Wednesday, 12 September 2012

GoDaddy hacked by Anonymous? Not likely

GoDaddy hacked by Anonymous? Not likely




Yesterday the massive Internet registrar/lowbrow advertiser GoDaddy went down, taking millions of web sites offline with it. Breaking news reports attributed the trouble to a hack by Anonymous. Later, these items were corrected to say that the hack was not the work of Anonymous as a whole, but that Twitter user @AnonymousOwn3r was claiming responsibility. Mashable called @AnonymousOwn3r ”the security leader of Anonymous,” which must be true because @AnonymousOwn3r calls themself “the security leader of Anonymous” on his or her Twitter profile (and an “official member” to boot).  CNN went with the more measured description of @AnonymousOwn3r as “a person affiliated with Anonymous.”

All of this is very silly. Anonymous isn’t an organized group of any kind and has no office or officer to make anything official. It has no leaders of security or of anything else, but I guess it does have affiliates. You become one by being anonymous on the Internet. Are you logged in to Macleans.ca right now as you read this? If not, you are a person affiliated with Anonymous.

Whoever @AnonymousOwn3r is, they’ve gained notoriety and thousands of new followers in the last 24 hours and are likely having a laugh at the media right now. It might be a big laugh, because @AnonymousOwn3r might have had nothing to do with GoDaddy’s troubles.

GoDaddy is claiming today that they were not, in fact, hacked at all. CEO Scott Wagner said in a statment today that the outage had nothing to do with a hack or with a denial of service attack, Anonymous’ brute force method of pushing sites offline. Instead, it was “due to a series of internal network events that corrupted router data tables” (which is totally what I thought it was from the start).

Could Wagner’s statement be face-saving bluster? Possibly, but if so, he would be playing a very risky game. Hackers are usually all too happy to provide technical proof of their deeds, and if necessary, demonstrate their “ownage” of a site by smacking it offline again. @AnonymousOwn3r is assuring doubters that he or she is the real deal and linking to GitHub text purportedly documenting GoDaddy’s vulnerabilities.

As security experts analyze this, we’ll find out who is lying: CEO Scott Wagner or @AnonymousOwn3r.

My best guess? GoDaddy went dark due to some internal technical glitch, some random indvidual took credit, the media ran with it, and “lulz” ensued.

No comments:

Post a Comment