Who Is Anonymous?

How did Anonymous Start?

The concept of Anonymous has been around for quite some time, although it didn't always have that name or the ability to gather and act so freely. The idea that a single person can be hidden among a crowd that all claim a common identity goes back quite a ways. The movies Spartacus and more appropriately in this case V for Vendetta, both have climactic scenes that involve that theme.

But the modern origins of Anonymous likely stem from the 4chan message boards. In 2004, an admin activated a mode called 'Forced_Anon', which automatically signed every post as 'Anonymous'. This sparked the idea that pranks and Internet raids could be pulled off en masse if everyone involved shared a single fake identity. Over the next couple of years, raids were carried out on various services, mostly without a social justice angle or the need for very much technical skill. The most famous of such early incidents was the 'Pool's Closed' Habbo Hotel raid where hundreds of identical avatars performed in-world denial of service, such as blocking off popular pathways.

But by 2006, the tone of some of these activities shifted. In December, they targeted convicted felon Hal Turner's website. Their activities racked up thousands in service fees for the right-wing political mouthpiece and effectively took the website offline. This sparked several 'Who is Anonymous' newscasts at the time and started the spread of their hacktivist reputation throughout the world.

How Are the Anonymous Hackers Organized?

“Anonymous is not an organization. It is not a club, a party, or even a movement. Anonymous has no leaders, no gurus, no panelists. In fact, it does not even have a fixed ideology. All we are is people who carry out actions against mutual oppressive targets, much like hornets against intrusive dicks.” - Anonymous @YourAnonCentral

They aren't, as such. Anonymous is a loose collective without any kind of official structure or leadership. In this way, they can collaborate and participate in the activities that interest them, and ignore the activities that they don't have any stake in. This kind of flowing, idea-based command structure is what protects participants from being singled out. The hope is that there's nobody to sue, nobody to arrest, and no single individual to blame for any given action.

Communication takes place over multiple forums, ranging from open to highly secured. With origins in 4chan and IRC, open message boards and protocols have always been used at some level. But when real talent needs to be tapped and sensitive information discussed, encrypted private messaging apps such as Signal can be used to maintain privacy and anonymity. Some amount of security through obscurity is also undertaken, with the mixed-use of legacy communication mediums like shortwave, and modern dark web protocols such as Onion sites being polar examples.

This is possible because the talent pool that Anonymous draws from is vast. Several decades separate the oldest and youngest hacktivists to take up the Anonymous banner, with ideas, technology, and training that span generations. This provides flexibility and some measure of unpredictability, as well as vastly increasing any suspect pool for law enforcement investigations.

Who Are the Anonymous Hackers?

“We are students, workers, clerks, unemployed; We are young or old, we wear smart clothes or rugs. We are hedonists, ascetics, joy riders, or activists. We come from all races, countries, and ethnicities. We are many. We are your neighbors, your co-workers, your hairdressers, your bus drivers, and your network administrators.” - Anonymous @YourAnonCentral

Noone and anyone. The nature of Anonymous means that anyone could claim to be a former member… former because one of the guidelines to being an active member is to never self-identify. Another tenet is to avoid talking about the group and the group's activities, meaning that anyone reporting on Anonymous is likely not an active member. This is fine because a third guideline is to avoid attacking the media and allow the free press to function as intended.

Although openly talking about Anonymous or reporting on their activities are two almost certain disqualifiers, that still leaves a huge number of people who could be members. Any successful hack needs the right talent and intent behind it. Sometimes technical skills come to the forefront. Other times, social engineering is more important. And often, a combination of these things is vital to success, in addition to access, financing, research, and good old fashion distraction. With Anonymous, the public never knows if it was a group effort or a solo hack. They only know what they've been told, which isn't much.

Even those who have been arrested for Anonymous-related activities may or may not have been in contact with other like-minded individuals who secretly carry that banner. Some testified that they were part of a grassroots movement, while others said that core membership is far more exclusive than that. Others refused to speak at all.

It's fair to say that nobody's experience with Anonymous is necessarily the same. It's also fair to say that the movement has several different voices, which may have led to several different splinter groups all using the Anonymous name. The Anonymous hackers in 2020 might have nothing to do with the ones from the last decade, and there are likely regional factions as well.

All of this plays into the central theme of course. Nobody can really be certain who the Anonymous hackers are because to give away that knowledge is to give away the power of anonymity.

The Story of Anonymous Told in Deeds

“Anonymous may be an idea but the world will not change with pretty words alone. Your actions matter Anonymous or not, verbs over nouns. What is the right thing to do? The only person who can tell you what is right for you is yourself.” - Anonymous @YourAnonCentral

Perhaps the best way to describe Anonymous isn't by people, structure, or membership. Instead, their actions should be the thing that matters in the long run. With this in mind, the story of Anonymous is a flowing timeline that starts in the mid-2000s. Only the biggest and most credible events will be covered, as a number of smaller red herring and copycat attacks and actions have been questionably attributed to Anonymous in the past.

Project Chanology

Project Chanology was a mass protest against the Church of Scientology. Anonymous launched this effort in a response to the cult's January 2008 copyright violation claim against a leaked Tom Cruise interview. It was branded as a reaction to the Internet censorship that the cult was attempting to force upon a valid public interest piece.

The movement was announced via a YouTube video entitled 'Message to Scientology'. A simultaneous press release declared war on the cult. The opening paragraph of the video description explained the primary drivers for these actions:

'Over the years, we have been watching you. Your campaigns of misinformation; suppression of dissent; your litigious nature, all of these things have caught our eye. With the leakage of your latest propaganda video into mainstream circulation, the extent of your malign influence over those who trust you, who call you leader, has been made clear to us. Anonymous has therefore decided that your organization should be destroyed. For the good of your followers, for the good of mankind--for the laughs--we shall expel you from the Internet and systematically dismantle the Church of Scientology in its present form. We acknowledge you as a serious opponent, and we are prepared for a long, long campaign. You will not prevail forever against the angry masses of the body politic. Your methods, hypocrisy, and the artlessness of your organization have sounded its death knell.'

The press statement further explained that this was an issue of freedom of speech and that Anonymous would end the financial exploitation of the cult members under their control.

Anonymous hackers organized distributed denial of service (DDoS) attacks against Scientology websites. They also tied up the cult's other resources by making prank calls and sending black faxes to Scientology centers all over the world.

On February 10, 2008, thousands of people protested outside of Scientology strongholds all around the world. Some protesters wore Guy Fawkes masks, as featured in the movie V for Vendetta. Participants were encouraged to hide their faces and disguise their identities, as the cult was known to exact its revenge upon individuals who spoke out against them.

Two more protests took place on March 15, 2008, and April 12, 2008, in cities all over the world, with similar or slightly greater turnouts as the original. The third protest was named 'Operation Reconnect', specifically raising awareness of the Church of Scientology's disconnection policy.

Iranian Election Protests

The 2009 Presidential election in Iran was filled with controversy. A high voter turnout seemed like it would make the process quite lengthy, but the government announced the official results two hours after polls closed, naming the incumbent Mahmoud Ahmadinejad the winner.

Not only would it have been virtually impossible to count the votes in such a short amount of time, but several other anomalies were in place. 44% of Reformists, who hated Ahmadinejad, supposedly voted for him. Two provinces recorded a voter turnout of over 100%. And rural areas, that intensely disliked Ahmadinejad's policies, were reported to have voted for him en masse.

All three opposition parties protested the results. External monitors said that the election was rife with fraud. The protests that resulted turned violent as government forces attacked protesters. Media and Internet censorship were common.

In response, Anonymous partnered with The Pirate Bay and local Iranian hacker groups to launch Anonymous Iran. This new information channel allowed real, uncensored information to get in and out of Iran, despite government efforts to find them and shut them down.

The Iranian Green Movement adopted certain Anonymous policies and developed some of their own, summing up their strategy in five parts: De-Identification, Network Reformation, Circumvention, Self-Censoring, and Being Inconspicuously Active.

Payback is a Bitch

It came to the attention of some Anonymous members that the Indian company Aiplex Software had been hired by copyright holders to DDoS sites that they claimed were in violation of IP laws. This included the popular file hosting site The Pirate Bay. The money flowing to Aiplex was mainly coming from Bollywood firms, but the act was seen as a massive overstep in the global attitude of central rights holder groups.

In retaliation, Anonymous launched a string of attacks starting in September of 2010. Their press release included the following statement:

'This is to inform you that we, Anonymous, are organizing an Operation called “Payback is a bitch”. Anonymous will be attacking the RIAA (Recording Industry Association of America), the MPAA (Motion Pictures Association of America), and their hired gun AIPLEX for attacks against the popular torrent and file-sharing site, the Piratebay (www.thepiratebay.org). We will prevent users to access said enemy sites and we will keep them down for as long as we can. But why, you ask? Anonymous is tired of corporate interests controlling the internet and silencing the people's rights to spread information, but more importantly, the right to SHARE with one another. The RIAA and the MPAA feign to aid the artists and their cause, yet they do no such thing. In their eyes is not hope, only dollar signs. Anonymous will not stand this any longer. We wish you the best of luck.'

On September 17, a DDoS attack took out Aiplex's website for a day, and they later kept it down voluntarily to avoid further abuse. They then switched targets, using the Low Orbit Ion Cannon (LOIC) stress testing tool to take down the websites of the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), and others.

Then on September 19, the Copyright Alliance was taken down, and in its place was the message: "Payback Is A Bitch". Subsequent targets included copyright law firms, international copyright organizations, and the U.S. Copyright Office. All told, over 530 hours of downtime were recorded across all targeted sites.

This surge of activity had an abrupt shift of targets when Wikileaks started releasing hundreds of thousands of leaked diplomatic communications. Amazon, PayPal, PostFinance Bank, Visa, and Mastercar all cut ties. In retaliation, Anonymous started to attack some of these sites in November and December of 2010. The first wave brought down the websites of PostFinance bank, the PayPal blog; and the political website of U.S. Senator Joe Lieberman. The second wave managed to bring down portions of Mastercard, Visa, and even PayPal itself for one hour.

But the attack's anonymity measures were mishandled by some who were involved. It was traced back to several users, 14 of whom were arrested, and 13 of whom pleaded guilty to being part of the Anonymous attack.

Operation Tunisia and Arab Spring

In a series of linked attacks in 2011, Anonymous supported the efforts of the Arab Spring movement and the Tunisian revolution specifically. Objectively speaking, it was one of their most successful campaigns.

The Jasmine Revolution was a month-long series of demonstrations and online infrastructure attacks in Tunisia. It eventually led to the ousting of their corrupt president, Zine El Abidine Ben Ali in January 2011.

Anonymous contributed heavily to the cyber disruption and information integrity elements of the campaign. In addition to highly effective DDoS attacks that crippled government websites, they became a conduit for both press and personal correspondence that the government failed to block or censor for the entire duration of the revolution.

Throughout 2011, Anonymous continued to support revolutionary activities in Iraq, Egypt, Bahrain, Morocco, Jordan, and Libya.

Leaning on this momentum, they leaked a massive cache of E-mails pertaining to the Iraq war in early 2012. Taken from the law firm of Puckett Faraj, the messages pertained heavily to the 2005 Haditha Massacre, a brutal incident that left two dozen Iraqi civilians dead.

Operation Darknet Relaunch

Though a number of minor attacks were carried out from 2013 through 2016, their results were a mixed bag. Some felt that Anonymous had fragmented in both intention and membership, with the results being many more small attacks and a number of strange false flag operations that were attributed to Anonymous, but were almost certainly not perpetrated by them.

Then on February 3 of 2017, Anonymous (and/or adjacent allies) struck against an unexpected target: The darknet. Freedom Hosting II was a company that provided web space to a number of Onion sites, including a massive amount of child pornography-related material. Sources at the International Business Times said that Anonymous stole '75 GB worth of files and 2.6 GB of databases'.

When compared to the original Operation Darknet operation back in 2011, which was a temporary DDoS and the release of the credentials of 1,500 users of child porn sites, the relaunch was several magnitudes more impactful. Countless databases of plain text usernames and E-mail addresses were obtained in the new hack. The anonymity of hundreds of thousands of sex offenders was compromised.

Who is Anonymous Targeting in 2021?

In January 2021, Anonymous Malaysia launched a campaign against a variety of government websites, using the hashtag 'OpsWakeUp21'. The message was somewhat disjointed, as screenshots from the defaced sites said the following:

'Please check your website and make sure it is patched before your website gets stamped again. We are truly sorry for your stamped website, we are just a security pentester. Don't try to find us, try to become a professional webmaster by knowing to patch the vulnerabilities.'

Five different government sites were reportedly defaced. The attack resulted in 11 suspects being arrested on February 17th. And that's the story of Anonymous in more recent years in a nutshell. Smaller attacks by regional Anonymous operatives is the norm over the past eight years, at least for attacks big enough to make it into the news cycle.

Who Does Anonymous Target?

Potential future targets for Anonymous hackers are likely to fit a certain profile. Groups and governments who engage in the following behaviors are most likely to be the next victims:

• Censorship: Any government that dabbles in censorship, or any organization that helps conduct censorship operations, is a high-threat target. Freedom of information on a global level is a common theme coming out of Anonymous statements and manifestos. Freedom of the press, some aspects of net neutrality, freedom of open communication, and the right to encrypt are all hot-button topics. Interfering with these activities is likely to get that government or organization targeted.
• Bigoted Celebrities or Public Figures: There's no easier target than someone who tries to score cheap political points with their fans or base by bashing a minority group. No excuse needs to be made at that point… those people are simply examples. On more than one occasion, Anonymous (and many other hacker groups as well) has stepped up in cases where public figures championed racial injustice, sexual discrimination, and gender inequality.
• Document Falsification: Any group that lies, covers up, or manipulates facts that are presented publicly or in any official capacity may be targeted by Anonymous hackers. In particular: Manipulating votes, falsifying or purging voter registration, and activities that involve feeding false information to the press to using false information in court systems.
• Disproportional Fees or Unfair Punishments: Entities that engage in heavy-handed legal, financial, or personal retribution against ordinary citizens are potential targets for Anonymous hackers. This includes music, movie, and other digital copyright organizations that attempt to apply maximum fines or overreach their IP claims. It also includes governments and organizations that legalize the persecution of people based on race, sex, sexuality, and the like.
• Systematic Injury or Warfare Against Citizens: Finally, those who would systematically oppress or attack normal people as part of their (stated or unstated) policy are in the crosshairs. This includes violent policing policies, terrorism, and oppressive regimes that use pain and suffering as part of their policy.

How do Hackers and Hacktivists Stay Anonymous?

Sometimes, hackers and hacktivists will be caught and arrested. The vast majority of the time, they plead guilty due to overwhelming evidence against them, in an attempt to lessen their charges.

The most common way this happens is via informants. Instead of remaining truly anonymous, they reveal personal information to other hackers that they're working with. Then, it only takes one chatty person to get caught, and the entire team is dead in the water. Something of the sort happened with the LulzSec group, which saw a huge chunk of their membership fall to one of their members becoming an FBI informant.

This means that anything that leads back to a hacker, even if requested by someone deemed 'friendly', needs to be anonymized: No personal connections, no personal contact, no real names, no real locations, and no shared financial information whatsoever. To do otherwise exposes a hacker to identification, and provides fuel for their prosecution.

The best way to stay anonymous is to avoid reusing the same falsified personal data more than once, browse anonymously, spoof true locations, obfuscate browser fingerprints, and use untraceable currency. All the while, maintaining a perfectly normal, moderately documented life outside of hacking activities.

But it has to be said: Learn from the mistakes of others. Software anonymity doesn't help if a user goes out of their way to share personal information with others. If someone hands out all of their actual identity data to a group, it doesn't matter what software-based solutions are being run. Among hackers, sharing personal information isn't a test. It isn't a country club or a sorority. Stay truly anonymous, or prepare to be burned at the first sign of trouble.

In Conclusion

“How many Anonymous are there? We are more than you think. We are more than anybody thinks. We are many. We are legion. We are absolute.” - Anonymous @YourAnonCentral

So who is Anonymous? It's best not to assume. Generally speaking, it doesn't matter who they are out in the real world. They're no more or less trustworthy than anyone else. They're no more or less deserving of love and respect than anyone else. They don't wish to be treated differently because of their accomplishments or their perceived sins. They want to live their lives, have some fun, and maybe leave the world a slightly better place than they found it.

Anonymous hackers are often doing illegal things, at least in certain countries. But more often than not, they are enacting a proportional response to the transgressions of their target. And though vigilantism might not be something that everyone approves of, it is one of the only weapons that works against entities that are so powerful and so corrupt that they can buy or legislate their way out of any corner.

It's vital that they, and any readers who might be considering a lifestyle that might put them at risk, engage in a high-privacy online lifestyle. Make use of the right utilities, use untraceable currencies, don't share personal information, and always be aware of where the exits are.