Establishing Digital Trust: Don't Sacrifice Security for Convenience
A grand jury in Virginia recently indicted 13 men for their alleged involvement in Operation Payback, a series of DDoS attacks launched by Anonymous in 2010 and 2011 against targets including the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), the United States Copyright Office of the Library of Congress, Visa, MasterCard, and Bank of America, among others (h/t Sophos).
The indictment [PDF] claims that the 13 used the Low Orbit Ion Cannon (LOIC) to launch the attacks, and coordinated the attacks by collectively deciding on targets, publicizing the victims' IP addresses, announcing dates and times of attacks, and recruiting more attackers online.
"On or about September 16, 2010, a member of the conspiracy posted a flier on a Web bulletin board advertising a cyber attack against the Motion Picture Association of America (MPAA) Web site hosted in California," the indictment states. "The flier announced: 'We target the bastard group that has thus far led this charge against our Web sites, like The Pirate Bay. We target MPAA.ORG! The IP is designated at [IP address], and our firing time remains THE SAME.'"
The indictment then details the steps involved in the MPAA attack, along with similar attacks on the RIAA, the British Phonographic Institute (BPI), and several other targets.