Saturday, 15 February 2014

Spies vs Anonymous and Lulzec: Night's Black Agents

Recently an NBC news report, based on the Snowden expose, revealed that British spies have been waging war on Anonymous and LulzSec. According to the report, Britain's GCHQ, through its attack arm the Joint Threat Research Intelligence Group, or JTRIG, used DDoS attacks to shut down servers that the two groups were using as communication hubs. The British are, in essence, using the same tactics as the hackers to shut down the hackers.

For those of you frantically reaching for Wikipedia right now, let me elucidate:

  • GCHQ: Government Communications Headquarters. Originally established after the Great War, these are the government's codebreakers du jour, the same Bletchley Park boffins that cracked Germany's Enigma. Their main focus is to provide SIGINT and information protection to the British government.
  • Anonymous is a group name for an unaffiliated band of hacktivists, who use their talents for political ends. It began life as a 4chan experiment back in 2003, and has been growing in notoriety ever since. It has attacked government, religious and corporate websites with DDoS tactics many times. 
  • LulzSec is a group often associated with Anonymous, which uses similar tactics but often has less lofty goals in mind. It's thought to be less effective these days, since one of its founders - Sabu, aka Hector Monsegur - turned informer after capture. 
  • DDoS aka Denial of Service, or Distributed Denial of Service, means exactly that. It denies service - blindsides the computer server - by clogging the system with thousands upon thousands of traffic requests.
  • Edward Snowden, in case you've been living under a rock this past while, is a former NSA contractor who came into possession of a great deal of embarrassing data, which he revealed to the world. He's currently dodging prosecution. Speaking personally, I find it fascinating that so much of Snowden's data seems to come from power point presentations of one kind or another, which government agencies used to brief officials and staff. Anyone who believed that data was going to stay hidden - especially when given to third parties - is, at best, hopelessly naive, and probably oughtn't to be left in charge of a baby carriage, never mind an intelligence agency. 
On a side note, it's interesting to me that the news comes from NBC after the Guardian newspaper publicly smashed the hard drives in its possession that contained Snowden's data. The Guardian may have felt constrained against reporting on GCHQ activities by the threat of a D Notice gag order, but as an American news outlet, NBC has no such qualms. Glenn Greenwald, one of the NBC contributors, used to work for Guardian US.

One of the biggest worries about this kind of reveal is that it shows just how quickly a government will resort to activities it publicly condemns in order to achieve its ends. Not that this is any kind of great secret; similar scandals are breaking all the time. But it is troubling to think that, at the drop of a hat, a Western government is willing to shut down chunks of the internet on the off-chance it contains something it doesn't like.

What does this suggest for Night's Black Agents?   

To begin with, it suggests that the agent's own communications could be disrupted at any time. When GCHQ went after Anonymous, it didn't worry about whether or not the server it targeted also carried other traffic. It just shut the whole thing down. Imagine what that could mean to agents currently stranded in 'bandit country', relying on the net to communicate with allies. 

It also suggests that, even with security measures in place, a government agency can obtain significant user data. The NBC article uses the example of a conversation between a JTRIG agent and a hacker named p0ke, in which the agent obtained p0ke's personal data - name, address, the lot - despite p0ke having a Virtual Private Network in place that, theoretically, should have kept its data safe. It's not clear whether this means JTRIG hacked the network, or used official contacts in the network's host country to break it.

From a game mechanic point of view, it's up to the Director whether or not identifying the source of a DDoS attack is Data Recovery or Military Science. I can see a case for either, or possibly even Human Terrain. Digital Intrusion is, of course, the ability you'd use to mount a DDoS attack. The difficulty with running that kind of test in-game isn't that it can't be done; it's that the skill itself is fairly abstruse. CyberPunk 2020 did its level best to make hacking fun, but even with all the ice-cool street samurai action, watching it unfold - if you're not involved yourself - is like watching particularly dull paint dry. Say what you like about the movie Hackers, but it at least knew how to make this stuff look good. Plus it had Penn Jillette of Penn and Teller in a cameo, which is worth at least two stars on anyone's rating. 

Consider the following possible story seeds:

  • What the hell? Every time I go online I gain Heat. It's almost as if someone has their hooks in my data, and is either tracking me themselves or passing on my information to people intent on hunting me down. The protagonist has been identified - falsely or not - as a member of Anonymous, LulzSec or a similar group. GCHQ, or a similar official organization, is cooperating with other agencies - possibly including the conspyramid, though whether GCHQ realizes who it's dealing with is a different matter - to expose the hacktivist, and arrange his or her capture.
  • Oh sweet mother of mercy. Someone's bombarding me with tweets and chat messages. 'We know who you are'? Bullshit you do, but how did you get my data? The protagonist's personal information, or at least the information attached to his or her current identity, has been revealed by the VPN, acting under pressure from local authorities. But the real question is, are those messages coming from clueless government spooks, or someone else?
  • Okay, who sent me that file? It's got a lot of juicy data in it, but can I trust it? In the course of carrying out an investigation, JTRIG - or the equivalent - came up with a lot of information on a hacker group that it thought was linked to Anonymous. It was ordered to back down and destroy all the files, but one of the JTRIG people, out of a misguided sense of outrage, decided to pass on the data to someone who might have a use for it. But things like that never stay secret, and now the higher authority that ordered JTRIG to back down is very interested in the protagonists.
  • What!? What is this data doing up on the internet for everyone to see? LulzSec, or a similar group, picked up a lot of interesting stuff when it hacked a government site, and decided to publish. Among the data is a lot of very compromising stuff about the protagonists. Have they been cutting clandestine deals, dabbling in things they weren't supposed to touch? Whoops. Now the cat's out of the bag, and here comes the cat-catchers; GCHQ is very keen to find out who these people are and what they're up to. This can also work as part of a Snowden-inspired plotline.

No comments:

Post a Comment