Britain's GCHQ Attacked Anonymous Supporters With DDoS

← Back to Stories (view on slashdot.org)

Britain's GCHQ Attacked Anonymous Supporters With DDoS

Posted by Unknown on Wednesday February 5, 2014 @01:50AM from the something-about-watching-watchers dept.

An anonymous reader writes "NBC News reports that, during a 2012 NSA conference called SIGDEV, GCHQ's Joint Threat Research Intelligence Group bragged about using Distributed Denial of Service (DDoS) attacks against members of Anonymous during an operation called Rolling Thunder in 2011 (there is evidence that says it was a SYN flood, so technically it was a simple DoS attack). Regular citizens would face 10 years in prison and enormous fines for committing a DoS / DDoS attack. The same applies if they encouraged or assisted in one. But if you work in the government, it seems like you're an exception to the rule."

27 of 133 comments (clear)

Min score:

Reason:

Sort:

In defense of GCHQ... by korbulon · 2014-02-05 01:53 · Score: 4, Funny

...No, I got nothing.
1. Re:In defense of GCHQ... by Anonymous Coward · 2014-02-05 02:27 · Score: 5, Insightful
  
  But they're trying to stop T E R R O R I S T S ! ! !
  Protesters are not terrorists. Sadly our governments don't make that distinction.
2. Re:In defense of GCHQ... by Anonymous Coward · 2014-02-05 02:52 · Score: 5, Insightful
  
  But they're trying to stop T E R R O R I S T S ! ! !
  Protesters are not terrorists. Sadly our governments don't make that distinction.
  No, that's not sad, it's quite terrifying.
  What's sad is that the secret agencies been treating activists like terrorists to maintain the corporate status quo since their inception over a century ago. That's what "national security" is.
3. Re:In defense of GCHQ... by emagery · 2014-02-05 05:06 · Score: 4, Interesting
  
  While I understand I am replying to a point of sarcasm, nethertheless we really should invest some time in using words correctly. Terrorists user terror to achieve a goal. Period. Activists use activism to achieve a goal. Vigilanteism may or may not use terror, but it is using directed force (of one form or another) to achieve a goal (in this case, hacking deleterious services in the name of 'justice' as understood by those engaging in it.) Whether justified or not or misdirected or not, it's not terrorism unless the force being applied is terror, and that does not accurately describe anonymous. Tangentially, I wish we'd do the same with words like LIBERAL (to behave permissively) vs. AUTHORITARIAN (to behave restrictively) or CONSERVATIVE (to resist change) vs. PROGRESSIVE (to seek change.) In all cases, the context is what's most important. Are you permissive toward personal in-home nondangerous lifestyles? Well, then you're socially liberal and probably democratic (party) leaning. Are you permissive towards gigantocorporations buying legislation and dumping toxins into water supplies on the cheap? Then you're corporately (neo) liberal. Hell, you have to be both liberal (towards individuals) and authoritarian (toward those arguing to take personal liberties away) to achieve and end... so I guess using D(D)oS against D(D)oSers almost makes sense. MEH! I just wish people would be simple and clear about the labels we through around and understand them in contexts.
4. Re:In defense of GCHQ... by emagery · 2014-02-05 05:08 · Score: 2
  
  Typos notwithstanding
In other news... by Anonymous Coward · 2014-02-05 01:58 · Score: 5, Insightful

In other news, the UK military can drive tanks, fire missiles & carry weapons - but regular citizens cannot.
It's all about oversight, not an attitude of "why can't we legally do this too?".
1. Re:In other news... by stealth_finger · 2014-02-05 03:26 · Score: 2
  
  Actually, private citizens are permitted to own tanks in the USA. Lots of paperwork, security checks, and some sort of license is required. All "guns" must be inoperable.
  You can have tanks in the UK too.
  
  Ross Noble has a tank – or more accurately an Abbott 433 self-propelled gun – which he brought from a website called Tanks A Lot. 'What's amazing is that you don't have to pay the Congestion Charge,' he told Richard Herring on his Leicester Square Theatre podcast released this week. 'There are no rules about it,' he added. 'The guns are deactivated now, but if they worked, from where I live now, I could hit Gatwick. That's not a threat. That REALLY isn't a threat. But I tell you what, the badger cull in our village is going well. I got the fucking lot...'
  http://www.chortle.co.uk/news/2013/11/15/19063/ross_noble%3A_tank_commander
  I think he talks about it here but I'm at work so I can't really check. http://www.topgear.com/uk/vide...
  
  --
  Wanna buy a shirt?
  https://www.redbubble.com/people/stealthfinger/shop?asc=u
2. Re:In other news... by AmiMoJo · 2014-02-05 04:35 · Score: 3, Insightful
  
  The military can only use those weapons against other militarys and with direct authorization from the government. GCHQ feels it can use cyberattacks against citizens who had no, at the time, been convicted of or even charged with any sort of crime, with no oversight or authorization.
  At most the Anonymous DDOS attacks were a criminal matter for the police, not national security or warfare.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
The question is: have this been reported? by Megol · 2014-02-05 02:00 · Score: 3, Insightful

To the police that is? That government agents (no not only the 007 kind) tend to overstep their authorities and commit crimes from time to time isn't that uncommon or even strange (even a government consists of people after all) but the solution to that is to report the event to police and let the legal system handle it. And hope the guilty are punished, sadly that isn't certain...
The Schutzstaffel by pigsycyberbully · 2014-02-05 02:03 · Score: 4, Insightful

http://pigs-at-gchq.com/ Do laws matter? When all agree to abide by a law it is called a social contract in English. “An agreement among the members of a society to cooperate for mutual social benefits, by safeguarding individual freedom for state protection.” The Oxford dictionary puts it this way: “Agreement among the members of a society or between a society and its rulers about the rights and duties of each.” The U.K. and the U.S. authorities have broken this agreement so badly in so many different ways that the future is not looking very good. Until they agree to keep within this social contract I will simply tell them at every opportunity to fuck off. Hope you do the same.
1. Re:The Schutzstaffel by cold+fjord · 2014-02-05 02:22 · Score: 2
  
  Anonymous had already broken the social contract. You seem to be silent on that. Do you also complain about the police breaking the social contract for using force?
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
2. Re:The Schutzstaffel by gstoddart · 2014-02-05 02:35 · Score: 5, Insightful
  
  Anonymous had already broken the social contract.
  I believe you'll find Anonymous is breaking the social contract because governments have already done so.
  You've completely missed the part where the GP said:
  
  "Agreement among the members of a society or between a society and its rulers about the rights and duties of each." The U.K. and the U.S. authorities have broken this agreement so badly in so many different ways that the future is not looking very good.
  I find it difficult to disagree with the notion that the governments have already broken the social contract, and Anonymous is a reaction to that.
  I don't necessarily agree with everything Anonymous does -- but I sure as hell understand the reason for them existing. When your rulers are unjust, you have little recourse except to break the social contract as well.
  That those same unjust governments decide that gives them free reign to continue to be unjust is just more of the same.
  
  --
  Lost at C:>. Found at C.
3. Re:The Schutzstaffel by cold+fjord · 2014-02-05 03:41 · Score: 3, Insightful
  
  I believe you'll find Anonymous is breaking the social contract because governments have already done so.
  Perhaps you could explain then how attacking random people and corporations is a useful reaction? Anonymous aren't out to "enforce" the social contract but for "lulz" or to satisfy their pique. They are cyber vandals, little more. Anonymous is no more justified in most of what they do than most any other vigilante group.
  
  I don't necessarily agree with everything Anonymous does -- but I sure as hell understand the reason for them existing. When your rulers are unjust, you have little recourse except to break the social contract as well.
  Then you basically negate the social contract entirely since there will always be someone or some group that can claim that they have been treated unfairly, and we now move to the realm of vigilantes. I don't see them fighting for noble causes in the case of genuine oppression so much as petty grievances and fringe causes. They vandalize over the irk of the hour despite their noble claims.
  You will notice that they are heavily active in Western democracies which have many rights guarantees, social safety nets, and little or no meaningful political oppression. Perhaps you can tell us, what country would they not vandalize? Where can we find an order so universally just and beyond reproach from every viewpoint, including the insane, juvenile, or foreign, that it cannot be assailed?
  They neither support nor enforce the social contract, they undermine it.
  
  --
  much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
4. Re:The Schutzstaffel by Pav · 2014-02-05 07:47 · Score: 3, Insightful
  
  ...and we all know the vastly less powerful are equally morally culpable. That's why bombing illiterate goat herding religious nuts is also universally accepted as the epitome of Great Justice. Just replace "angry citizen" in this analogy... how could anyone fail to see?
Re:Devil's Advocate... by Lawrence_Bird · 2014-02-05 02:11 · Score: 2, Insightful

The police are not permitted to intentionally harrass or harm persons and property unless directly threatened.
Re:Devil's Advocate... by sl4shd0rk · 2014-02-05 02:22 · Score: 2, Insightful

The police are not permitted
False. What we are finding is that a badge and gun are all the permit needed.

--
Join the Slashcott! Feb 10 thru Feb 17!
Windows can be also, easily... apk by Anonymous Coward · 2014-02-05 02:23 · Score: 3, Informative

DDoS/DoS CAN be stopped (Microsoft & Amazon are setup PERFECTLY vs. it in fact, read on below on that note)!
---
Microsoft Windows NT-based OS settings vs. DoS:
Protect Against SYN Attacks
FROM -> http://msdn.microsoft.com/en-u...
A SYN attack exploits a vulnerability in the TCP/IP connection establishment mechanism. To mount a SYN flood attack, an attacker uses a program to send a flood of TCP SYN requests to fill the pending connection queue on the server. This prevents other users from establishing network connections.
To protect the network against SYN attacks, follow these generalized steps, explained later in this document:
Enable SYN attack protection
Set SYN protection thresholds
Set additional protections
Enable SYN Attack Protection
---
The named value to enable SYN attack protection is located beneath the registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters.
Value name: SynAttackProtect
Recommended value: 2
Valid values: 0, 1, 2
Description: Causes TCP to adjust retransmission of SYN-ACKS. When you configure this value the connection responses timeout more quickly in the event of a SYN attack. A SYN attack is triggered when the values of TcpMaxHalfOpen or TcpMaxHalfOpenRetried are exceeded.
---
Set SYN Protection Thresholds
The following values determine the thresholds for which SYN protection is triggered. All of the keys and values in this section are under the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters
These keys and values are:
Value name: TcpMaxPortsExhausted
Recommended value: 5
Valid values: 0?65535
Description: Specifies the threshold of TCP connection requests that must be exceeded before SYN flood protection is triggered.
Value name: TcpMaxHalfOpen
Recommended value data: 500
Valid values: 100?65535
Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state. When SynAttackProtect is exceeded, SYN flood protection is triggered.
Value name: TcpMaxHalfOpenRetried
Recommended value data: 400
Valid values: 80?65535
Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state for which at least one retransmission has been sent. When SynAttackProtect is exceeded, SYN flood protection is triggered.
---
Set Additional Protections
All the keys and values in this section are located under the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters. These keys and values are:
Value name: TcpMaxConnectResponseRetransmissions
Recommended value data: 2
Valid values: 0?255
Description: Controls how many times a SYN-ACK is retransmitted before canceling the attempt when responding to a SYN request.
Value name: TcpMaxDataRetransmissions
Recommended value data: 2
Valid values: 0?65535
Description: Specifies the number of times that TCP retransmits an individual data segment (not connection request segments) before aborting the connection.
Value name: EnablePMTUDiscovery
Recommended value data: 0
Valid values: 0, 1
Description: Setting this value to 1 (the default) forces TCP to discover the maximum transmission unit or largest packet size over the path to a remote host. An attacker can force packet fragmentation, which overworks the stack.
Specifying 0 forces the MTU of 576 bytes for connections from hosts not on the local subnet.
Value name: KeepAliveTime
Recommended value data: 300000
Valid values: 80?4294967295
Description: Specifies how often T
Re:Perspective by AHuxley · 2014-02-05 02:25 · Score: 4, Insightful

There is not 'exception to the rule' under UK law. You have to have some 'ok' from the gov to do this. The GCHQ staff understood that when they first collected all calls (domestic too) via their Intelsat efforts in the 1960's.
The Intelligence Services Act of 1994 offers a lot of new legal protections, then the Intelligence and Security Committee, SIGMod (sigint modernisation) followed in mid 2000 with more legal backing. Open court use of material is still under GCHQ veto, most is "passed" to other groups, MI5, ~ Special Branch.
The use of a "packet flood" back up would have been a new step beyond passive logging and longer term infiltrating efforts.

--
Domestic spying is now "Benign Information Gathering"
Re:GCHQ, Mossad, NSA racing to win biggest asshole by gstoddart · 2014-02-05 02:27 · Score: 2

Who will win in the end? Stay tuned!
Fascism and the police state.
We all lose.

--
Lost at C:>. Found at C.
lowercase by gmuslera · 2014-02-05 02:46 · Score: 2

Wasn't just the Anonymous group the attacked ones, but other people that wanted to stay anonymous too, like political dissidents and others. Is not the War on Anonymous, but the war on anonymous, privacy and anonymity is becoming outlawed (except for them, of course)
Re:Devil's Advocate... by Thanshin · 2014-02-05 02:56 · Score: 2

The police are not permitted to intentionally harrass or harm persons and property unless directly threatened.
That depends if you define "permitted" there as "sanctioned" or as "allowed".
Re:Devil's Advocate... by xelah · 2014-02-05 03:06 · Score: 2

Indeed it can be argued - but there still needs to be a law saying they can. A law subject to democratic (well, ish) and judicial oversight, a law that everyone can see and argue over.
Re:GCHQ: "Hey guys.. DDoS attacks are illegal!" by 16Chapel · 2014-02-05 03:25 · Score: 3, Funny

That's what she said, WOOOOOOOO
Robert Peel called.. by Walterk · 2014-02-05 03:48 · Score: 2
and he mentioned something about ethics of policing*.
1. To prevent crime and disorder, as an alternative to their repression by military force and severity of legal punishment.
2. To recognise always that the power of the police to fulfil their functions and duties is dependent on public approval of their existence, actions and behaviour and on their ability to secure and maintain public respect.
3. To recognise always that to secure and maintain the respect and approval of the public means also the securing of the willing co-operation of the public in the task of securing observance of laws.
4. To recognise always that the extent to which the co-operation of the public can be secured diminishes proportionately the necessity of the use of physical force and compulsion for achieving police objectives.
5. To seek and preserve public favour, not by pandering to public opinion; but by constantly demonstrating absolutely impartial service to law, in complete independence of policy, and without regard to the justice or injustice of the substance of individual laws, by ready offering of individual service and friendship to all members of the public without regard to their wealth or social standing, by ready exercise of courtesy and friendly good humour; and by ready offering of individual sacrifice in protecting and preserving life.
6. To use physical force only when the exercise of persuasion, advice and warning is found to be insufficient to obtain public co-operation to an extent necessary to secure observance of law or to restore order, and to use only the minimum degree of physical force which is necessary on any particular occasion for achieving a police objective.
7. To maintain at all times a relationship with the public that gives reality to the historic tradition that the police are the public and that the public are the police, the police being only members of the public who are paid to give full time attention to duties which are incumbent on every citizen in the interests of community welfare and existence.
8. To recognise always the need for strict adherence to police-executive functions, and to refrain from even seeming to usurp the powers of the judiciary of avenging individuals or the State, and of authoritatively judging guilt and punishing the guilty.
9. To recognise always that the test of police efficiency is the absence of crime and disorder, and not the visible evidence of police action in dealing with them.
*: I did try and warn him about the future but he said he had to rush off to do some shopping..
--

"If anyone needs me, I'm in the angry dome."
Re:GCHQ: "Hey guys.. DDoS attacks are illegal!" by dreamchaser · 2014-02-05 04:03 · Score: 3, Insightful

It's illegal in most places for private citizens to lob military grade ordinance around, but not for Governments.
Re:Devil's Advocate... by rwise2112 · 2014-02-05 04:06 · Score: 2

The police are not permitted
False. What we are finding is that a badge and gun are all the permit needed.
Badges? We don't need no stinking badges!

--

"For every expert, there is an equal and opposite expert"
Re:GCHQ: "Hey guys.. DDoS attacks are illegal!" by Patch86 · 2014-02-05 08:03 · Score: 5, Insightful

If government agents lobbed military-grade ordinance at innocent civilians in the UK, we'd call that unlawful killing and lock the bastards up. And by the same token, if GCHQ had DoS'd targets belonging to legitimate wartime enemies, we wouldn't be criticizing them.
As a rough rule of thumb, the government isn't allowed to do things to citizens above and beyond what any civilian could do without a court mandate or a valid piece of legislation. Unless GCHQ have such a thing, they did wrong.