The LulzSec informant’s lenient sentence prompts questions on the government’s use of hacking and the future of Anonymous and other “hacktivists.”
On Tuesday, former LulzSec hacker Hector “Sabu” Monsegur was sentenced to time served plus one year of supervised release with computer logging by the U.S. District Court for the Southern District of New York for his involvement in a number of cyberattacks.
The attacks “Sabu” has been linked to include thefts of emails from Internet security firm HB Gary and of contestant information from a database for Fox’s “X-Factor,” access to the Tribune Company’s network, participation in distributed denial of service attacks on PayPal, Mastercard and Visa, and the theft of personally-identifiable information from Sony, Nintendo, Bethesda Games and Infragard.
LulzSec, a “black-hat” hacking cooperative created by former Anonymous members, originally sought to expose the weakness of the security systems used by major corporations and the federal government. Rather than profiting from their efforts, they meant to embarrass their targets. With “Laughing at your security since 2011!” as their motto, the group was operational for a 50-day period in which it targeted high-profile sites, perceived enemies of the Anonymous movement and sites suggested to them by the hacking community.
Despite pleading guilty to nine counts of computer hacking, one count of credit card fraud, one count of conspiracy to commit bank fraud and one count of aggravated identity theft, the court moved on the prosecution’s recommendation that Monsegur should be rewarded for his cooperation with federal authorities — something he agreed to immediately upon being arrested. The court admitted that Monsegur’s list of charges should have carried a recommended prison term of between 21 years and seven months and 26 years and five months.
It is believed that the information Monsegur provided prevented more than 300 cyberattacks and led to the arrests of eight European and American members of Anonymous, including Jeremy Hammond — the FBI’s top “cybercriminal” target when he was arrested in 2012.
Monsegur’s sentencing was delayed several times, allegedly at the request of the prosecution, who was working with Monsegur on several investigations.
“Working sometimes literally around the clock, at the direction of law enforcement, Monsegur engaged his co-conspirators in online chats that were critical to confirming their identities and whereabouts,” read the government’s motion toward a reduced sentence. “During some of the online chats, at the direction of law enforcement, Monsegur convinced LulzSec members to provide him digital evidence of the hacking activities they claimed to have previously engaged in, such as logs regarding particular criminal hacks.”
Since his involvement with the government was revealed, Monsegur has become a persona non grata among the hacking community. Though he was out on bail prior to Tuesday’s sentencing, Monsegur and several members of his family were in witness protection due to repeated threats on Monsegur’s life. On Twitter, Monsegur has been denounced as a “traitor” and a “snitch,” with some posters tweeting T-shirts depicting Monsegur as Looney Tunes’ Tweety Bird, while others have linked to websites bearing personally-identifiable information, such as Monsegur’s social security number, the names of his family members and his last known address. There is also an active campaign encouraging the community to share information that would help determine Monsegur’s whereabouts.
Most pressingly, it has been alleged that — while serving as an informant as “Sabu” — Monsegur encouraged members of LulzSec to conduct cyberattacks on foreign governments. “These intrusions, all of which were suggested by Sabu while cooperating with the FBI, affected thousands of domain names and consisted largely of foreign government websites, including those of Turkey, Brazil, Iran,” Hammond said during his sentencing last year, before being cut off by U.S. District Court Judge Loretta Preska.
Monsegur was one of the six original members of LulzSec and was recognized as LulzSec’s best hacker. It is believed that Monsegur agreed to help the federal government because he was attempting to beat disassociation efforts from the group toward compromised members, including the destruction of key files. However, it may be that Monsegur sought the government’s help to protect himself and his family and to get revenge — two months before his arrest, Monsegur was correctly “doxed,” or had his real-world and online identities linked, in response to the moralizing stance LulzSec had taken under Monsegur’s leadership.
“What the United States could not accomplish legally, it used Sabu, and by extension, me and my co-defendants, to accomplish illegally,” Hammond wrote in a statement released in August.
Hammond was sentenced to 10 years for his involvement in the theft of emails from global intelligence firm Strategic Forecasting Inc., also known as Stratfor. Documents released by Hammond’s supporters show that between January and February 2012, the FBI requested attacks on Brazil, Turkey, Syria, Puerto Rico (which is a constituent part of the United States), Colombia, Nigeria, Iran, Slovenia, Greece and Pakistan.
While there are no definitive links between LulzSec’s actions and the Anonymous movement, and while it is impossible to determine what the effect of Monsegur’s involvement will be on the future of Anonymous, there seems to be a cooldown on the “black-hat” hacking aspect of the group. In recent years, Anonymous has helped to crack the cover-up on the Steubenville rape case, participated in mutual aid efforts in response to the 2013 flash floods in the United States, and raised awareness about homelessness. It would seem that in the absence of LulzSec and Hammond’s AntiSec, Anonymous has returned to its original stated purpose — advocating for the downtrodden and against outrageous abuses of power.
Only time will tell if or when the next “Sec” will emerge.