Reporters in Ottawa had never tweeted so excitedly about about a government website until last week when the mundane blue green web page of the City of Ottawa was hijacked. In its place, a dancing banana—splashed on a black screen. "You have been hacked by @Aerith" read the bold white text—followed by a threat directed at a local Ottawa police officer. Reporters who were escaping newsrooms for the weekend, found themselves suddenly back at their computers. That was how Aerith introduced himself and soon the city's reporters and beyond were following his Twitter account and subscribing to his email list. The following day he launched a series of Dos attacks on the Ottawa police and the Toronto police—flooding their websites with data and forcing them off line.
The officer threatened by Aerith is the lead investigator in the case of a 16-year-old Ottawa boy accused of making dozens of hoax 911 calls. The hoaxes known as SWATting involves bomb threats, hostage takings and a gunman on the loose. The aim of the call is to generate the largest police response possible, usually involving heavily armed police officers or SWAT teams. The 16-year-old is facing 60 charges related to more than 30 such calls. The investigation involved local police in 3 provinces and multiple states as well as the FBI and the RCMP. Schools and homes in Maryland, Texas, Florida and California along with 2 schools in Canada were targeted. Aerith has stated that his goal is "free" the boy and that he has evidence that points to a set up—now he just wants police to re-open the investigation or face prolonged DOS attacks.
Aerith in bold braggadocio also threatened to take out the Supreme Court of Canada website, Parliament's main account and other government sites—some of which pulled their sites offline as a precaution. In the past week, every site that Aerith has threatened to attack is once again functioning normally—except for the Ottawa Police site. It has been offline since Saturday. The Ottawa Police chief Charles Bordeleau has stated that there was no internal security breach, and despite Aerith's bold claims that he has accessed internal emails. Police sources tell me the emails the hacker has published so far are "spoofed"—fake emails generated through website that allows users to send fake emails in official looking guise. Emkei.cz is one such site.
Even though www.ottawapolice.ca has been besieged by DOS attack for nearly a week—officers haven't been disrupted from doing their online work. They're still able to email and google, with one exception—the IT department has asked them to refrain from streaming in video until they resolve the pesky problem called Aerith.
And that is what investigators working on this case consider Aerith— not a cybersecurity threat a fly that refuses to buzz off. But Aerith is a fly that police need to swat down.
"A 10-year-old with the right computer skills can do this," says an investigative source. Yes—but it's not reassuring that a hacker with the skills of a 10 year old has exposed vulnerabilities in the cyber-security protection of the Ottawa Police force. Aerith has broken into the front door of the police service, although he hasn't been able to steal anything. OPS is adamant its site is secure, but sources say the network that hosts its website—Rogers—is refusing to let www.ottawapolice.ca go back on line. If it were to do so, Rogers fears the amount of data flooding the police website would slow its bandwith for its millions of users. So the force's website is offline, until it can find a solution. VICE has reached out to Rogers for comment but has yet to hear back.
The only real solution involves arresting the hacker. Investigators believe Aerith is from Ottawa—but they haven't been able to trace him, that's because the hacker is likely using the Tor Network to conceal his identity. The network allows users to surf the internet, send messages and chat anonymously. The network which uses encryption software is used for illegal activity, but also by individuals who are concerned about government surveillance, and those who want to protect the identities of whistleblowers and sources. Many journalists use Tor, so do victims of domestic violence, along with cybercriminals.
"It's possible you can remain anonymous forever," says my source who is working on the case. The words come out in deep sigh, a tacit acknowledgement perhaps that it won't be easy catching this hacker. And that it may take awhile. Yet Ottawa police can't remain offline indefinitely. So the only option Ottawa police have is to re-route the DOS attacks. Sources tell me, that OPS is paying an outside cyber security firm to divert the attacks. The cybersecurity firm will take all packets of data, Aerith is launching at OPS and move it to another network line hosted by the security firm. The security solution could cost in the hundreds of thousands of dollars.
Yesterday—the sad square face accompanying the message "this webpage is not available" was replaced by an official OPS page, thanking the public for their patience and promising that Ottawapolice.ca will be up soon. The public waits and so does Aerith.