Anonymous Threatens to Take Down Facebook

A YouTube video purportedly posted by Anonymous threatens to take down Facebook on January 28 using a distributed denial-of-service (DDoS) attack. Using the tagline "We are uniting humanity," the video invites the public to become part of the "first official cyber war," and provides instructions on how to download the group's Low Orbit Ion Canon (LOIC) program to take part in the cyber attack.

While it is not entirely clear from the video about why Facebook is the first target in "operation global blackout part 2," an article on CNET postulates that it may be because Facebook didn't immediately oppose the Stop Online Piracy Act (SOPA). The video supports this conjecture by staking the group's claim on protecting Internet rights and in positioning the attack date a few days in future to "have a stronger army built up to fight for our rights." The attack may also, in part, be due to Facebook's increased spending on lobbying efforts, as described in a Mashable article.

This threat by Anonymous against Facebook should serve to illustrate the potential problems that small and midsized businesses (SMBs) and their IT departments face when businesses decide to relinquish control of any part of their activities to a third-party platform or provider. SMBs that use Facebook for marketing, advertising, and as a customer-facing presence should be aware that as a result of this threat a general slowdown in Internet traffic or in accessing Facebook may occur. For companies that rely on 24/7 or just 9-5 availability of the social platform, this could potentially be problematic in terms of business continuity regarding servicing their customers and marketing accounts.

Often, IT is not brought into the conversation when marketing departments or other business units at SMBs decide to move to social, services, or cloud platforms. But when problems occur, IT is usually the first to hear about it, particularly when it comes to platform availability. The conversation needs to take place before the move, and it needs to encompass business continuity, security and what "security" means to the business when contemplating relinquishing even a part of enterprise IT control to third-party services and platforms.

An update on the CNET article says that a Tweet from AnonOps states that the YouTube video wasn't from the group and denies that there will be an attack on Facebook at all. Facebook, however, appears to be taking the threat in stride and "expects" such attacks as part and parcel of the business that they're in. IT can continue to monitor the threat as it plasy out and use this example to gain insight on how it impacts business units in terms of security and business continuity. IT should continue to voice their concerns whenever business activities are carried out on platforms outside the enterprise and push for comprehensive solutions to enable business to move forward in the event of threats.