Student on trial accused of playing a leading role in revenge campaign against several sites after backlash against WikiLeaks
The self-styled 'hactivists' caused losses worth more than £3.5m at PayPal, Southwark crown court heard. Photograph: Andrew Matthews/PA
Four activists from the hackers collective Anonymous caused multimillion-pound losses to a number of firms in revenge for the backlash against WikiLeaks, a court has heard.
Using the name Operation Payback, the four flooded websites belonging to companies including PayPal and Ministry of Sound with messages and requests in order to bring them down.
People who tried to visit the sites were greeted with the message: "You've tried to bite the Anonymous hand. You angered the hive and now you are being stung."
What began as a targeting of the music industry over its antipiracy stance turned into a campaign in support of WikiLeaks and its founder, Julian Assange. The self-styled "hactivists" caused losses worth more than £3.5m at PayPal and caused sites belonging to MasterCard and the recording industry to go offline.
Three of the group have admitted their role in the conspiracy. Christopher Weatherhead, 22, a student at Northampton University, is on trial at Southwark crown court accused of being "part of a small cabal of leaders" of the cyber-attacks.
Opening the prosecution case, Sandip Patel said Weatherhead – who went by the online name "Nerdo" – played a central role in the campaign mounted in 2010. "This case, simply put, is about hackers who used the internet to attack and disable computer systems, colloquially described as cyber-attackers or vandals," Patel said.
"Christopher Weatherhead, the defendant, is a cyber-attacker, and … he and others like him waged a sophisticated and orchestrated campaign of online attacks that paralysed a series of targeted computer systems belonging to companies, to which they took issue with for whatever reason, that caused unprecedented harm."
The campaign involved Weatherhead and his three co-conspirators carrying out distributed denial of services (DDoS) attacks against the companies, the court heard. The tactic paralyses a computer system by flooding it with an "intolerable number of online requests and messages", Patel said.
"The members of Anonymous describe themselves as hacktivists … They conducted online attacks against computer systems which they took the view, for whatever reason, needed to be dealt with, taught a lesson. Their method was to carry out DDoS attacks in order to bring them down."
He said Operation Payback had originally targeted companies involved in the music industry and opponents of internet piracy, but was later broadened to include new objectives after the backlash against the publication of classified data by WikiLeaks.
The four used a free internet tool called Low Orbit Ion Canon (LOIC) as a "destructive cyber weapon", the court heard. "Once downloaded, the LOIC could be used to attack by sending internet traffic to a target computer," Patel said. "When the volume of traffic sent to a computer becomes too much for it to handle it would suffer a denial of service. The more LOICs used, therefore, to attack a target computer, the more likely that a denial of service will take place."
He said the LOIC was used in connection with an online chat system called AnonOps to allow Weatherhead and other hackers to order several computers or "bots" to attack simultaneously.
Weatherhead is alleged to have played a "prominent" role in setting up the online chat – or internet relay chat (IRC) system to attack PayPal and other sites and was, the court heard, the network administrator of AnonOps. "He was responsible for organising the IRCs used and directing resources for campaigns," Patel said.
Weatherhead bought the website anonops.net from a Russian-based service provider that he claimed to know "permitted anything, even CP – child pornography", the court heard. "A number of organisations, were targeted some of which have contacted the police and confirmed the level of damage caused by such attacks. There were many more, we know that from chat logs, but they may not have known what had happened to them."
He said the British Phonographic Industry (BPI) was attacked on 19-20 September 2010, though the DDoS did not shut the site down. Four websites operated by Ministry of Sound were also attacked between 3 and 6 October. "As a consequence of the attack they suffered loss of reputation and sales," Patel said. "The total cost of the attack, including additional staffing, software and loss of sales, was approximately £9,000."
The International Federation of the Phonographic Industry was forced to spend £20,000 as a result of being attacked between 27 November and 6 December.
Weatherhead, of Northampton, denies one count of conspiracy to impair the operation of computers between 1 August 2010 and 27 January last year. Ashley Rhodes, 28, of south London, Peter Gibson, 24, of Hartlepool, and an 18-year-old from Chester have pleaded guilty to the same charge. The trial continues