Wednesday, 7 March 2012

Thoughts on the organisation of hacker collectives


I was interested to read an article by Rain Ottis on Cyber Militia Models –Offensive http://uscyberlabs.com/blog/2012/02/15/cyber-militia-models-offensive/ where he described three organisational models for cyber militia groups, in the article he goes into details about the models with their strengths and weakness. The models he describes are
·         The forum
·         The cell
·         The hierarchy

What struck me is that these models also apply to hacker groups and the strengths and weakness will apply to hackers groups as well as cyber militia.
Most hactivist groups will be based around the forum or the cell organisations models and probably most operate a hybrid model of where a first tier of skilled hackers operated within a cell structure with the cells using a forum structure to coordinate activities between themselves and with a second tier of followers

Recent events with LulzSec and Anonymous seemed to indicate that LulzSec was a smaller group organised along the lines of a single cell, in the case of LuzSec it appears the FBI turned the key member of the group allowing the rest of the cell to be identified and arrested. With Anonymous and the arrest of 25 members last week http://news.cnet.com/8301-1009_3-57387203-83/interpol-sweep-nets-25-anonymous-suspects/?tag=mncol;txt, it appears to be a larger grouping with a hybrid structure where small number of skilled hacker cells working within a forum structure to organise and coordinate activates with other cells and less skilled followers. From online posts it appears a forum was infiltrated and the 25 users of that forum where arrested. This organisation model is backed up by the report http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf on the Anonymous attack on the Vatican, which outlines how a small group of skilled hackers recruited a larger group of foot soldiers for the attack.
So far it appears the arrests of 25 members have not seriously affected Anonymous with other cells still active and the group responding to the arrests. With the arrest of 5 LulzSec hackers yesterday it remaisn to be seen if the current incarnation of the group will die, what will happen to is supporters will be a matter of conjunction, some may migrate to other hacker collectives and carry on with online activities or possible some will create another cell in name of LulzSec.

I have used some terms from military and terrorist terminology in describing the hacker collectives, this does not indicate that hacker groups such as LulzSec and Anonymous are aligned with military or terrorist groups. I will be futher refining my thoughts on this subject areas as part of know thy enemy when looking at information security.

No comments:

Post a Comment