LAW: EFF on cyber attack against hacktivists: CFAA for you; impunity for feds

Source:  (WARNING…lots and lots of computer lingo below…try to follow it…it is informative)

Secret British spy unit JTRIG hit hacktivists with ‘Rolling Thunder’ cyber attacks, but if a non-G-man had launched an attack to stifle free speech, then they could face prison time.

A secret Government Communications Headquarters (GCHQ) spy unit engaged in online attacks against the hacktivist groups Anonymous and LulzSec. Whether or not you support hacktivisim or believe Anonymous was in the right, one of the most worrying aspects to come out of the Snowden-leaked presentation is that if a non-government person were to have carried out such cyber attacks, then they could face jail time under the flawed Computer Fraud and Abuse Act (CFAA).

According to an NBC investigation:  

The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder — and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms.

JTRIG is not an acronym with which you should be familiar, as the agency “has never been previously disclosed publicly.”

After convicted LulzSec hacker Topiary, aka Jake Davis, heard the news, he tweeted:

Topiary reacts to news of JTRIG Rolling Thunder cyber attacks

Chris Weatherhead, founder of the AnonOps IRC network, “didn’t directly contribute to a DDoS campaign but ran the communication hub where the protests were coordinated.” He “received a whopping 18-month sentence.” After reading about Rolling Thunder, Weatherhead was clearly upset and took to Twitter. He “couldn’t get his head around” being fed BS by the police “while GCHQ happily attacked my servers.” He added, “Server operators weren’t involved in an attack either and were punished/terminated by ISP’s who got DDoS’ed by GCHQ.”

NBC reported that JTRIG “shut down communications among Anonymous hacktivists by launching a ‘denial of service’ (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.”

Joint Threat Research Intelligence Group (JTRIG) Rolling Thunder attack

When a government presentation [pdf], which was never intended to be seen by the public, makes a claim, should we believe it? The Rolling Thunder slide above is titled DDoS, and the IRC conversation referred to it the same way, but it was using the term DDoS (distributed denial of service) instead of DoS (denial of service) in the NBC article that set off Errata Security’s Robert Graham.

After detailing the difference between the two, Graham took to Twitter to state among other things, “A synflood is just a DoS, and just because some idiot kids call it DDoS doesn’t make it so.”

F-Secure’s Sean Sullivan pointed out that “DDoS is the name on the slide,” so it’s not just an “idiot kid,” but Graham insisted that it would only be correct to call it a DDoS if Greenwald could “vouch for the technical expertise of the doc writer.”

Read the rest of this intrigueing report about the Government breaking the law, (yet again) at

Updated: February 7, 2014 — 3:43 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 24th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural southern Wyoming, just below the continental divide (long story, that...). Always ready to help others, he shares what he learns on multiple blogs, many social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.