WATCH: Tue, Nov 25: The hackers who took responsibility for taking down the Ottawa and Toronto police websites over the weekend now claim they are not affiliated with the hacker group “Anonymous”.
TORONTO – A hacker claiming to be associated with the “hacktivist” group Anonymous appears to have orchestrated a series of attacks on Canadian websites over the weekend, including Toronto and Ottawa Police. The attacks started Friday after the City of Ottawa website was hacked – its homepage replaced with the image of a dancing banana.
Then, on Saturday evening, both the Supreme Court of Canada and Ottawa Police Services websites went down in what was believed to be a distributed denial-of-service attack (DDoS attack). On Sunday, Toronto Police services website also went dark.
DDoS attacks are often used by hacker groups to bring down websites by flooding the site with requests until its servers crash.
According to Twitter user @AerithTOR – who has taken responsibility for the website outages – the attacks are in defence of an Ottawa teen who is accused of making prank 9-1-1 calls across North America. The teen is suspected of 30 instances of these types of pranks, known as “swatting.”
“Hacktivist” group Anonymous has come to the teen’s defence, claiming it has evidence that he was framed – and @AerithTOR, who claims to be affiliated with the group, claims to have the proof.
“We are helping the youth clear his name, he was framed. We will be disclosing documents in the coming days,” read a statement from @AerithTOR posted on Sunday.
“We are helping the youth because he is innocent, and got royally screwed by the police, for no apparent reason. We will not rest; we will not stop, until the police admit their mistake, and drop all charges against the innocent youth.”
WATCH: Ottawa police chief comments on DDoS attack
On Sunday the teen’s father thanked Anonymous for coming to his son’s defence, according to the Ottawa Sun.
The @AerithTOR Twitter account has since been suspended and the hacker is now using the @AerithXOR2 handle. The hacker has also released the name of the Ottawa police officer investigating the teen’s case.
How do DDoS attacks work?
Distributed denial of service (DDoS) attacks have become the favourite takedown tool for many hacker groups.
DDoS attacks are called “distributed” because they usually come from a number of computers controlled by the attacker. The idea is to flood the targeted website with as much traffic as possible, until the website’s server is overloaded and crashes, taking the site offline.
Hackers often use “botnets” to initiate DDoS attacks. Botnets are made up a large collection of “zombie computers” – machines that have been infected with a Trojan virus that allows attackers to run applications without the user’s knowledge.
DDoS attacks became synonymous with hacker group Anonymous after the group launched several denial-of-service attacks on Visa, MasterCard and PayPal in anti-piracy protests in 2010.
But information security consultant and former hacker Jeremiah Brott told Global News not all of these attacks may have been that sophisticated.
“It could [have] been as simple as calling them up on the phone and pretending they are the administration of the site and I need to make a change.”
Ottawa Mayor Jim Watson confirmed Monday afternoon that someone posed as a city employee in order to get the City of Ottawa’s website redirected. The statement came after the website was taken down for a second time Monday morning.
Ottawa Police say they are investigating the incidents, but that systems are secure and operations are running normally.
“There have been no security breaches or loss of data,” said Ottawa Police Chief Charles Bordeleau in a release.
Global News contacted Toronto Police to confirm the nature of the attack on its website; however, a request for comment was not immediately returned.
Though @AerithTOR claims to be affiliated with Anonymous, it’s unknown whether the user is working with the group or individually.
Anonymous previously issued a statement regarding the Ottawa teen’s case, pledging a series of cyber-attacks similar to the ones seen this weekend. In fact, Brott said one of the attacks was likely done by Anonymous hackers because of the hashtag affliation.
Anonymous always uses an code name for their “operations” – in this case #opSoaringEagle.
@AerithTOR is also using the #opSoaringEagle in their tweets and statements online.
“It’s hard to tell with Anonymous – they’re not one centralized group,” Brott said.
The City of Ottawa’s website was taken down once again just before time of publishing (1:30 p.m. ET).