Subject: Editorial, General Tech | April 5, 2012 - 04:14 AM | Scott Michaud
Tagged: China, hack, Anonymous
China has been the target of numerous successful hacking attempts by Anonymous over the last week. Many sites were defaced and in some cases data such as accounts and e-mail addresses were compromised.
Anonymous has ramped up their activism over the last six months beyond their usual DDOSing and intrusion of US government and corporate websites. Last autumn Anonymous threatened to expose members of Mexican drug cartels although that initiative faded away without too much controversy later in the year. This year they have instead assaulted the Chinese Government.
This could get just as messy as the drug cartels.
Much of the defacing attempts broadcast, in both English as well as Chinese, messages about the Chinese Government and their practices. One such message states:
Your Government controls the Internet in your country and strives to filter what it considers a threat for it. Be careful. Use VPN for your own security. Or Tor.
The attacks have been sustained for over a week at this point. 486 compromised sites have been listed on Pastebin as of March 30th. There does not appear to have been any public response from the Chinese Government at this point.
What sticks out to me the most is how widespread the attack on Chinese online infrastructure appears to have been despite China’s traditional focus towards cyber security. Regardless of who you are, or what you have previously been capable of, you need to take security seriously as true security is extremely difficult.
Subject: General Tech | July 26, 2011 - 10:00 PM | Scott Michaud
Tagged: paypal, Anonymous
Recently there was a lot of news about alleged members of Anonymous getting arrested by the FBI across America. 40 search warrants were served against people accused of attacking Paypal from a list, provided by the company, of one-thousand IP addresses carrying the most traffic during the time period of Anonymous’ “Operation Payback”. Wired also has the affidavit from the July 19th search of a couple from Arlington, Texas and their son which includes the ability to seize electronic devices either allegedly used in the attack or contains evidence of the attack.
The importance of living up to your name.
While these searches did not necessarily lead to arrests and were with warrant the concept of linking an IP address with a person is often hotly debated. The “LOIC” tool, a program designed to direct a large amount of traffic at a computer often with the intent of diluting system resources from what the computer is supposed to do, gets its name from the Command and Conquer super weapon, the Low Orbit Ion Cannon. In many cases, traffic from LOIC is easily identifiable as it contains vanity strings as its attack payload and often comes from the user’s personal IP address (not very anonymous); that said, there is nothing to say that the same effects could not be caused by one person controlling an army of a thousand or more virus-infected computers. While I am not commenting on the situations themselves, I do hope that the FBI had more evidence for their 40 warrants than just a random selection of addresses on that list.
Subject: General Tech | May 6, 2011 - 09:20 AM | Tim Verry
Tagged: sony, Internet, Data Breach, Anonymous
As Sony analyzed the forensic data of the recent PSN/SOE attack, they discovered a text file named "Anonymous" and containing the phrase "We are legion," according to Network World. As a result of this, Sony even went so far as to accuse the hacker group as the responsible party in hacking the Playstation Network (and stealing customers' information) in a letter to the U.S. congress.
Anonymous responded to the implications brought by Sony today. Network World reports that Anonymous has stated they were not involved in the attack and that "others performed the attack with the intent of making Anonymous look bad." Based on a press release by the hacker group, it's prior victims had motive to irreparably defame the group in the public eye. Anonymous stated that they have never been involved in credit card theft. Further, they claim to be an "ironically transparent movement," and had they truly been behind the attack they would have claimed responsibility for their actions.
The press release goes on to state that "no one who is actually associated with our movement would do something that would prompt a massive law enforcement response." They further claim that the world's standard fare of Internet thieves would have invested interest in making Sony and law enforcement agencies believe it was Anonymous to throw police off of their trail.
The hacker group names such former victims as Palantir, HBGary, and the U.S. Chamber Of Commerce of being organizations that would like to discredit Anonymous. "Anonymous will continue its work in support of transparency and individual liberty; our adversaries will continue their work in support of secrecy and control," they state in their press release "we are anonymous."
As Anonymous, Sony, and spectators the world over debate, the affected public continues to wait for the true identies of the hackers involved in stealing 77 milion Sony customers' private information to come to light.