Anonymous Attacks FBI, Hollywood Websites to Avenge Megaupload Shutdown
Modernizing Authentication — What It Takes to Transform Secure Access
Almost immediately after federal prosecutors shut down Megaupload.com on charges of violating piracy laws, Twitter and online forums exploded with chatter about revenge and retaliation.
Federal prosecutors shut down file-sharing service Megaupload.com on Jan. 19 for distributing illegal content in one of the largest online piracy crackdowns in Internet history and arrested four individuals.
Hours later, Websites belonging to the FBI, U.S. Department of Justice, U.S. Copyright Office and several entertainment giants, including Universal Music, the Recording Industry Association of America and the Motion Picture Association of America, were knocked offline by distributed denial-of-service (DDoS) attacks and remained unavailable for the remainder of the day and evening.
Hacktivist collective Anonymous immediately launched OpMegaupload and coordinated DDoS against a number of Websites. Supporters were encouraged to download a tool, the Low Orbit Ion Cannon, that would direct a flood of traffic to the targeted site. The combined floods eventually overwhelm the server as it tries to process all the requests.
An account associated with Anonymous, AnonOps, claimed credit for taking down the Department of Justice Website. The post read, "justice.gov & universalmusic.com TANGO DOWN! You should have EXPECT US!"
Universal Music appeared to have been targeted because the music company had recently been trying to force YouTube to take down a promotional video produced by Megaupload featuring several artists signed with Universal who were praising the file-sharing site.
Another Twitter account associated with the collective, AnonymousIRC, at one point claimed more than 1,500 people were in its Internet Relay Chat room discussing the operation and other potential targets, including the White House and Viacom. AnonOps claimed OpMegaUpload was the "largest attack operation ever," with 5,635 people taking part.
"DDoS is to the Internet what the billy club is to gang warfare: simple, cheap, unsophisticated and effective," Rob Rachwald, director of security strategy at Imperva, told eWEEK. Despite its simplicity, DDoS attacks lend themselves well to crowdsourcing, making it possible for a loose band of hacktivists such as Anonymous to have such an impact on so many sites at once.
The attacks impacted overall Internet traffic. Content delivery network provider Akamai registered 218 attacks in the last 24 hours, according to its real-time Web monitoring tool. The data visualization tool reported attack-related traffic was up 24 percent over normal, while general network traffic was up 13 percent.
"The same thing that happened to #Megaupload can happen to any other major (or small) website you love as well.! Fight back! #OpMegaupload," AnonymousIRC posted on Twitter.
The Megaupload shutdown came just a day after various groups and companies participated in a 24-hour Internet strike, where several thousand Websites voluntarily took themselves offline to protest two controversial anti-piracy bills under debate in Congress. Opponents to the bill believe the broad powers granted to copyright holders would make it too easy to shut down legitimate Websites without due process and would encourage online censorship. In fact, if the Stop Online Piracy Act (SOPA) and Protect IP Act (PIPA) had been passed, the FBI would not have needed to get involved in shutting down Megaupload at all.
Twitter account YourAnonNews posted, "Megaupload was taken down w/out SOPA being law. Now imagine what will happen if it passes. The Internet as we know it will end. FIGHT BACK."