation model is backed up by the report http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf
on the Anonymous attack on the Vatican, which outlines how a small group of
skilled hackers recruited a larger group of foot soldiers for the attack.
So far it appears the arrests of 25 members have not
seriously affected Anonymous with other cells still active and the group responding
to the arrests. With the arrest of 5 LulzSec hackers yesterday it remaisn to be
seen if the current incarnation of the group will die, what will happen to is supporters
will be a matter of conjunction, some may migrate to other hacker collectives
and carry on with online activities or possible some will create another cell
in name of LulzSec.
I have used some terms from military and terrorist
terminology in describing the hacker collectives, this does not indicate that
hacker groups such as LulzSec and Anonymous are aligned with military or
terrorist groups. I will be futher refining my thoughts on this subject areas as part of know thy enemy when looking at information security.
No comments:
Post a Comment