Friday, February 17, 2012

Technics: CIA webs+t: Hacked! by Anonymous, Agency struggles to recover

refWrite comment:  The InformationWeek niche-blog for security-info in the digital realms of the Internet is trying to keep those concerned (laity) and IT specialists (professionals) uptodate on the acts of the hactivists (as they're called) who seek to disrupt the institutions that provide and/or protect certain databases and communcations vital to the USA's political and strategic well-being.  However, the system does require security, so that delicate info doesn't leak from its banks of data to individuals wishing to harm our system (I don't want to paint a roseate picture of the moral achievements of the system as a whole, or of its security taskforce personnel, tho I do count most of them on the s+d of the good angels).  Nevertheless, for whatever reasons, strong forces of reaction to USA Security as a functioning concept and mandate, and of a reaction to its diplomacy with other nations (as is the case of the Wikileaks info-leaks/flood), have congealed into action groups with grudges and technical skills in a cyber-lethal combination.  One such action group is Anonymous;  Anonymous is famous.  And now the m+ty deeds sung around its campfires include a direct, purposeful assault on the Central Intelligence Agency's webs+t open to the public (while CIA's intranet s+ts seem not to have been penetrated).  Anonymous must be regarding this CIA public webs+t as merely a propaganda instrument to impress, persuade, and perhaps confuse especially the American public.  That proposition seems inherently an implication of its action.

Anonymous: 10 Facts About The Hacktivist Group


Anonymous: 10 facts about the hacktivist group
Matthew J. Schwartz's multiple-pager on Anonymous

In response to an apparently non-Anonymous attack, one that targetted an Alabama state-police database for the purpose of data-theft and then dumped some of the info garnered to the media, replied to their critics like DataBreaches.net saying: 
"Yeah but we arent gonna post that shit! [names of sex offenders plus limited info on the victims and the crimes, while vehicle info and license plate digits were released].  We are exposing the flaw [in the Alabama cyber-security system] not the names of the innocent!" 
So the vigilantes in this case protect the child abusers and rapists, while gathering their cloaks about them after spewing out venom on the (cyber-security) system as such.  After all, it is flawed.  They thus parade their own expertise, while trying to heap the public's disdain on the agencies and officials who work in this field on behalf of Alabama's state government and the law-abiding public.  They are thus, at best, to be classed as vigilantes.  Anonymous, however, doesn't even rise to this dubious standard.
— Technowlb


 
InformationWeek (Feb13,2k12) 




CIA Website Hacked, 

Struggles To Recover



Anonymous and other hacktivists also left their marks on the U.S. Census Bureau, Interpol, and Mexico, as well as law enforcement websites in Alabama and Texas.






An Anonymous-related Twitter channel claimed Friday that the group had successfully taken down the CIA's public-facing website.
The CIA website reportedly remained inaccessible several hours after the attack, then appeared to be offline intermittently for the rest of the weekend, as well as on Monday, in the face of what appeared to be a distributed denial of service (DDoS) attack. Anonymous had previously been making a habit of targeting the FBI on Fridays.


More Security Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>
The CIA has acknowledged that it's been having website issues, but hasn't publicly commented on the cause. Interestingly, it's not clear if Anonymous was indeed responsible. "We'd remind media that if we report a hack or ddos attack, it doesn't necessarily mean we did it...FYI," according to a tweet from YourAnonNews, which is a reliable source of information about Anonymous activities.
Saturday, hackers announced via Pastebin--with a shout-out to Anonymous and AntiSec — that they'd hacked the U.S. Census Bureau, and they listed the names of stolen database tables. The same day, the website of Interpol was also knocked offline, although the attack wasn't the work of Anonymous. Instead, via a Pastebin post, a group known as Black Tuesday (tagline: "We'r revolution of your mind!) claimed credit.
"We'r not Anonymous! Stop calling us a part of them:[ Yeap, we support their ideas, but we have own ideas at all!" according to a Twitter post made by the group.
Regardless, members of Anonymous have been busy. As part of the Anonymous anti-law enforcement effort AntiSec, the group released Friday what it said were 730 MB of emails plus a database of information from Mexico's Chamber of Mines, aka "Camimex." In a Pastebin post, "AnonMex" said the attack was in retaliation for mining syndicates working in parts of Mexico without consulting with the indigenous population.
Last week, pro-Anonymous hackers CabinCr3w and w0rmer hit the Texas Department of Public Safety, and detailed what they'd stolen, which included contact information for training centers. The hackers also released what it said were two Excel spreadsheets allegedly stolen in the attack. While one appeared to contain non-sensitive training center contact information, the other appeared to be a dummy file used to disguise a known piece of spyware called "BadSRC."
The same two hackers last week also launched an attack against the Alabama Department of Public Safety, and released seven spreadsheets containing information on sex offenders as well as victims, as well as a database of vehicle information for offenders.
Much of that information, however, was redacted. "Inspection of the spreadsheets indicates that no names were dumped [exposed], but it might be possible to recognize particular cases of child sexual abuse or rape by the dates of the arrests and the description of the crime and victim's age if a case had been reported in the media or occurred in a small town," said Databreaches.net. "Similarly, while offenders' names were not included in the data dump, their vehicle information and license plate number were. It's not clear whether the hackers also acquired other files or databases that would enable identification of what appear to be unique IDs."
In another attack, CabinCr3w and w0rmer, as well as another hacker known as Kahuna, hacked into a website for the Mobile, Ala. police department, to protest "recent racist legislation," according to the Pastebay post announcing the attack. "Because of your police being lazy when it comes to data security, we have acquired the following information of over 46,000 citizens of the state of Alabama," said the attackers.
The stolen data included people's full legal names, social security numbers, birth dates, and criminal records. B u t the hackers involved told Databreaches.net that they'd purposefully chosen to release only a redacted subset of the data they'd obtained, and then deleted all of the data.
Hacks of Comodo and DigiNotar exposed weakness in the Secure Sockets Layer protocol. The new Dark Reading supplement shows you what's being done to fix it. (Free registration required.)
——————————————————————————
— Comment and all materials + bolding and colour-coding posted by Technowlb, refWrite Backpage technics columnist.  Cross-posted to refBlogger Insertgeneral editor, refWrite Backpage

1 comment:

Blogger said...

I have used AVG Antivirus for a number of years now, and I recommend this solution to all of you.