AntiSec and Anonymous: Is Law Enforcement Barking up the Wrong Tree?
Image Credit: AnonOps

Following a series of high end hacks against US authorities, analysts have come to question whether law enforcement can ever really deal with the Anonymous collective.

The debate re-emerged on 3 January after Anonymous posted a link to an MP3 recording of a conference call between the FBI and Scotland Yard.

The call chronicled a conversation between the FBI and British authorities discussing the two's ongoing LulzSec and Anonymous investigations.

The fact that the majority of the call was spent with each agency sharing the information it had - not all of which was uniform in what it was saying - demonstrated the problem facing law enforcement agencies hunting for Anonymous members.

How Deep Does the Rabbit Warren Run?

Operating off an open IRC channel, the collective allows any user to join and become a member, or "Anon" as they tend to refer to themselves. Though the information is far from official, Anonymous reportedly picks its targets in a democratic way, with participants in the chat putting forward their chosen target and arguing their case to the other members as to why the proposed target deserves Anonymous' attention.

The advantage of this is that, with the collective having no one leader and operating with fairly autonomous members across the globe, it is nigh impossible for law enforcement to ever fully arrest every Anon or target the collective as a whole.

As noted by Sophos analysts Graham Cluley: "A problem with Anonymous's structure is that it has *no* structure and no real members. That has benefits for it, of course, when it comes to avoiding law enforcement..."

Moreover because of its lack of cohesion, even if every Anon - suspending disbelief - was arrested, it would be entirely plausible that Anonymous would continue to exist: "The Anonymous banner is used by many individuals. Anyone can claim to be acting under their flag. So it's hard to imagine how Anonymous hacking activity could ever be entirely stamped out," said Cluley to the International Business Times UK.

Citing its inability to target the collective as a whole, Cluley went on to suggest that all law enforcement could do was continue arresting Anons as and when they appeared. "If the authorities are successful at bringing enough to justice, and if the sentences are meaningful, then it may give others food for thought as to whether malicious hacking is a sensible road for them to travel."

Chasing the Wrong Bunny

Building on Cluley's comments, many analysts have suggested that the only way to do any real damage to Anonymous is to take a more targeted approach. As stated by F-Secure analyst Sean Sullivan, many of Anonymous's members are thought to be fairly harmless, with little to no knowledge about how to hack or mount attacks past basic distributed denial of services (DDoS) assaults.

As demonstrated by TehWongz - a 15-year-old member of a copy-cat group of hackers that claimed to have links with Anonymous and LulzSec - many of the alleged Anons arrested have little to no knowledge of any other Anonymous members. TehWongz was arrested by UK police earlier in 2011 and has since become a subject of public ridicule after a leaked FBI and Scotland Yard conference call revealed how little he knew about the overarching significance of his actions.

Cases like TehWongz have since been used by analysts as proof of the fact that many Anons have no real information on the collective or any of its other members and are simply young teenagers, many who don't understand the lengthy jail sentences Anonymous's activities can carry - making their arrest inconsequential to the collective as a whole.

"Regarding being 'pranksters', I think that the AntiSec faction realizes the limits the larger Anon group creates," commented Sullivan. Building on this, Sullivan went on to suggest that the public nature of Anonymous's activities distract from the older more knowledgeable and, by extension, more dangerous participants in the same campaigns.

Specifically, Sullivan cited an exchange between Sabu and Weev as proof of his theory. "He [Weev] was dressing down Sabu several weeks ago on Twitter and Sabu appeared to [be] very apologetic towards Weev (from my point of view).

"I guess Weev has greater street cred because he's seen the inside of US Federal prison. Weev seemed to be telling Sabu that Anon/LulzSec was doing a disservice to the AntiSec moment, and that many in the press even had the idea that AntiSec was a group of hackers rather than a movement."

Finally concluding: "I've seen Sabu make a few 'getting back to basics' tweets since then. So, there are clearly some among Anonymous that represent a threat from the FBI's point of view. But they would be mistaken to focus on the larger group."

Despite being a prominent member, living up to the collective's namesake, little is known about Sabu. In the past, despite there being several groups claiming to have discovered his identity, there is next to no official data on Sabu. Weev, aka Andrew Auernheimer, is a member of Goatse security - a nine-person group of hackers that infamously harvested AT&T iPad email addresses while exposing a security flaw in the device.

The FBI had not responded to the International Business Times UK's requests for comment on the two analysts' theories.