February 2012 brings a new domain for my blog (it’s just a hackmaggedon) and confirms the trend of January with a constant and unprecedented increase in number and complexity of the events. Driven by the echo of the ACTA movement, the Anonymous have performed a massive wave of attacks, resuming the old habits of targeting Law Enforcement agencies. From this point of view, this month has registered several remarkable events among which the hacking of a conf call between the FBI and Scotland Yard and the takedown of the Homeland Security and the CIA Web sites.
The Hacktivism front has been very hot as well, with attacks in Europe and Syria (with the presidential e-mail hacked) and even against United Nations (once again) and NASDAQ Stock Exchange.
Scroll down the list and enjoy to discover the (too) many illustrious victims including Intel, Microsoft, Foxconn and Philips. After the jump you find all the references and do not forget to follow @paulsparrows for the latest updates. Also have a look to the Middle East Cyberwar Timeline, and the master indexes for 2011 and 2012 Cyber Attacks.
Addendum: of course it is impossible to keep count of the huge amount of sites attacked or defaced as an aftermath of the Anti ACTA movements. In any case I suggest you a couple of links that mat be really helpful:
- List of all vulnerable websites attacked by anonymous Part II (updated daily) (via cylaw.info)
- List of Websites Hacked, Defaced & Taken Down By Anonymous (via valuewalk.com)
This infamous 2011 is nearly gone and here it is the last post for this year concerning the 2011 Cyber Attacks Timeline. As you will soon see from an infosec perspective this month has been characterized by two main events: the LulzXmas with its terrible Stratfor hack (whose effects are still ongoing with the recent release of 860,000 accounts), and an unprecented wave of breaches in China which led to the dump of nearly 88 million of users for a theoretical cost of nearly $19 million (yes the Sony brech is close). For the rest an endless cyberwar between India and Pakistan, some hactivism and (unfortunately) the usual amounts of “minor” breaches and defacement. After the page break you find all the references.
Last but not least… This post is my very personal way to wish you a happy new infosec year.
Hactivism is making possible to bring wars and revolutions on the cyberspace, the fifth domain of war. In particular the Arab Spring has given the definitive consecration to politically driven hacking actions that have proven to be a key factor inside the protests that are changing the political landscape in the Middle East: non conventional weapons used together with “traditional” methods by both parties involved on revolutions: cyber-opponents vs cyber-supporters.
Tunisia has been the first example of this new way to provide backing to social protests: at the beginning of 2011 the Anonymous activists targeted Tunisian government sites. It was the 4th of January and this action (or Operation quoting the same term used by the Anonymous) showed to the world the real, political and social power of the Cyber warfare.
Few days later (June, 26th 2011) the same fate befell to Egypt: government sites were targeted with DDOS attacks which contributed to draw attention to ongoing protests which led to the fall of President Mubarak.
Following the wake of the Arab spring, the Anonymous also took position in the Libyan Revolution declaring their engagement with the rebels. Although, from an information security perspective, no practical consequence followed this statement, it had a huge symbolic significance, since in a clear and decisive manner, an hacker crew crossed the boundary of the cyberspace and took position on a social and political event even before performing any hacking acton.
But in Syria the revolution fought in the fifth domain has reached its “bloody” peak. On August, the 7th 2011 the Anonymous targeted the Syrian Ministry of Defense with a resounding defacement. A couple of days later, in retaliation of the previous defacement, the Syrian Electronic Soldiers defaced Anonplus, the Anonymous Social Network, that had already been, a couple of weeks before, the target of a defacement performed by the same Syrian Crew.
But the “war inside the war” fought between the two groups does not stop here: following the bloody events in Syria, on Sunday, 25th of September, the Anonymous decided to open again the hostilities unleashing a chain of defacement action, against the Syrian Government, hacking and defacing the official sites of seven major Syrian cities, which stayed up in their defaced version for more than 16 hours. The defacement actions kept on the following day in which 11 Syrian Government Sites were defaced as part of the same operation.
Of course a retaliation of the Syrian Electronic Soldier was predictable (and close in time) and targeted, in an unexpected manner, one of the most important US Universities, the University of Harvard which was victim of a resounding defacement on Monday, the 26th of September.
So far the two Cyber Armies have shown an unprecedented impetus in countering their respective acts of cyberwar. Probably the story will not end up here and, most of all, we will have to get used to watch the wars and the revolutions on a double perspective involving real battlefields and virtual battlefields. The problem here is that information security professionals and system administrators are not likely to be mere spectators, but the real soldiers of this non conventional war.