Make a Difference in 2011

Three days into the new year and I find myself contemplating 2010. I was optimistic for it, but its lackluster accomplishments left me felling disappointed. Perhaps my expectations were too high.

I thought 2010 would be the year the US Government finally embraced transparency. I expected more “frank” disclosures from our leadership. I thought WikiLeaks would fill us in on the past. Finally, I expected Hacktivism to become a viable (and successful) means of protest.

The US Government is not embracing transparency; it is going out of its way to censor the Internet, news services, and citizens. When it does not get the results it wants, it uses multi-national companies (banks, firms, etc…) to force compliance to its will.

WikiLeaks did fill us in on the past. Instead of being able to focus on the content of the leaks, we had to endure Assange’s legal battles – bedroom mishaps and all. The CableGate leaks are “drips” being released so slowly that only our ancestors will know their full contents – and by then – no one will care.

Hacktivism has become a label incorrectly applied to the online attacks attempted by juvenile delinquents throwing Internet temper tantrums.

At the beginning of 2012, I will look back at 2011 – and I will be disappointed. Prove me wrong. Do something spectacular or wonderful. Make a difference – a real difference in 2011.

Staying Frosty

On November 28th, WikiLeaks and five major newspapers began to simultaneously publish the first 220 of 251,287 leaked confidential – but not top secret – diplomatic cables from 274 US embassies around the world.  Earlier in the year WikiLeaks released 92,000 documents related to the war in Afghanistan. 

WikiLeaks has received praise, as well as criticism for its “leaks”. But the response to the Diplomatic Cable release (dubbed CableGate) began an all out information war (of sorts) between WikiLeaks, internet service providers, financial institutions, several governments (including the US), US political figures, and WikiLeaks supporters and detractors themselves.

I’m not interested in performing a blow-by-blow analysis of the “war”. I’m interested in the first move and the response to it.  The first punch was thrown by @th3j35t3r (“the Jester”) when he initiated a DOS attack against the WikiLeaks web servers hosted by Amazon. Researchers thought the Jester’s actions might finally lead to his identification, something they have sought all year. However, just as it looked as if the Jester was going to play a major part in the war against WikiLeaks, his doppelganger arrived.  And that changed everything.

The doppelganger created a Twitter account and a webpage seeking monetary support.  The Jester’s response was to “go dark”.  There was much speculation about the doppelganger’s identity.  Was it the Jester himself or someone trying to cash in on the Jester’s newfound celebrity status? Here’s what the Jester had to say about it:

Who is the Jester? So far he’s shown skill in covering his tracks and protecting his identity.  Is he a lone Hacktivist, a member of a Patriot Hacker program or other government agency?  We don’t know.  But we’re still trying to find out.

I don’t believe he is a member of a Patriot Hacker program or other US operation – for two reasons:

1. They’re control freaks.  An asset that hits the UK arm of a major US-based bank – simply for the purpose of showing off for an interview – would bring too much scrutiny to their operation. 
2. The Jester’s “Hit List” is small – he targets the same sites over and over again.  These are well known sites.  The US Government’s list is much larger, contains many non-public targets, and churns/evolves over time.

The Jester is (more than likely) a lone NGO Hacktivist, satisfying a personal need to hit these websites. I struggle to use the term “Hacktivist” because he hasn’t really hacked anything.  A slow DOS attack is a nuisance at best. It certainly doesn’t quality as “hacking”. I’m using the term to avoid unnecessary debate.

Who is the doppelganger?  Is he the Jester, some prankster, or someone trying to trip him up (a LEO)? His skills in subterfuge don’t hold a candle to the Jester or to a high tech LEO.  His technical skills don’t hold up either.  He’s most likely just a prankster trying to cash in on the Jester’s momentary brush with fame. Maybe he’s a WikiLeaks supporter, or Anon. Or, perhaps he IS the Jester and he’s pulled off the biggest hat trick ever.  We may never know and we really shouldn’t care – it detracts from the real target: the Jester himself.

Where do we go from here?   Involvement in the hunt for the Jester has brought unwanted attention to those of us closest to the case.  And it’s attention of the worst kind – un-vetted.   Until you can discern the difference between your allies and enemies, I suggest you keep your hunt for the Jester private.  Only share info with people you know and trust. Eventually the Jester will slip up – everyone always does.

As for me, my research in 2011 will take me to the No Clown Zone.  And I have to say, I’m happy to leave the constant distraction behind. 

I wish each and every one of you a happy and safe holiday. May next year bring new adventures for us all.

Any enemy of our enemy is our friend, right? Wrong.

If you’ve been following me (on Twitter) for a while, you undoubtedly know that I have a keen interest in social media and its use in supporting hacktivism activities.  In January I added @th3j35t3r to my watch list.  The Jester systematically launches (what look like DDOS) attacks against sites that support radical Jihadism, taking them down for 30-60 minutes at a time. He quickly garnered the support of many, especially those loyal to the US. 

As @th3j35t3r began to attract media attention, interviews were inevitable.  During one interview, he was asked to demonstrate his capabilities live.  He picked a target and pressed a button.  The Interviewer checked the target’s website and it was down. The Jester clicked his keyboard again and the target’s website was restored. The attack lasted just 10 seconds, attracting little attention by the target – the UK arm of a very major US bank. 

The Jester’s bio reads “Hacktivist for good. Obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys.”  Most of his   followers are pro-Israel, pro-US, and anti-radical Islam.  It’s easy to support someone who is “sticking it” to the enemy, especially when major world governments appear (to the masses) unable to slow the growth of radical Jihadists, much less shut them down completely.

So why did @th3j35t3r target the bank during his interview – it clearly isn’t “the enemy”, at least not by the standards he’s set in his online bio.  And it clearly doesn’t “fit” with his usual targets. Easy – he picked it purely for dramatic effect – a publicity stunt to garner more attention, not to his cause, but to himself.

The Jester fits the criminal profile of a Lone Actor.  Lone Actors are dangerous for many reasons, but mostly because they are accountable to no one – making them unpredictable at times. They often take a narrow view of things.  The “big picture” is lost to the power of the ego. True to form, @th3j35t3r recently launched a surprise attack against the WikiLeaks’ website (hosted by Amazon).  This attack garnered him the exposure he wanted.  His followers grew by the minute, as did his detractors. And the media came – just like he wanted.

Next time, we’ll talk about why the US Government isn’t pursuing the hacker it has known about all year, and why that’s a problem for us all.