Source: networkworld.com (WARNING…lots and lots of computer lingo below…try to follow it…it is informative)
- By Ms. Smith
- Wed, 02/05/14 – 4:32pm
Secret British spy unit JTRIG hit hacktivists with ‘Rolling Thunder’ cyber attacks, but if a non-G-man had launched an attack to stifle free speech, then they could face prison time.
A secret Government Communications Headquarters (GCHQ) spy unit engaged in online attacks against the hacktivist groups Anonymous and LulzSec. Whether or not you support hacktivisim or believe Anonymous was in the right, one of the most worrying aspects to come out of the Snowden-leaked presentation is that if a non-government person were to have carried out such cyber attacks, then they could face jail time under the flawed Computer Fraud and Abuse Act (CFAA).
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder — and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.
JTRIG is not an acronym with which you should be familiar, as the agency “has never been previously disclosed publicly.”
After convicted LulzSec hacker Topiary, aka Jake Davis, heard the news, he tweeted:
Chris Weatherhead, founder of the AnonOps IRC network, “didn’t directly contribute to a DDoS campaign but ran the communication hub where the protests were coordinated.” He “received a whopping 18-month sentence.” After reading about Rolling Thunder, Weatherhead was clearly upset and took to Twitter. He “couldn’t get his head around” being fed BS by the police “while GCHQ happily attacked my servers.” He added, “Server operators weren’t involved in an attack either and were punished/terminated by ISP’s who got DDoS’ed by GCHQ.”
NBC reported that JTRIG “shut down communications among Anonymous hacktivists by launching a ‘denial of service’ (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.”
When a government presentation [pdf], which was never intended to be seen by the public, makes a claim, should we believe it? The Rolling Thunder slide above is titled DDoS, and the IRC conversation referred to it the same way, but it was using the term DDoS (distributed denial of service) instead of DoS (denial of service) in the NBC article that set off Errata Security’s Robert Graham.
After detailing the difference between the two, Graham took to Twitter to state among other things, “A synflood is just a DoS, and just because some idiot kids call it DDoS doesn’t make it so.”
F-Secure’s Sean Sullivan pointed out that “DDoS is the name on the slide,” so it’s not just an “idiot kid,” but Graham insisted that it would only be correct to call it a DDoS if Greenwald could “vouch for the technical expertise of the doc writer.”
Read the rest of this intrigueing report about the Government breaking the law, (yet again) at networkworld.com