Counterpoint: Wrong about Anonymous, Facebook

My friend Bill Brenner recently posted a very short piece entitled "Why Anonymous won't kill Facebook Nov. 5." First off, I want to say that I have the utmost respect for Bill. He is a fantastic journalist, very well informed and hooked into the security community, but, if Bill doesn't mind, I'd like to take a friendly counterpoint to his article.

I've highlighted Bill's points in bold below and my counterpoint to each one directly follows.

Point: Facebook users willingly give up privacy, this isn't a typical Anonymous type of cause to rally behind.

Counterpoint: This really doesn't matter to Anonymous. Anonymous, while partially driven by the "hacktivism" motive, isn't a single person with a single set of ideals. Anonymous, by its very nature, is a group of splinter cells all of which have different driving motivators and incentives leading to their collective (or individual) decision making. A concept or idea gets proposed and the cause is either adopted or abandoned, but not necessarily in whole. In this case I have no doubt that the cause will be taken up by the majority of the groups, not only because of the loose connection to hacktivism, but more because of personal fame and keeping their name in the news. Taking down Facebook either by DDoS or by targeted hacking will result in a huge amount of notoriety and ego boost for Anonymous. In the end, I personally believe that this is the a significant driving factor behind the majority of their actions. The hacktivism may be the conscious driver, but there is a good chance that fame is a strong subconscious motive.

"Not enough firepower to seriously damage Facebook's server capacity."

Counterpoint: Firepower is really only an issue if the primary goal is a DDoS attack. As we saw with the Sony attacks, a targeted group of attackers making a very focused, diligent, effort at compromising a target can be even more dangerous then a little bit of downtime for a system. While I think you might be right that an attempted DDoS will be the end result, if Anonymous decides to truly unleash the fury of the collective, then firepower in the packet quantity sense becomes irrelevant. A small group of guerrilla attackers can win this battle.

"Anonymous adores attention as much as the rest of us Taking down Facebook would mean less attention for Anonymous, too."

Counterpoint: While this is also most definitely true, can you fathom the amount of attention that Anonymous would receive if it were to take down and/or completely penetrate the Facebook system? First of all their brand recognition (yes I went there) would skyrocket, and secondarily, the amount of data they could compromise on the general public would be unprecedented. Leveraging the data gleaned from previous attacks is a typical attacker M.O., could you imagine the number of systems that could be compromised if Facebook data were to fall into the wrong hands? The first half of 2011 would look like child's play.

Conclusion: Overall, I believe that Anonymous is quite a bit more unpredictable that one might first imagine. When a group of this type hits a critical mass of size, there is little anyone can do to control the chaos. Sub groups will form. Leadership roles will swirl and change on a whim. Targets, methods, and causes will cease to be important due to the fact that everyone in the group has their own concept of reality and specific agenda. Chaos in this fashion is very difficult to predict. However, if past events are any reasonable prediction of future performance, I'd put my money on Anonymous.

Tyler Shields - Senior Researcher - Veracode and Print