FBI probes Anonymous' claims of hacking into federal website – USATODAY.com

Government takedown of Megaupload leads to new fears

By Byron Acohido, USA TODAY

Updated 58m ago

• Comments
• 
  

• 
• 
• 

Reprints & Permissions

The government takedown of Megaupload, a popular file-sharing site, has stoked simmering fears that hard-line enforcement of copyright infringements could profoundly disrupt Internet commerce.

• 
  
  
  

  
  
  
  
  
  
  
  
  
  -, AFP/Getty Images
  This image shows a web page from Megaupload.com, one of the largest file-sharing websites, which was shut down by U.S. authorities.

Enlarge

-, AFP/Getty Images

This image shows a web page from Megaupload.com, one of the largest file-sharing websites, which was shut down by U.S. authorities.

Ads by Google

Personal SecurityEvaluate Cloud Computing Vendors
Personal Security, Tips & Tools.searchCloudSecurity.TechTarget.com

File sharing has become a major way corporations collaborate with employees and partners and interact with customers. It fuels the sharing of rich content across Internet-connected devices in the home and office and distributed to mobile devices and has emerged as a major component of cloud computing, the delivery of content and services across the Web.

"If legitimate content is housed on the same service that might have infringing content, it gets sucked into this vortex and it's gone," says Dennis Fisher, security blogger at Threatpost.com. "I don't know how much the government or these companies (advocating strict anti-piracy enforcement) have thought this through. I would guess not a lot."

• STORY: Congress shelves anti-piracy bills

• BLOG: Kim Dotcom boasts a checkered, colorful bio

• MORE: The Megaupload indictment

Federal authorities shut down Megaupload.com, one of the world's most popular file-sharing sites, Thursday and accused it of costing copyright holders more than $500 million in lost revenue from pirated films, music and other content.

Four executives arrested in New Zealand appeared Friday in an Auckland courtroom to begin extradition proceedings that could take more than a year. Three others remain at large.

According to New Zealand's Fairfax Media, a defense lawyer raised objections to a media request to photograph the proceedings, but his client, Megaupload chief Kim Dotcom, spoke out, saying he would not object "because we have nothing to hide."

The judge granted the media access, and ruled that Dotcom and the three other suspects would remain in custody until Monday, the next scheduled hearing in the case.

The five-count indictment, which alleges copyright infringement as well as conspiracy to commit money laundering and racketeering, described a site designed specifically to reward users who uploaded pirated content for sharing, and turned a blind eye to requests from copyright holders to remove copyright-protected files.

It was unsealed a day after technology companies staged an online blackout to protest two related bills in Congress that would crack down on sites that use copyrighted materials and sell counterfeit goods. Congressional leaders agreed Friday to indefinitely delay action on those bills — Stop Online Priacy Act in the House and Protect IP Act in the Senate.

Critics contend SOPA and PIPA don't so much protect the rights of filmmakers, musicians, writers and artists as they do preserve an antiquated film and music distribution system.

"No law passed in the U.S. is going to have any real effect on whether people steal movies, music and books. That ship has sailed," Fisher says. "The network of underground sites that traffic in pirated movies and music won't disappear. It will simply adapt."

Within 24 hours after U.S. authorities shut down Megaupload servers in Virginia, ABC News reported that the website was accessible again by typing a numeric address in a Web browser. But that address led to a webpage with a message saying work was underway to restore Megaupload, and asking people to spread the word on Facebook and Twitter.

Megaupload may have had a contingency plan with a backup domain and server at the ready to restore services should its main servers go down, something that many Internet companies do, Fisher says.

Al Hilwa, an analyst at research firm IDC, says defining who is responsible for strictly obeying copyright laws is at the heart of the piracy issue. "Shifting that responsibility to the technology providers, networks, hosters and intermediate service providers who make up the file-transfer chain would mean burdening them with escalating costs. That would make them uncompetitive and hurt their growth." he says.

That law enforcement officers were able to coordinate internationally to take action demonstrates that current laws targeting copyright violators work, says Art Brodsky, a spokesman for Public Knowledge, a Washington, D.C.-based communications and technology advocacy group. "They roped in New Zealand police and the FBI flew down there," he said. "So why do you need more laws?"

On Friday afternoon, Twitter and Facebook users continued buzzing about the shutdown of Megaupload. Some posted messages such as "R.I.P. Megaupload," "Missing Megaupload already," and "Let's all have 1 minute of silence for Megaupload."

Meanwhile, federal authorities are investigating disruptions to the Justice Department website and threats to the site maintained by the FBI believed to be prompted by the Megaupload arrests.

The Justice Department website was back online Friday after being hit Thursday evening. An alliance of hackers known as "Anonymous" claimed responsibility.

In a written statement, the Justice Department said its Web server had experienced a "significant increase in activity, resulting in a degradation in service" and that the activity was "being treated as a malicious act."

The enforcement action against Megaupload and actions by hacktivists was not unprecedented. Something similar happened in May 2006 when authorities shut down movie-sharing site Piracy Bay.

Millions of people use websites such as Megaupload and Bit Torrent to transfer TV shows, movies and music. Other file-sharing sites like You Send It and Dropbox focus on file-sharing for workplace collaboration. And newer file-sharing sites like Spotify focus on file-sharing within social media and mobile devices.

If anti-piracy enforcement actions accelerate, hacktivists can be expected to uniformly retaliate, says Josh Shaul, chief technology officer at Application Security.

"We may be looking at a cycle of more enforcement action, more sites being taken down and more retaliation by hacktivists," Shaul says. "People will bring up new file-sharing sites in countries where they can't be taken down, and the cycle will continue."

The hacktivists are getting better at retaliating quickly. Recruits to help execute distributed denial of service (DDos) attacks are trained and equipped to instantly add the processing power of their individual PCs to the cause.

The constant stream of nuisance requests that cut off public access to the Justice Department and motion picture industry websites came from about 5,635 individuals using a networking tool called a "low orbit ion cannon," according to messages posted by Anonymous, which claims this to be the largest such attack ever. PCs likely scattered in multiple nations, using tried-and-true technology to make them difficult to trace, were used.

Such attacks formulate spontaneously in Internet Relay Chat rooms. Participants must use their own initiative to set up their PCs ahead of time so they can't be traced, but the necessary software and training are readily available online.

"The ranks of the hacktivists are swelling," Shaul says. "More people are willing to stick their necks out on the line and start hacking."

While Justice says it is illegal for anyone to download pirated content, its investigation focused on the leaders of the company, not end users who may have downloaded a few movies for personal viewing.

Megaupload.com has 150 million registered users, about 50 million hits daily and endorsements from music superstars. The U.S. indictment said founder Dotcom made $42 million last year alone.

The website allowed users to download some content for free, but made money by charging subscriptions to people who wanted access to faster download speeds or extra content. The website also sold advertising.

The movie industry has fought against the site, saying it is making money off pirated material. Though the company is based in Hong Kong and Dotcom was living in New Zealand, some of the alleged pirated content was hosted on leased servers in Virginia, and that was enough for U.S. prosecutors to act.

New Zealand police seized guns, artwork, more than $8 million in cash and luxury cars valued at nearly $5 million after serving 10 search warrants at several businesses and homes around Auckland.

Dotcom is a resident of Hong Kong and New Zealand and a dual citizen of Finland and Germany who had his name legally changed. The 37-year-old was previously known as Kim Schmitz and Kim Tim Jim Vestor.

Of the three others arrested Thursday, two were German citizens and one was Dutch. Three other defendants — another German, a Slovakian and an Estonian — remained at large.

The Electronic Frontier Foundation, which defends free speech and digital rights online, said in a statement that the arrests set "a terrifying precedent. If the United States can seize a Dutch citizen in New Zealand over a copyright claim, what is next?"

Acohido reported from SeattleContributing: Yamiche Alcindor, Roger Yu and Matthew Barakat in McLean, Va.; Kevin Johnson in Washington; Associated Press

Sphere: Related Content