Last week’s announcement that hacktivists Anonymous were clashing with the Ku Klux Klan saw a “return to action” for the group.
In the incident, Anonymous took over Twitter accounts and websites related to the white supremacist group after altercations relating to the situation in Ferguson, Missouri. In conversation with TK Keanini, CTO of Lancope, he said that one thing that you can count on with Anonymous is that, once they come to the microphone, they have already done their stuff.
He said: “When they come up and take the airwaves, they have done their work in terms of infiltration and it is like a company making a booking, and the attackers already having the revenue.
“A lot of the time, people look at Anonymous and say ‘can they do that’, no they have done it already! They are just waiting to pull the lever! They are a forced to be reckoned with and it is just highly political.”
I asked Keanini if he felt that this “return” was an expected move for a group who previously set its sights on the Church of Scientology and Westboro Baptist Church, and the likes of PayPal, credit card providers and Sony. He admitted that Anonymous has stepped up its activity in the last couple of months and, while there is a focal point and a mouthpiece called Anonymous, he described the movement as “a marketplace”.
“What I mean is, if there is a worker in a hotel that wants to contribute, they will do their part” he said. “They may be remote hands, and in 2015 the marketplace and complex supply chain is the new way of doing business.”
He explained that, back in the day, cyber crime was about monetising a stolen data dump with a complicated supply chain to execution of funds with money mules. However, now, it is about a less complicated and broader supply chain as if you have an aide in the service industry who can learn about where they can make extra money, it will be harder to trace.
“If I know that executives are staying in a hotel, I ask if there is anyone who can install malware for them? That guy picks it up and makes an entire Bitcoin for this and the executive installs the malware and takes the laptop back to the business,” he said.
“Because these incidents are so decoupled from the crime, that person doesn’t feel like they will get caught as they have to feel it as if they are not going to get caught. I think the market for Anonymous and cyber crime will expand to a “work from home” but for cyber space.”
He said that the next wave of hacktivists will focus on stealing passwords or installing some malware, and making money. “If I can easily make some money and not fear getting caught, as I am just in their supply chain, and that takes off, there is no way to defend against it,” he said.
This is what makes Anonymous so powerful, Keanini said, as it is not about individuals, it is thousands of people feeling that they are fighting for the right cause. He claimed that as long as the cause is right, in their opinion, they will get any help they need from any level of society as “they are all Anonymous”.
Keanini claimed that Anonymous is already leveraging the dark markets and any type of anonymity when it comes to technology.
He explained that fundamentally, we think about Anonymous on one hand of being a group of experts as we are always marvelled at how they did it, but to move forward on the defence side, he said that they need to expand their ring and go to “different” experts, whilst containing the integrity of the community.
“The way to do it is through the dark markets, as if you are someone who doesn’t have that much skill, then once you have used Bitcoin to pay ransomware, there is no fear anymore,” he said. “People are fighting for a cause; it is something that we have very little defence for.”
He later claimed that this is time to stop calling it cyber crime, as it is “just crime”, and for a nation state there is money to be made as a Government will get a cut while one guy can make $3M from his armchair.
“Think about hotels and the dark market, people who work there, how much money are they making? Say they hear from a friend that they can make an extra $100 a month by doing something bad. They go to website and install malware, it is an economical issue as people are being cut in on the profits,” he said.
Looking forward to next year, Keanini predicted that there will be more “mule-ware”, as rather than having to break into the computer and have the participation of the user, you can cut them in and get them to install malware and make a micropayment to the mule in the middle.
TK Keanini, CTO of Lancope, was talking to Dan Raywood