Up until last spring, if you wanted to cause real problems to almost any organization with a substantial web presence, all you had to do was get on the instant-messaging service Telegram and get in touch with a shady outfit called Anonymous Sudan. There you could pay as little as $150 a day—or a discount of $700 for a whole week—to arrange a distributed denial-of service (DDOS) attack on the website of your choice.
The people running this service were two Sudanese brothers, Ahmed Salah Yousif Omer and Alaa Salah Yusuuf Omer, who operated a highly sophisticated network of cloud-based servers that nimbly evaded most security measures. In 2023, the pair claimed responsibility for attacks on the websites of PayPal, Twitter/X, and OpenAI, as well as attempts on the U. S. Federal Bureau of Investigation site. They paid special attention to targets in the Los Angeles area, hitting at least 70 LA-based institutions, including the Cedars-Sinai Medical Center.
Because that particular attack indirectly threatened the lives of patients by disabling the medical center's emergency facilities and forcing them to send patients elsewhere, Ahmed Salah is charged with life-threatening actions that could lead to a life sentence.
The world found out about this earlier this month when the U. S. Department of Justice (DOJ) issued a press release saying that the brothers had been arrested back in March, and that critical parts of their software and hardware have been seized and disabled. The DOJ didn't say where they were imprisoned, but apparently extradition must take place before they can be tried in the U. S. The Anonymous Sudan attacks had a definite political flavor, as they coordinated an attack on an Israeli alert system on Oct. 7, 2023, the day of the Hamas attack that killed over 1100 people and resulted in the capture of about 250 hostages. And Cedars-Sinai Hospital has its roots in the old Cedars of Lebanon hospital founded by Jewish businessman Kaspare Cohn in 1902.
DDOS attacks are nothing new, and in the continuously escalating rivalry between computer security efforts on the part of private industry and governments on the one hand, and hackers on the other hand, it's not surprising that an outfit like Anonymous Sudan would offer their services for sale. Because of the international nature of the Internet, any effort by a single government agency such as the FBI is hampered by the need to deal with and through governments of other nations, specifically Sudan in this case. From a purely administrative point of view, it would be much easier if we just had a single world government, because its FBI equivalent could freely travel and exercise power anywhere in the world without the inconvenience of having to establish extradition treaties and so on.
But there are excellent reasons not to have a single world government, stemming mainly from the fact of original sin. Even well-intentioned organizations like the FBI make mistakes from time to time, and so it's not a good idea to empower them, or anybody else for that matter, with worldwide police authority. Instead, they must develop diplomatic connections and a complex web of informal agreements of which I have no detailed knowledge. Suffice it to say that a huge amount of behind-the-scenes negotiations and even power plays must have occurred for these two characters to get arrested, wherever they were, and their server farms taken down.
In order to evade arrest and conduct a highly profitable and politically influential business for so long despite the best efforts of industries and governments to stop them, these guys must have had a great deal of raw talent. Why didn't they take those abilities and put them to use in a way that would benefit the world at large rather than harm it?
The final answer is locked in the privacy of their souls, so we can only speculate. What alternatives for employment did a clever boy interested in computers have growing up in Sudan? The Wikipedia article on the country's economy says that agriculture and petroleum are the leading sources of wealth, with a smattering of light industry and a growing medical sector. In the U. S., such a smart pair as the Omer brothers could have found some venture capitalists interested in a wacky idea of theirs, and they could have started a company doing something legitimate.
But in Sudan, that does not appear to be an option. It may have seemed to them that the only way to get rich quick with their computer skills was to walk on the dark side, and so they developed their for-profit DDOS service, and on the way did what they could to benefit the anti-Israeli cause espoused by so many predominantly Muslim countries. In a certain frame of mind, one could view any attack on any private or public organization based in the Great Satan (the U. S.) was a blow struck for good in the ongoing battle between the Islamic forces of righteousness and the evil empire headed by the United States and its sinister support for the Little Satan, Israel. It all depends on your point of view.
We may never learn the true motivations for the activities of Anonymous Sudan, but clearly the same conditions that gave rise to those hackers exist in other parts of the world. Law enforcement of the type that led to their capture has at least two good reasons to exist.
First, it puts a stop to the harmful activities of the criminals who are arrested. The expertise of the Omer brothers is no longer at the disposal of other crooks who would like to pay a few bucks to cost hospitals and government organizations millions of dollars in hacking damage. (Viewed in terms of return on investment, though, it was a real bargain. Many criminal enterprises are.)
Second, it serves notice to other criminals that if you keep doing what you're doing, you may well get caught. I don't think the FBI will ever become effective enough to scare all hackers into hiding, unless we somehow manage to get that world government that is the pipe dream of administrators, but by then we'll be dealing with a whole other set of problems. But we can thank the FBI and everyone who helped them for eliminating at least this particular source of hacking woes, and serving notice that hiding in a country with a chaotic government is no protection against being arrested.
Sources: The DOJ press release announcing the arrest of the Omer brothers is at https://www.justice.gov/usao-cdca/pr/two-sudanese-nationals-indicted-alleged-role-anonymous-sudan-cyberattacks-hospitals. I also referred to a report at https://krebsonsecurity.com/2024/10/sudanese-brothers-arrested-in-anonsudan-takedown/and the Wikipedia websites on the economy of Sudan and Cedars-Sinai Medical Center.
No comments:
Post a Comment