Anonymous Slams Swedish Sites in Massive Web Attack
CREDIT: Public domain
Followers of the hacktivist movement Anonymous unleashed their fury on the government of Sweden today, knocking several government websites offline in retaliation for a police raid on file-sharing sites earlier this week.
Among the sites unreachable Friday were those belonging to the Swedish central bank, the government tourist board, the judicial system and the intelligence service.
The site of the Swedish national legislature was also offline for a short time, reported the English-language Swedish news site The Local.
"We're now trying to limit the effects of these attacks," a spokesman for the central bank, the Riksbank, told Bloomberg Businessweek. "We can probably not completely protect ourselves."
The Facebook page for the Anonymous "operation" listed 18 Swedish government sites as legitimate targets.
The sites were hit simultaneously by large distributed denial-of-service (DDoS) attacks that were scheduled to begin at 2:30 p.m. local time (8:30 a.m. Eastern time), according to the operation's Facebook page. The Local said many of the attacks today began early.
A denial-of-service (DoS) attack works by overwhelming a website's servers with impossible-to-follow requests for data, tying up the traffic and rendering the site unreachable by the outside world. The "distributed" variant of a DoS attack uses dozens, or even thousands, of computers spread over the world to hit a targeted server simultaneously.
DoS attacks are inconvenient and annoying, but usually not damaging, except for the loss of business that a retail site might suffer.
Today's attacks were the largest in a series of attacks that began Monday following a police raid on the Stockholm offices of Web-hosting company PRQ.
At the same time as the raid, the well-known file-sharing site The Pirate Bay also went offline temporarily. The Pirate Bay is no longer hosted by PRQ, and the site's administrators blamed a technical problem.
Despite that, some Anonymous followers chose to call the attacks on Swedish sites "#OpPirateBay," even as others clarified that The Pirate Bay was not raided.
An Anonymous-themed video posted to YouTube Wednesday asked followers to convene in an Internet Relay Chat room to plan the attack. But other Anonymous-linked outlets distanced themselves from the operation.
"Get this out PLEASE! : #OpPRQ #OpSweden and #OpPirateBay are NOT an #Anonymous OP! It is EU and #Sweden blaming it all on us," wrote the @RealTeamASH Twitter feed this morning.
"THIS IS AN ANNOUNCEMENT FROM ANONYMOUS: The DDOS-attack is no longer sanctioned by the original operators," read a post repeated several times in the operation-related chat room. "Please stop this madness. The attack has been hijacked by a bunch of kids. Stop the operation and go back to your posts. You are risking other peoples life in other ongoing operations."
"I'm sorry to say this, but I think the best thing right now is to shut down this operation," Facebook user "Mist Fist" posted on the operation's Facebook page. "Most because we got to many kids trying to be 'cool' in front of the computer. Hijacked the Ddos attacks with no experience about this. And that will just give them a fast ticket to jail."
The denial-of-service software most commonly used by Anonymous followers is a free server-testing tool called the Low Orbit Ion Cannon (LOIC). The LOIC was not designed as a hacking tool and does nothing to conceal the Internet Protocol (IP) addresses of computers attacking a website during a DDoS attack.
Authorities can quickly trace those IP addresses back to individual computers, as dozens of young Anonymous followers have discovered upon their arrests.
The operation's Facebook page included links to a DDoS tool and a tool that promised to conceal users' IP addresses, but it wasn't clear how well either tool worked.
All comers welcome
The hosting service raided Monday, PRQ, was founded by some of the same people behind The Pirate Bay. It offers to host any website, no questions asked.
Among its clients have been websites promoting pedophiles, Islamic militants and neo-Nazis. It is also one of many companies hosting WikiLeaks "mirror" sites.
"We are firm believers in freedom of speech, commerce, and the right to privacy and anonymity," states the PRQ website. "Unlike most providers, we will not disable your service under any circumstances unless it's either not paid for, used for spamming, DoSing or other activities harming the network, is used for publishing very obviously illegal material like child porn, or if we're ordered to by a Swedish court."