Security Researchers Call for a More Disciplined Anonymous

At the 2012 SOURCE security conference in Boston, two prominent cybersecurity researchers presented a provocative argument: the hacktivist collective known as Anonymous needed to evolve. Josh Corman, then director of Security Intelligence at Akamai, and Brian “Jericho” Martin, a veteran security analyst, laid out a case for what they called “Anonymous 2.0” — a more focused, principled version of the decentralized movement.

Their thesis was not that Anonymous should be eliminated, but that its chaotic structure created collateral damage that undermined its own stated goals and left innocent people exposed.

Why Anonymous Matters to Everyone in Technology

The researchers argued that Anonymous had become impossible to ignore for anyone working in technology or business. The movement’s influence extended across law enforcement, media, organized crime, foreign governments, and ordinary internet users whose personal information was sometimes exposed as collateral damage in Anonymous operations.

The decentralized nature of the group meant that anyone affected by its actions was effectively involved, whether they chose to be or not. Personal data dumps — known as “doxing” — put uninvolved civilians and their families at risk, even when the intended targets were institutions or public figures.

The Smokescreen Problem

One of the more significant points raised at the conference concerned attribution. Because Anonymous operated without formal membership or hierarchy, any cyberattack could be branded with its name regardless of the actual perpetrators. This made the group a convenient cover for nation-state actors, criminal organizations, or anyone seeking to disguise their activities behind the Anonymous banner.

Members drifted in and out of affiliation constantly. There was no mechanism to verify whether a given action was genuinely motivated by activist principles or was simply using the brand as camouflage.

A Mirror Held Up to Cybersecurity Failures

Despite the disruption they caused, the researchers acknowledged that Anonymous-affiliated actors had performed an unintentional service. Most of their successful operations exploited basic security vulnerabilities — low-hanging fruit that should have been addressed through standard cybersecurity practices.

As Corman framed it, Anonymous had effectively demonstrated how insecure major institutions were at a fundamental level. If organizations could not defend against relatively unsophisticated attacks from a loosely organized collective, they were wholly unprepared for more capable adversaries.

The Three-Step Plan for Anonymous 2.0

Corman and Martin proposed a framework for a more effective version of the movement, built on three pillars. First, a clear statement of beliefs, values, and objectives — articulating the reasons the group existed. Second, a code of conduct and operational parameters defining how members would pursue shared goals. Third, a plan for increasing effectiveness while reducing unintended harm.

They acknowledged this structure would likely cause the movement to splinter, but argued that specialization would be beneficial. A focused group dedicated specifically to free speech issues, for example, could accomplish more than a diffuse movement attempting to address everything simultaneously.

The researchers pointed to the newly announced MalSec group as an early example of this approach. MalSec had publicly stated a commitment to free speech and adopted a practice of never removing original data when defacing a target’s website — creating clear principles that would allow the group to disavow actions that violated its stated values.

The Gap Between Perception and Reality

When the conference audience was asked how many believed law enforcement was winning against Anonymous, only a single hand was raised. Yet the researchers’ data told a different story. Approximately 184 Anonymous-affiliated individuals had been arrested and charged across 14 countries at that point.

The disconnect was largely a media problem. The researchers estimated that only about one in three Anonymous-branded actions received any news coverage, one in five appeared on technology news sites, and only one in 30 reached mainstream media. Law enforcement was making arrests, but failing to communicate those results effectively.

The Problem with the Word “Hacktivist”

The researchers also challenged the widespread use of the term “hacktivist,” arguing it romanticized the movement and obscured important distinctions. Their analysis suggested that only 5 to 10 percent of those claiming Anonymous affiliation possessed genuine hacking skills or engaged in meaningful activism. The remainder were described as passive participants contributing little beyond amplification.

The term “hacktivist” evoked a Robin Hood narrative that made for compelling journalism but poor analysis. Finding a more accurate vocabulary, the researchers argued, would require Anonymous itself to develop clearer boundaries — making it possible to distinguish legitimate actions from false-flag operations or opportunistic criminality wearing the group’s mask.