The hacker group Anonymous has warned the North Atlantic Treaty Organization (NATO) not to challenge it. NATO may have more resources than Anonymous, but the "hacktivist" group clearly believes it would come out victorious in a fight.
The warning comes after a 2011 Spring Session report issued last month by Lord Joplin, general rapporteur of NATO. The report provided a broader look into the growing danger of cyberattacks and how governments should respond to them, and made a point to warn NATO member nations about the rising threat of "hacktivism," which refers to hacking for political purposes.
NATO specifically mentioned Anonymous seven times, including the group's initiatives against Australia, Egypt, Iran, Tunisia, the Church of Scientology, Mastercard, Visa, PayPal, the Swiss bank PostFinance, and HBGary Federal. The report cautioned that Anonymous was becoming more sophisticated, and that it could hack into sensitive government, military, and corporate information. Here's an excerpt on what NATO thinks about the group:
Today, the ad hoc international group of hackers and activists is said to have thousands of operatives and has no set rules or membership. It remains to be seen how much time Anonymous has for pursuing such paths. The longer these attacks persist the more likely countermeasures will be developed, implemented, the groups will be infiltrated and perpetrators persecuted.
Anonymous has since responded. Here's the crux of the warning, courtesy of Google cache:
Finally, do not make the mistake of challenging Anonymous. Do not make the mistake of believing you can behead a headless snake. If you slice off one head of Hydra, ten more heads will grow in its place. If you cut down one Anon, ten more will join us purely out of anger at your trampling of dissent.
In the report, Joplin asked how NATO should react if one of its member nations was the victim of a cyberattack. It appears that if Anonymous were to attack NATO or one of its members, the organization has no plan of action on how to respond:
More importantly, NATO needs to devise its policy regarding the key question of how to react to cyber attacks against one of its member states. Can one invoke Article 5 of the Washington Treaty after a cyber attack? And what response mechanisms should the Alliance employ against the attacker? Should the retaliation be limited to cyber means only, or should conventional military strikes also be considered? Furthermore, the Alliance must decide to what extent it can engage in co‑operation on sensitive cyber issues with partner countries, such as Russia.
Last month, the US disclosed its International Strategy for Cyberspace. The document revealed the US government could respond to cyber-attacks with military force, especially if someone were to pull off a serious cyberspace hack against the US, its allies, its partners, or in a way to threaten its interests.
We don't think it would get to that point.