In retaliation for the indictments of several people and companies connected to the content-sharing website Megaupload, hackers associated with the online activist group Anonymous recently claimed responsibility for attacks on at least six government and entertainment websites.
Included among the hacktivists' victims are the U.S. Department of Justice (DOJ), the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), Universal Music Group, the Utah Chiefs of Police Association and the U.S. Copyright Office. Each of the organizations' websites experienced complete failure or severe slowdowns.
The assault – a series of distributed denial of service (DDoS) attacks – appears to be in response to the indictment of seven individuals and two Hong Kong-based companies associated with Megaupload.
On January 19, the FBI seized the popular file-sharing website's domain, claiming it provided a way for users to distribute content illegally over the Internet. The same day, a Virginia grand jury issued indictments for Megaupload Limited, Vestor Limited and their executives for their alleged participation in copyright infringement, racketeering and money laundering.
Four of the people were arrested, including the site's founder Kim Dotcom, who was detained in New Zealand. The remaining three are still at large.
Shortly after the indictments were announced, Anonymous claimed via Twitter that it had launched an attack on the websites.
"The government takes down Megaupload? 15 minutes later Anonymous takes down government & record label sites," the group stated under the Twitter account @YourAnonNews.
The event comes at a time when copyright infringement is a particularly hot-button issue, especially in the United States. Congress is currently considering two major pieces of legislation aimed at cracking down on the illegal sharing of music, movies and other material – the Stop Online Piracy Act (SOPA) in the House of Representatives and the Protect Intellectual Property Act (PIPA) in the Senate.
According to the Wall Street Journal, federal investigators said the arrests stemmed from a two-year investigation of Megaupload and not the pending legislation.
"Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK [sic]," Anonymous stated via Twitter.
Several organizations have protested the legislation in other ways. For example, on January 18, Wikipedia blacked out its website for 24 hours. Search engine giant Google, meanwhile, put a black box over its logo for the day.
Anonymous, however, has never been known for its subtlety and has frequently rallied behind popular protests against the U.S. and other world governments. Last year, for example, the hacker group threw its support behind the Occupy Wall Street movement as well as the protests in Egypt that eventually led to the ousting of the country's president, Hosni Mubarak. In its involvement in the latter event, Anonymous claimed responsibility for taking down several Egyptian government websites as well as the website for the country's National Democratic Party.
The group's activity slowed down in the latter half of the year, but it made headlines once again during the Christmas weekend when it stole thousands of email addresses and credit card information from data security firm Stratfor.
Some had predicted that Anonymous' slowed activity was attributable to organizational issues within the group. By design, Anonymous is a leaderless entity, which makes it difficult to predict and therefore more dangerous. On the other hand, this lack of organization could present complications, as members of the group may have conflicting agendas that get in the way of its overall message.
Nevertheless, the hacker group has kicked off the new year with a bang, first aligning with the People's Liberation Front to attack websites of the Nigerian government. This latest attack, dubbed Operation Megaupload, appears to be one of Anonymous' most pointed yet, and will undoubtedly find sympathy from those who disagree with SOPA and PIPA.
However, as any organization that has ever suffered a cyberattack – whether at the hands of Anonymous or otherwise – can attest, such incidents are not to be taken lightly. Data breaches present a serious problem in both the public and private sectors, and though DDoS attacks are difficult to anticipate, there are steps organizations can take to safeguard their networks and the sensitive information contained on them.
As the cyberthreat landscape evolves, so must data security measures. These days, data is a hot commodity and represents an enticing target for cybercriminals. Therefore, it is advised that organizations adopt an approach that protects the data itself, rather than individual computers or other IT systems. Data-centric security practices, such as encryption and cloud-based solutions, ensure that information is as safe possible and remains out of the hands of those that would exploit it for personal gain.
Data Security News from SimplySecurity.com by Trend Micro