About these ads

Archive

Posts Tagged ‘LulzSecItaly’

January 2012 Cyber Attacks Timeline (Part 2)

February 2, 2012 1 comment

Click here for part 1.

The second half of January is gone, and it is undoubtely clear that this month has been characterized by hacktivism and will be remembered for the Mega Upload shutdown. Its direct and indirect aftermaths led to an unprecedented wave of cyber attacks in terms of LOIC-Based DDoS (with a brand new self service approach we will need to get used to), defacements and more hacking initiatives against several Governments and the EU Parliament, all perpetrated under the common umbrella of the opposition to SOPA, PIPA and ACTA. These attacks overshadowed another important Cyber Event: the Middle East Cyberwar (which for the sake of clarity deserved a dedicated series of posts, here Part I and Part II) and several other major breaches (above all Dreamhost and New York State Electric & Gas and Rochester Gas & Electric).

Chronicles also reports a cyber attack to railways, several cyber attacks to universities, a preferred target, and also of a bank robbery in South Africa which allowed the attackers to steal $6.7 million.

Do you think that cyber attacks in this month crossed the line and the Cyber Chessboard will not be the same anymore? It may be, meanwhile do not forget to follow @paulsparrows to get the latest timelines and feel free to support and improve my work with suggeastions and other meaningful events I eventually forgot to mention.

Read more…

About these ads
Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Dump Up The Kids

July 8, 2011 2 comments

Not even a single day has passed since the raid of the Italian Police against some alleged Italian Anonymous members, and a new hacker group, whose name LulzStorm reminds unequivocally the Lulz Boat, has been the author of a clamorous action of hacking against several Italian universities.

On July the 6th, the “Silence of the Tweets” following the Italian Police raids has been broken by @LulzStorm (which had not been taking part to #opitaly until then) with some tweets announcing the availability of the Italian University Dump.

That tweet has broken the silence in which @anonitaly and @LulzSecITALY had apparently fallen, and, as easily predictable, has immediately been retwitted all over the web at incredible speed.

Besides the data, the torrent contains a real declaration of war:

Targets included:

unisi.it (Università Degli Studi di Siena)
unisa.it (Università Degli Studi di Salerno)
uniroma1.it (Università La Sapienza di Roma)
antonianum.eu (Pontificia Università Antonianum)
econoca.it (Università Degli Studi di Cagliari, Facoltà di Economia)
uniba.it (Università Degli Studi di Bari)
unibocconi.it (Università Commerciale Luigi Bocconi)
unifg.it (Università Degli Studi di Foggia)
unime.it (Università Degli Studi di Messina)
unimib.it (Università Degli Studi Milano Bicocca)
uniurb.it (Università Degli Studi di Urbino)
unibo.it (Università Degli Studi di Bologna)
unipv.it (Università Degli Studi di Pavia)
unina2.it (Seconda Università Degli Studi di Napoli)
unile.it (Università del Salento)
polimi.it (Politecnico di Milano)
unito.it (Università Degli Studi di Torino)
unimo.it (Università Degli Studi di Modena e Reggio Emilia)

Is not clear if the attack was perpetrated as a revenge for the campaign against the “Italian Chapter” of Anonymous, but, of course, it had ample space on media, rasing many questions and concerns even among non-professionals. The chancellors of the affected universities (among which “La Sapienza di Roma and the Politecnico di Milano, etc), immediately replied that the deployed countermeasures were able to stop the attack and in many cases no sensitive data were stolen.

Even if the attack details have not been unleashed, it looks like this might be yet another occurrence of an SQL Injection attack which may be considered the real lethal weapon of this tremendous 2011 (if we do not consider DDoS attacks which are not considered an elegant vector by “purists”). I do not know if, as Veracode claims, 10.000 bucks would have prevented the Sony Breach, but for sure more secure coding and a more efficient deploying of Web/DB firewall are necessarily needed.

Another aspects concerns the Italian 193/2006 law, which in theory obliges each institutions managing sensitive data (such as passwords), to keep them encrypted. Regulations are useless if not properly audited: I must confess I had the opportunity to analyze the torrent and I may confirm that in several cases leaked data include e-mails and passwords in clear. As a consequence, the question among infosec professionals is legitimate: why those data were not stored in compliance with the above quoted law? Regardless of the method used, if the attackers meant to show security weaknesses (in technology and regulations) probably they were successful, up to the point that several lawyers with expert knowledge in privacy claim that students may in theory obtain compensation for damage caused by poor security measures taken by universities.

In any case the declarations made by the Italian Anonymous suggest that this could only be the first occurrence. Are we ready for that?

Follow

Get every new post delivered to your Inbox.

Join 2,943 other followers