Last weekend there were some suspiciously timed Distributed Denial of Service attack against the Home Office website (offline for about 12 hours until Sunday morning) and to a lesser extent the Ministry of Justice and the Prime Minister's Number 10 Downing Street (about an hour's disruption each, on and off) .
None of these websites are vital to the running of the country, especially not on a Saturday evening on a Bank Holiday weekend, when nobody is visiting them, but they are symbolic targets.
The organisers of this supposed "hactivism" were some self appointed faction under the hydra headed #Anonymous twitter hive mind.
See the Twitter hashtag #OpTrialAtHome
The "justification" they claimed was to somehow "support" the controversial Extradition cases of Gary McKinnon, Richard O'Dwyer and Chris Tappin, something which they have not achieved..
Nevertheless these people declared the event a success and then, on the Sunday, they threatened to do the same to the GCHQ website , starting at 8pm GMT on Saturday 14th April 2012.
This "news" has been reported by IT trade publications and picke dup by the national newspapers and broadcast media, especially following the arrests of a couple of teenagers in the West midlands, who may be the vaguely associated with the #teampoison attacks on the Metropolitan Police Anti-terrorism hotline.
(misreported by the "hackers" and far too many other online "news" sources as somehow being MI6 the Secret intelligence Service, who have nothing to do with any public hotlines whatsoever)
As with MI5 and the MI6/SIS websites, only http://www.gchq.gov.uk is valid, not http://gchq.gov.uk on its own
A few hours before the announced attack time, the default GCHQ web page started to be re-directed down a level to:
http://www.gchq.gov.uk/Pages/homepage.aspx
At about 19:40 BST i.e. 18:40 GMT British Telecom , on whose servers this public website appears to be running, put a temporary 302 redirect to e.g.
http://213.121.151.40/TPpRO/c3aba573/43de84c1/www.gchq.gov.uk/
instead of the previous IP address of http://195.171.165.115 which was advertised ahead of time on a Twitter Twitpic graphic:
Note the ambiguous slogan: "Fight Online Privacy" - are the anonymous organisers / manipulators behind this DDoS attack actually on the same side as GCHQ - both of them appear to be fighting against your right to online privacy.
Note also the inevitable confusion - many of the "script kiddies" and gullible journalists will not have read the announcement properly and will assume that 8 PM British Summer Time is somehow the same as 8pm Greenwich Mean Time. (9pm BST)
Much more seriously, the published comment on this web page is actively encouraging the "hactivists" to download a scritpt kiddy "point and click" Denial of Service attack tool called "High Orbit Ion Cannon" - hence the "pew pew pew - fire your Laz0rs" instructions to the exploited cult followers.
There are no warnings whatsover about the fact that participating in this DDoS attack or even just downloading the HOIC tool is a criminal offence in the UK, with up to ten years and two year in prison respectively.
See the control freak Labour government's amendments to the Computer Misuse Act 1990 which came into force in October 2008 and which claims worldwide legal jurisdiction:
- 3.Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc. - up to 10 years in prison for paricipating in the DDoS attack
- 3A.Making, supplying or obtaining articles for use in offence under section 1 or 3- up to 2 years in prison for downloading the HOIC tool
The timing of these DDoS attacks appears to have been deliberately (or utterly incompetently) chosen to minimise any political impact on the Government or civil servants i.e. on a Saturday evening when nobody in the Government department concerned is likely to have anyone ringing up to complain that their website is unavailable, and well past the print run deadlines for the Sunday newspapers.
If people want to protest by accessing a Government website, then they should be able to, but they must also be made aware of the risks of legal prosecution and potential punishments.
The fact that the organisers of these attacks have not done so, smells of Entrapment by Agents Provocateurs, perhaps like the notorious #Sabu, who are under the control of an intelligence or law enforcement agency and who are actually helping to jusify the repressive Communications Capabalities Development Programme being promoted by the securocrats in Whitehall to the bumbling Coalition politicians.
.
20:05 BST - the GCHQ website seems to be running smoothly
21:25 BST, no sign of any disruption to the http://www.gchq.gov.uk website so far
22:05 BST GCHQ website still online and untroubled
Some CSS loading problems with the Home Office website, but it is still up
22:35 BST - it looks as if Iain Lobban, the Director of GCHQ, will keep his job tomorrow, after the "reasonable and proportionate" precautions to protect the non-business critical (especially on a Saturday night)
https://twitter.com/#!/Stone_SkyNews/status/191260824826941440/photo/1
GCHQ public website has suffered no noticable disruption at all.
#OpTrialAtHome DDoS is over for now, with no noticable effect on its target http://www.gchq.gov.uk
There are public YouTube extracts of the extraordinary "live internet radio" broadcast of some of the DDoS attackers bemoaning the fact that GCHQ seemed to have switched IP addresses on them or had multiple servers load balancing their website
http://www.spreaker.com/user/anonfamily/14_04_2012_optrialathome
http://www.youtube.com/watch?v=xnVeaSP2zFs
What were they thinking ? Even before GCHQ's alleged cyber defence expertise and IP address tracing legal powers, they have decades of experience in classifying and analysing distinctive regional accents and choices of vocabulary. They can also use tools like picking up the mains electricity grid induced "hum" in televeison or radio programmes or music played in the background and get a good idea of which region the audio recording / live stream was mmade.
The frustrated criminals then tried to get their cult followers to switch their "Laz0rs" to aim at one of last week's planned targets
http://www.homeoffice.gov.uk
They managed to cause an initial slow down, which led to Cascading Style Sheet loading problems (which probably remained in their browser caches) leading to the Home Office website looking rather "text only" for a short while, but remaining online.
With no prior publicity or managment of mainstream media expectations about this target switch, late on a Saturday night, these people were fooling themselves if they expected any positive political impact whatsoever.
As with last week, these cyber bullies also picked on the totally irrelevant, low traffic volume political constituency website of Theresa May, the Home Secretary. They did succeed in getting it to disply HTTP 500 error codes, perhaps because the limited disk quota on a shared web server was filled up by the web server logfiles.
http://tmay.co.uk
As a political target this was completely ineffectual - nobody visits politician's personal constituency websites on a Saturday night.
Given the quasi-judicial role which the Home Secretary has in Extradition cases, how does annoying her, even slightly, help Gary McKinnon or Richard O'Dwyer or any soon to be arrested #OpTrialAtHome DDoS participants ?
What can we expect now ?
At a guess, various other factions under the #Anonymous umbrella will seek to disassociate themselve (unsuccessfully) from these "lame" script kiddies.
If and when any of them get arrested, they will claim that these are not "real" Anons and they will do nothing to really support them i.e. with money, legal advice or sympathetic media articles, direct legal lobbying of politicians etc.
Will any of the #OpTrialAtHome cheerleaders turn out to be #Sabu style Agent Provocateurs, being blackmailed by the police or intelligence agencies to gather intelligence on their associates and / or to provide a propaganda excuse for the securocrats to help convince our gullible politicians that they need bigger "cyber defence" budgets and even more repressive "catch all" snooping laws ?
The #Anonymous cultists acting as puppet masters on #OpTrialAtHome appear to renewing their misguided efforts to get their cult followers to DDoS attack http://www.homeoffice.gov.uk
Even if they succeed, the mainstream media and therfore political impact of doing this on a Sunday will be zero.
Is the fact that this webiste is (unpatriocically) hosted on an IP address allocated to the USA based savvis.net, significant ? (the other targetes such as GCHQ or the Ministry of Justice or Theresa May's non-governmental constituency MP website are UK based) ?
Given the way in which the USA claims legal juridiction over any internet packets passing through their terrirory, and their truely evil propensity for using illegal (in the UK) Entrapment and Agent Provocateurs, will any of the exploited #Anonymous HOIC monkeys end up facing Extradition to the USA themselves ?
PA: Man held over May cyber-attack
http://www.heraldseries.co.uk/uk_national_news/10029603.Man_held_over_May_cyber_attack/
4:46pm Tuesday 6th November 2012
The use of the Serious Crime Act 2007 against stupid amateur wannabe #Anonymous hackers is the most worrying aspect of this case