Anonymous took down CIA.gov Friday, then didn't, then did, then did it again today

Even Anonymous news outlets seemed uncertain who actually downed CIA.gov

Hacktivist collective Anonymous collected a lot of kudos Friday for taking down CIA.gov, presumably by DDOS attack.

Now it turns out Anonymous may not have been responsible.

The same YourAnonNews Twitter account that trumpeted the blackout as "CIA TANGO DOWN:cia.gov #Anonymous" at 3:25, changed its tune by later than night.

"We'd remind media that if we report a hack or ddos attack, it doesn't necessarily mean we did it...FYI."

Actually, when Anonymous news feeds report an outage as "tango down," it usually means either Anonymi or friends-of-Anonymous were behind the attack.

"Tango down" is a way to cheer an achievement, not report a problem with which the Anon have no connection.

The same phrase could be used to cheer some group of strangers with the chutzpah and resources to take down CIA.gov.

When it's someone else's work, Anonymous sources that announce the accomplishment typically give credit to the attackers, or at least make clear Anon are cheering from the sidelines rather than running the Low-Orbit Ion Cannon (LION) themselves.

("Tango" is milspeak for the letter T, which stands for "target," which is special-forces-video-game slang for anything you'd like to shoot. "Tango down" means you hit it.)

Anonymous takes credit, gives it back, then takes it again.

That doesn’t mean even plugged-in Anonymous sources such as YourAnonNews don't make mistakes. It's easy to assume any high-profile site outage is the result of an attack and that any attack comes from Anonymous, which is so diffuse and widespread a movement that it's easy for hackers to say they're part of or in sympathy with Anonymous even if they've never worn the mask or participated in Anon discussions or operations.

CIA.gov was down much of Friday night but was back online Saturday.

OK, yeah, we did it; some of us, anyway

Yesterday, the claim of responsibility was back on, as was a temporary new name for #F**kFBIFriday, an Anon celebration like Halloween, except it can happen every Friday, no one gets treats and the only ones tricked are the FBI and law-enforcement agencies.

The new , temporary holiday was #F**kCIAFriday, in homage to an attack that took down the leading U.S. intelligence agency for almost a full day.

"The CIA seems to be less prepared for fighting Anonymous than other agencies. If the work of dhs.gov was revived in mere minutes, the CIA's site was still down even hours after the attack. –AnonOps Communications, Sat. Feb. 11, 2012

Even that sounded oddly impersonal, however. "Anonymous took credit for crashing the websites of the U.S. Department of Homeland and Security and the FBI," AnonOps wrote, sounding like a messenger with no direct knowledge of the operation.

Whoever was behind attack on CIA.gov is at it again

Monday CIA.gov was down again – no response from HTTP port 80 that is the main entry/exit route for web-site traffic, though it responded to port 443, a common port for VPN connections using Secure Sockets Layer encryption.

As it was over the weekend, it wasn't clear who was responsible for the latest CIA.gov outage.

Anon chapters hacking Alabama, attacking the Mexico Chamber of Mines and downing sites for the Greek Parliament and government weren't shy about admitting they took down the Mexican Chamber of Mines, and cracked servers belonging to at least one major Alabama law-enforcement agency, claiming to have taken and then deleted personal records of 46,000 citizens.

The Alabama attack, for which an Anon-affiliated group called @CabinCr3w claimed credit, was a critique of the tough immigration law that went into effect there recently ; whoever did crack Alabama posted records for 500 residents, with Social Security numbers and other sensitive data eliminated.

All the rest of the data was deleted out of concern for its owners, according to the CabinCr3W announcement:

"We targeted your police and government servers, and as a result of this journey through the nether of your servers, we have stumbled across a treasure trove of data belonging to people in the state of Alabama. Unlike you, we are not criminals. We believe in protecting citizens' personal data. Because of your police being lazy when it comes to data security, we have acquired the following information of over 46,000 citizens of the state of Alabama:
  • Full Legal Names
  • Social Security Numbers
  • License Plate Numbers
  • Date of Births
  • Phone Numbers
  • Addresses
  • Criminal Records
…Because of the possible cost of lives and money to regular citizens, we are deleting this data and are seeking to make it known that you not only have shown zero regard for immigrants, but for the very citizens that live in the great state of Alabama." – Anonymous affiliates CabinCr3w, Feb. 10, 2012.

That treatment – an overt acknowledgement of fault, explanation of the reasons behind an attack, warnings or reassurances aimed at those who might become collateral-damage casualties through identity theft or other data-theft issues – is the way Anonymous typically handles high-profile hacks like the one on CIA.gov.

It's not typical for Anon news sources to claim a strike, deny their involvement, then claim it again. The confusion might just be due to the unstructured structure of Anonymous, under which just a few participants in Anon discussions could launch an attack without involving anyone else and still call it an "Anonymous" operation.

Or it could just be that Anonymous has so many operations going on at once – attacks or campaigns of various kinds in Greece, Mexico, Syria, the U.S. Occupy movement, the #AntiSec attacks on law enforcement, campaigns against censorship or anti-piracy laws in Australia, Europe and the U.S., and an ongoing campaign to set up proxy servers to allow unfettered Internet access to people in Chad, Egypt, China and other countries with authoritarian and overly-censorious governments.

It could be, with all that going, details might have just slipped through the cracks, leaving even leaders among the Anon uncertain about whether Anonymous did or did not attack and take down the most prominent covert-intelligence and operations organization in the world.

That's what happens when the club you start up grows from a comfortable little group of anarchists whose only common denominators are opposition to authority and groupthink grows into an a global political player with a presence in the most intense political fights of every country in which it operates.

Eventually, even knowing all the right IRC channels doesn’t guarantee you're going to know what all the unnamed are doing all the time, even if you're an important player in the Anonymous under whose banner those things are being done.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies