In an indictment unsealed Tuesday afternoon in United States District Court in San Jose, Calif., 14 people were charged in connection with an attack on the Web site of the payment service PayPal last December, after the company suspended accounts set up for donating funds to WikiLeaks. The suspects, in 10 separate states, are accused of conspiring to “intentionally damage protected computers.”
Anonymous had publicly called on its supporters to attack the sites of companies it said were turning against WikiLeaks, using tools that bombard sites with traffic and knock them offline.
A Florida man was also arrested and accused of breaching the Web site of Tampa InfraGard, an organization affiliated with the F.B.I., and then boasting of his actions on Twitter. And in New Jersey, a former contractor with ATT was arrested on charges that he lifted files from that company’s computer systems; the information was later distributed by LulzSec, a hacker collective that stemmed from Anonymous.
The PayPal attack came in response to the release by WikiLeaks last November of thousands of classified State Department cables. Members of Anonymous, a clique of worldwide hackers with a vague and ever-changing menu of grievances, have claimed responsibility for a number of attacks on government and corporate Web sites over the last eight months.
In recent weeks, police in Britain and the Netherlands have arrested several people suspected of having participated in those attacks. Justice Department officials said British and Dutch police also made related arrests on Tuesday. FoxNews.com reported Tuesday that the police in London had arrested a 16-year-old boy who they believed was a core member of LulzSec and used the alias Tflow.
The arrests of suspected Anonymous supporters in the United States were among the first known in this country.
Ross W. Nadel, a former federal prosecutor who founded the computer hacking and intellectual property unit at the Federal District Court in San Jose, said the arrests could be “a highly visible form of deterrence.”
The prosecution is expected to face at least two major challenges, said Jennifer Granick, a San Francisco-based lawyer who specializes in computer crimes and has defended hackers in the past. Because hackers often use aliases and other people’s computers when they carry out attacks, prosecutors will have to prove that those arrested “were the ones with their fingers on the keyboard,” she said.
Second, the conspiracy charge could be especially difficult to prove, given that Anonymous boasts of being leaderless and free-floating. “When you have a decentralized group,” Ms. Granick said, “the question is, Are there big fish, and are any of these people big fish?”
The charge of “intentional damage to a protected computer” is punishable by a maximum of 10 years in prison and a $250,000 fine, while conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.
Cyberattacks are made possible by a combination of two features of the Internet economy. Poor security at many companies and agencies makes sensitive government and private data vulnerable to breaches. And mounting an attack is inexpensive and, with the right skills, relatively simple.
In the San Jose case, all 14 suspects are accused of using a free program called Low Orbit Ion Cannon to hurl large packets of data at PayPal’s site with the intention of overwhelming it.
With the exception of one suspect, whose name was redacted by the court for reasons that federal officials did not explain, those arrested were identified by their real names and nicknames, ranging from Anthrophobic to Toxic to MMMM. Most were in their 20s, and just three were above the age of 30. It is unclear if any of them knew one another.
Article source: http://feeds.nytimes.com/click.phdo?i=ef7a8d709849ca4067ec978652db46e1
Speak Your Mind
You must be logged in to post a comment.