Anonops #16: Snowden leaked it all, who is next?

quote:

Join us on June 5th to Reset the Net


The NSA has corrupted the Internet. On June 5, we will Reset the Net. We hope you’ll join us.

June 5 is the one-year anniversary of the first documents leaked by Edward Snowden. While EFF has been fighting NSA surveillance for years, 2013 marked a new chapter in our battle against mass spying. The documents made it clear to everyone why we care so much, and why they should too.

Surveillance affects everyone, in the United States and internationally. Millions of innocent people have had their communications swept up by the NSA’s dragnet surveillance. Thomas Drake, former NSA official and whistleblower described recently retired NSA chief General Keith Alexander’s surveillance philosophy: “He is absolutely obsessed and completely driven to take it all, whenever possible.” This philosophy clearly underpinned his nearly nine year tenure at the NSA. In addition to this collect-it-all strategy, the NSA has used tactics such as deploying malware, trying to weaken encryption, and other sophisticated techniques that make the Internet less secure.

Mass surveillance is toxic for the Internet. The Internet is a powerful force that can promote democracy, innovation, and creativity, but it’s being subverted as a tool for government spying.

That’s why EFF has joined with dozens of other organizations in calling for a day of action to Reset the Net. On June 5th, Reset the Net is asking everyone to help by installing free software tools that are designed to protect your privacy on a computer or a mobile device. Reset the Net is also calling on websites and developers to add surveillance resistant features, like HTTPS and forward secrecy.

Don’t wait for your privacy and freedom. Start taking it back.

quote:

Japan’s Government Party LDP Sponsored and Cultivated the Right Wing in Underground Anonymous 2channel Board

In Japan, there is a massive discussion board with 230 million page views per day called 2channel. It has played an important role on the Japanese internet for 15 years. It is an anonymous textboard, attracting the most Net traffic in the country.

Since　Feb 19 2014, however, a conflict between Hiroyuki Nishimura ( the founder of 2channel and, until recently, its manager ) and his business partner Jim Watkins (an ex-U.S Army commander ) regarding its administration and ownership suddenly became clear. Consequently, Mr Watkins secured the domain name, administrative rights and everything by exploiting his status as a 2channel administrator. He then expelled Nishimura from the site, and now maintains it himself.

Through this internal strife, the existence of a paid service to delete postings of 2channel was uncovered on April 2, by a sudden announcement from Hiroyuki’s business partner, Mr Uchiyama, Hotlink, Inc‘s president .

Mr. Uchiyama’s company, Hotlink, has been tied up with 2channel in an exclusive contract, and offered to monitor and delete negative threads and comments about its customers. And it was detected that among its customers was listed Japan’s ruling government party, the LDP. This information was uncovered by anonymous 2channel users. In fact, this privileged access to delete opinions was not widely known by internet users, and caused considerable alarm.

This service is, though its overall figure is unknown, thought to have administrative access rights to 2channel:

（From a company press release. after the Merger and Acquisition Process, Hotlink is now a member of this ”Net Defamation Basters” team.）

Further, according to Hotlink, the data is supplied exclusively from 2 channel. Since anyone can see 2channel’s posts freely, one question that occurs is ”What kind of data did the ex-administrators sell?” They may have included personal data Hiroyuki collected without the permission or knowledge of users. This suspicion is corroborated by a 2013 scandal where personal information of 40,000 2channel customers was leaked; administrators recorded the user name, address, phone number, post logs, credit card number and security code, all without the users' consent. For what purpose did they collect all this personal data unless it was to sell it?)

Among several shady channels, Hotlink’s customers included Japan’s ruling government party, the LDP, alongside several business giants. And as for official announcements stated below, the LDP used the service offered by Hotlink in the 2013 House of Councillors election.

Then, the contracts and money goes from LDP to Hotlink and then to the Hiroyuki-owned 2channel. Therefore, the sponsor of 2channel is, in reality, Japan’s Government Party LDP. Those disclosures were shocking because, according to its own official announcement, 2channel is a discussion board with no commercial interest. Administration is done by unpaid volunteers, and everybody was told that the highest value of the board was nothing but FREE SPEECH.

Suspicion about this tie-up with Hotlink goes even further; how far did the scope of their services go? One serious issue is whether or not Hiroyuki gave a privileged deal to the Government Party LDP. Hotlink officially boasts they can control and ”extinguish the fire” of harsh criticism in internet communities.

If so, had they abused the data from 2channel administrators in order to stop the spread of information or opinions that the Japanese government disliked on 2 channel? Also, in some 2channel boards, administrators have special access to permit or deny the creation of threads. Those with an agenda on 2channel could have intentionally dismissed the creation of topics, or arbitrarily deleted comments or threads which Japanese Government Party LDP did not want to allow discussion of. So, the LDP sponsored Hiroyuki may have manipulated the opinions of a self-professed "independent discussion board".

This hypothesis is not as absurd as it may have sounded a few years ago. As the Wall Street Journal pointed out, it is widely recognized that Japan has seen a recent increase in Right Wing thought. And this tendency has been stronger on 2channel, where hate speech is particularly prevalent. Also, anti-nuclear activists or politicians (like Naoto Kan, Mizuho Fukushima, Junichiro Koizumi) were fiercely defamed. But now, strangely, the attacks against those figures suddenly ceased since the LDP-linked Hiroyuki lost his administrative rights on 2channel.

This is the 1st page of Google results when you google ” South Korea history ” in Japanese. Most of the results are nationalistic hate speech towards South Korea. They are 2channel and affiliate sites led by Hiroyuki and his business partners. Also, Google’s 1st suggestion when you enter ”South Korea history” is ” South Korea history fabrication”.

Propaganda activity on the internet is not exclusive to Japan. Mr. Edward Snowden taught us that:



（Documents from the article released by Mr Glenn Greenwald)

In my observation, many governments are obsessed with penetrating and controlling internet discussion secretly. Now, 2channel is completely ”occupied” by ex U.S. Army officer Mr. Jim Watkins.

Both ２channel and Social Media may not be the perfect egalitarian forums for discourse that netizens once thought. However, we have to face and understand that fact in order to make rules and institutions on the internet.

[Takanori Eto]

Translated and mirrored from http://echo-news.net/en/l(...)ymous-2channel-board with permission

twitter:

Falkvinge twitterde op zaterdag 31-05-2014 om 20:34:26 According to Swedish oldmedia, Peter Sunde (@brokep) was just arrested by police, having formally been a fugitive since the TPB pretendtrial reageer retweet

quote:

Anonymous dreigt met cyberaanval op WK-sponsors

Het hackerscollectief Anonymous heeft gedreigd een cyberaanval te willen plegen op de sponsors van het Wereldkampioenschap voetbal in Brazilië. Bedrijven zoals Adidas, Emirates Airlines, Coca-Cola en Budweiser moeten vrezen voor hun websites, zo meldt Reuters.

Het WK voetbal dat op 12 juni in São Paulo van start gaat, kon al op heel wat verzet rekenen. Demonstranten protesteren tegen de Braziliaanse overheid die miljarden dollars aan het sportevenement uitgeeft, terwijl het Zuid-Amerikaanse land aan armoede ten onder gaat.

De actievoerders hebben nu een nieuwe bondgenoot. Anonymous liet aan Reuters weten de belangrijkste sponsors van het WK onder de loep te nemen. 'We zijn nagegaan welke sites het meest kwetsbaar zijn en hebben al een plan opgesteld.' De bewuste bedrijven willen niet reageren op de bedreiging.

quote:

Bombshell TrueCrypt advisory: Backdoor? Hack? Hoax? None of the above?

A sampling of theories behind Wednesday's notice that TrueCrypt is unsafe to use.

quote:

Wednesday's bombshell advisory declaring TrueCrypt unsafe to use touched off a tsunami of comments on Ars, Twitter, and elsewhere. At times, the armchair pundits sounded like characters in Oliver Stone's 1991 movie JFK, as they speculated wildly—and contradictorily—about what was behind a notice that left so many more questions than answers. Here are some of the more common theories, along with facts that either support or challenge their accuracy.

quote:

TrueCrypt krijgt doorstart

Enkele Zwitserse activisten van de Piratenpartij werken aan een doorstart van de bekende encryptiesoftware TrueCrypt, die deze week offline ging.

De mysterieuze ontwikkelaars van TrueCrypt trokken eerder deze week de stekker uit het project. Ook waarschuwden ze dat het programma onveilig zou zijn. Ze raadden gebruikers aan te migreren naar Bitlocker. Op de originele TrueCrypt-site staat nog slechts TrueCrypt 7.2, waarmee het alleen mogelijk is om versleutelde TrueCrypt-bestanden te decrypten.

Zwitsers Thomas Bruderer en Joseph Doekbrijder, ex-president en ex-vicepresident van de Zwitserse Piratenpartij, zijn nu TrueCrypt.ch gestart als een soort doorstart. De laatste werkende versie, TrueCrypt 7.1a, is door de Zwitsers weer online gebracht, hoewel zij ook waarschuwen voor mogelijke beveiligingsproblemen.


Fork

De Zwitsers willen met hun project meewerken aan een 'fork', een afsplitsing van het originele TrueCrypt. Die zou waarschijnlijk wel een andere naam krijgen. De huidige ontwikkelaars van TrueCrypt zijn onbekend. Dat zou volgens de Zwitsers voor hun fork juist niet moeten gelden.

De Zwitsers wachten voor de fork op de uitkomst van het
Crypto Open Audit-project. Het onderzoek is nog maar gedeeltelijk afgerond.


Oproep voor hulp

De Zwitsers doen ook een oproep voor mensen die willen helpen om beveiligingsrisico's in kaart te brengen. Ook wordt gezocht naar experts die kunnen helpen om juridische problemen op te lossen. Met de hosting in Zwitserland zou de juridische dreiging al minder zijn.

quote:

Reddit, Imgur and Boing Boing launch anti-NSA-surveillance campaign

The Reset the Net campaign aims to encourage direct action, urging visitors to install privacy and encryption tools



Some of the world's largest websites are planning a coordinated day of action on Thursday to oppose mass surveillance online.

The sites, which include Reddit, Imgur and BoingBoing, will be taking part in the campaign, called "Reset the Net", in a number of ways.

Some will showing a splash screen to all users, reminiscent of the one used in the successful protests against SOPA, the US copyright bill which many feared would damage the backbone of the internet. But rather than telling users to write to their electoral representatives, this protest will push more direct action, encouraging visitors to install privacy and encryption tools.

Other sites have committed to improving their own privacy as part of the campaign, by enabling standards such as HTTPS, which prevents attackers from eavesdropping on visitors. Such security standards are common in the world of ecommerce, but rarer for sites which don't think of themselves as holding sensitive information.

"We can take back control of our personal and private data one website, one device, one internet user at a time," said Reddit's General Manager Erik Martin. "We’re proud to stand up for our users’ rights and help Reset the Net."

The campaign is being co-ordinated by Fight for the Future, whose co-founder Tiffiniy Cheng said "Now that we know how mass surveillance works, we know how to stop it. That’s why people all over the world are going to work together to use encryption everywhere and make it too hard for any government to conduct mass surveillance.

"There are moments in history where people and organisations must choose whether to stand on the side of freedom or tyranny. On June 5th, the internet will show which side it’s on.”

quote:

Agriculture Giant Monsanto Hacked

Monsanto says March breach saw some financial data compromised

Agriculture provider Monsanto has admitted to a breach of its servers, affecting 1300 farmers, with some credit card information leaked.



A letter dated 14 May from the company’s Precision Planting unit to the Office of the Attorney General in Baltimore warned that a number of citizens in the area had been affected by the breach.

Monsanto breached

The breach was detected on 27 March, when Monsanto uncovered unauthorised access to its systems from an outside party, who compromised files on the affected servers with personal information, including customer names, addresses, tax identification numbers, social security numbers and in some cases financial account information.

Some human resources data was stored on the servers too, including tax forms that contained employee names, addresses and social security numbers and some driver’s license numbers.

“We believe this unauthorized access was not an attempt to steal customer information; however, it is possible that files containing personal information may have been accessed and therefore we are making this notification,” said Reuben Shelton, senior counsel for Monsanto, in the letter.

“The incident has been contained and we have partnered with a leading forensics firm to understand and remediate this issue. In addition, we have asked the Federal Bureau of Investigation for assistance.

“We are not aware of any misuse of any information from this incident, but we are notifying all of the affected individuals and providing them with free one-year membership of credit monitoring and identity theft insurance.”

On 24 May, an Anonymous group called Operation Green Rights claimed it had attacked Monsanto and a range of other firms in an effort to shine a light on what it called the “polluting and contaminating” of natural resources.

Later in the month, the group said: “ We have found many confidential documents within an account of a former Monsanto employee.

“Therefore, we are following up by obtaining archives from two other Monsanto subsidiaries and are investigating further.”

It has not yet taken credit for the March breach. An Anonymous group claimed to have hacked Monsanto in 2011.

Protests against Monsanto were held last month too, as demonstrators sought to express their anger over alleged aggressive business practices and their dislike of genetically modified crops.

quote:

#OpWorldCup: Brazil Government websites hacked by DK Brazil Hackteam



An anonymous affiliated hacker group called as "DK Brazil Hackteam & An0nнat" targeting Brazil government and defaced several Brazil Government websites in recent days.

The hack is part of an ongoing operation called "#OpWorldCup" which. The operation is appeared to be a protest against the upcoming 2014 FIFA World Cup that is scheduled to take place in Brazil.

The group has defaced two Brazil government websites www.saobento.ma.gov.br and Brazil's Barro Municipality (barro.ce.gov.br/).

The group has defaced plenty of Brazil Government sites at the end of last month. They hacked the following the websites so far: www.novaluzitania.sp.gov.br/, indaial.sc.gov.br/, igarapedomeio.ma.gov.br/, procon.sp.gov.br.

quote:

Why Anonymous threats should not be ignored

International hacktivist group Anonymous is causing fear within the business and technology community once again, after a supposed Anonymous spokesperson warned that World Cup sponsors are next on the hit list.

In an interview with Reuters, a masked hacker going by the name of Che Commodore revealed that preparations have already begun for a full-scale cyber-attack on sponsors such as Coca Cola, Budweiser, Emirates Airlines and Adidas.

The hacktivist group, which claims to use cyber-attacks as a method to target social injustice, has been known to target high profile networks in the past, generally relying on DDoS attacks as the weapon of choice. Last year Google Malaysia was targeted by hacktivists who spread the message "Google Malaysia STAMPED by PAKISTANI LEETS”. Similarly, the New York Times website was taken offline by an attack leaving readers unable to access content for several hours.

This time the Anonymous is said to be angry at the Brazilian government for their decision to host the World Cup at the expense of millions, despite the poor social standards of many Brazilian citizens. As previous threats from the hacktivist group have proven to be real, corporations and international governments alike must treat this latest threat with the severity it deserves.

What is most worrying is that Anonymous may have already laid the groundwork of its malicious attack and any organization that hasn’t taken the necessary steps to protect against stealth attacks, could be at serious risk. Che Commodore has already sinisterly claimed to be searching for the back doors into the network having “conducted late-night tests to see which of the sites are more vulnerable.”

Such attacks as those previously carried by Anonymous usually rely on Advanced Evasion Techniques (AETs) to exploit vulnerabilities in network gateways and allow Advanced Persistent Threats (APT) to be delivered. Unless measures have been taken to detect these evasion techniques, it is likely an APT could already have penetrated deep into the network of any organisation targeted by Anonymous.

AETs are methods of disguise used to target networks undetected and deliver malicious payloads. Often, AETs take advantage of rarely used protocol properties in unexpected combinations. Using AETs, an attacker can split apart an exploit into pieces and bypass traditional security methods such as a firewall or IPS appliance. Once inside the network, the attacker can then reassemble the code to unleash malware and continue APT attack.

Most IPS and firewalls are not capable of detecting AETs, as while many can pass industry tests with high ratings, those ratings are based on protection against a limited number of threats. Although the exact number of AETs is unknown, it is close to hundreds of millions – many of which are not covered by standard firewalls. As such, the stealth-like presence of AETs means that they can go undetected on a network for weeks, or even months, at a time.

In a recent study by McAfee, it was uncovered that on average, those who experienced a security breach in the last 12 months reported a cost to their organization of over £600,000, which of course doesn’t taken into account reputational damage As such, those threatened by Anonymous must act fast.

If AETs have been used by the hacktivist group, those targeted by Anonymous may already be compromised. The trap may already be set, with malware lying dormant on organizations' networks, ready to attack. It is therefore important that these brands take serious measures to identify such threats and remove them as soon as possible, before Anonymous has a chance to strike.

quote:

Hackers face life sentences in Britain

To reflect the damage they might cause.

Tough new penalties for computer hackers who jeopardise national security may come into effect in Britain under measures introduced in the Queen's Speech overnight.

The UK Government wants life sentences to be imposed on hackers that sabotage computer networks and cause deadly civil unrest through cutting off food distribution, telecommunications networks or energy supplies, under a new Serious Crime Bill.

The UK government will seek to amend the 1990 Computer Misuse Act "to ensure sentences for attacks on computer systems fully reflect the damage they cause."

Currently, the law provides for a maximum sentence of ten years' imprisonment for those who commit the offence of impairing a computer. A new, aggravated offence of unauthorised access to a computer will be introduced into the Computer Misuse Act by the government, carrying far longer sentences.

A hack that causes deaths, serious illness or injury, or is found to seriously damage Britain's national security will be punished by life in prison under the proposed new law.

Environmental damage, or serious hurt to the economy through hacking could land offenders with a fourteen year stretch in gaol if the government gets its way.

As of today, Britain has suffered no such serious cyber attacks. The UK government's National Security Strategy [PDF] nonetheless puts hacking on par with terrorists incidents, international miltiary crises and major accidents or natural hazards, as the country's highest priority risk.

quote:

Exclusive: How FBI Informant Sabu Helped Anonymous Hack Brazil

quote:

In early 2012, members of the hacking collective Anonymous carried out a series of cyber attacks on government and corporate websites in Brazil. They did so under the direction of a hacker who, unbeknownst to them, was wearing another hat: helping the Federal Bureau of Investigation carry out one of its biggest cybercrime investigations to date.

A year after leaked files exposed the National Security Agency's efforts to spy on citizens and companies in Brazil, previously unpublished chat logs obtained by Motherboard reveal that while under the FBI's supervision, Hector Xavier Monsegur, widely known by his online persona, "Sabu," facilitated attacks that affected Brazilian websites.

The operation raises questions about how the FBI uses global internet vulnerabilities during cybercrime investigations, how it works with informants, and how it shares information with other police and intelligence agencies.

After his arrest in mid-2011, Monsegur continued to organize cyber attacks while working for the FBI. According to documents and interviews, Monsegur passed targets and exploits to hackers to disrupt government and corporate servers in Brazil and several other countries.

Details about his work as a federal informant have been kept mostly secret, aired only in closed-door hearings and in redacted documents that include chat logs between Monsegur and other hackers. The chat logs remain under seal due to a protective order upheld in court, but in April, they and other court documents were obtained by journalists at Motherboard and the Daily Dot.

quote:

Hundreds sign up to protest outside GCHQ in Cheltenham

Hundreds of people have signed up to protest against Cheltenham-based listening post GCHQ.
The event, organised on social media site Facebook, aims to say “enough is enough” to the organisation following the Edward Snowden leaks.

Running from August 29 to September 1, it is organised by the group Anonymous.
A statement on the page said: “With all the latest leaks coming out about the power of GCHQ, the NSA and Five Eyes it is high time that we showed our faces and said enough is enough.”

A GCHQ spokes person said: "People have a right to protest peacefully within the law.

"All of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position."

#OpHackingCup - Let The Games Begin

quote:

#OpHackingCup_

=======================================================================================================================================
:00 - The Motivation_
--------------------------------------------------------------------------------------------------------------------------------------
:00:00 ::

#OpHackingCup - Let The Games Begin

Hello, citizens of the world; we are Anonymous.

As time for World Cup approaches, we have witnessed a crescent frequency of hacking attacks for the Anonymous ideal. Only for the last week there were two invasions with big repercussion on the media, one that was the leaking of Itamaraty Palace documents - central to the Ministry of External Relations. Among these papers, the most are considerate sigilous.

We'd like to clarify for what reasons cyberactivists act in these ways.

How many billions of dollars from public funds were spent to build and reform the stadiums that will host the Cup, aside other builds that will bring very little or no legacy to the population. What does justify, for example, to build a new stadium at Manaus city, at state of Amazonas? In which ways were executed the fiscalization of how the public money is being used on these builds, principally the ones that need to be finished in matter of urgency due to delays - many times resulted by increase of costs (it's estimated that the cost of the stadiums have increased 163% compared to the initial prevision). It is valid to remember that the promess included the private initiative would take the outgoing of building the stadiums.

We can't accept pacifically any more the violations on people's basic rights practised because of this event. For preparation we can understand: 1. hygienization and elitization of the cities, denominated to it for, above all, the property speculation and for the violence against the local population on scale of streets occupying the big centers;
2. unjustifiable outlay to intensify the security (and the repression) against the manifestations that may happen during the games, allied to draft laws which marginalize and criminalize the manifestants;
3. to guarantee that no one - except for the locals and people with tickets - approach the stadiums on game days, aside the non-authorized vendors won't be allowed to open certain hours before and after the games, even that for this the freedom of come and go be limited, forbidding things like visits to the local people, among other situations.

The on-line actions, just as the protests on the streets, are part of a resistance against this model that has become so evident to ordain and dis ordain of this mega corporation which is FIFA on this country, against the influence of economic power on political decisions and against polarization of the profit counterpointing the basic right of a whole population, and, therefore, are legitimate.
"There is no fairness on following unfair laws", said Aaron Swarz, infamous programmer and fighter for a free internet.

About the cybernetic security on Brazil:
Right after the leaks Edward Snowden revealed - National Security Agency (N.S.A.) ex-functionary, - department which would be monitoring the Brazilian government, which got to a Inquiry Parliamentary Commission (aka C.P.I.) to be opened to investigate the case, which is already closed, with the most obvious conclusion: there is vulnerability in the whole cybernetic governmental system, clearly for lack of investment. The C.D. Cyber (Center of Army's Cybernetic Defense), responsible for Brazilian cybernetic security have had their amount cut for years: about forty nine and half millions of dollars in the year of twenty-twelve, forty millions last year and thirty-one millions in this very year, even after Snowden's leaks.

The eyes of the world will be turned to Brazil: we will show to everyone how fake is and always was this Brazilian government and FIFA.

=======================================================================================================================================
:01 - The Communication_
--------------------------------------------------------------------------------------------------------------------------------------
:01.00 :: Twitter Account @AnonBRNews

=======================================================================================================================================
:02 - The Targets_
--------------------------------------------------------------------------------------------------------------------------------------
:02:00 :: The Tweets indicating the targets will start at 2014-06-11T14:00:00Z;

=======================================================================================================================================
We are Anonymous
We are Legion
We do not forgive
We do not forget
Expect us

quote:

Anonymous Denmark targets Socialist Party (SF) for signing mass surveillance bill

The online hacktivist Anonymous has target Denmark’s political party (Socialistisk Folkeparti, SF in Danish language) for signing and passing mass Internet surveillance bill from the parliament yesterday.

Despite criticism from experts and human right organizations, the Danish parliament approved bill that will allow government to keep track of user’s activity on the Internet. This has been done through an approval of the controversial bill on the Center for Cyber ​​Security.

Anonymous Denmark seems unhappy with the surveillance bill and decided to leak confidential information of officials at Socialistisk Folkeparti, SF party. Anonymous left a brief message on Pastebin along with personal details of 22 officials and database of SF party’s official website.

The leaked data contains names, emails, encrypted passwords, social security numbers, addresses, city and zip codes. While the message states that:

Anonymous Netherlands Warning To Anonymous Raves

SPOILER

Om spoilers te kunnen lezen moet je zijn ingelogd. Je moet je daarvoor eerst gratis Registreren. Ook kun je spoilers niet lezen als je een ban hebt.

quote:

Anonymous hackers bring down websites just hours before kick-off

HACKERS have targeted a number of World Cup-related websites in a large scale cyber attack ahead of the tournament opener.

Well known group Anonymous, who have brought down the US defence website, Amazon and other large websites in the past, are purposefully disrupting the sites to send a message to the Brazilian government.

The cyber attackers are using a system called DDos, Distributed Denial of Service , which forces websites to crash by sending high levels of traffic.

Hackers at Anonymous Brazil say they want the government to respect the people's needs.

One of those involved, known as Che Commodore, said: "Companies and institutions that work with a government that deny the basic rights of its people in order to promote a private, exclusive and corrupt sports event will be targeted.

"We had a busy last few days and there is more still to come."

The World Cup has become hugely unpopular in the country.

Expensive security measures, brand new stadiums and poor transport options have caused uproar among workers and residents close to World Cup sites.

Brazilians have called for much more organisation and planning from the government in the future.

In reaction, the hackers have targeted government websites and intelligence agencies.

There are said to be 27 websites linked to government activity that have been brought down by Anonymous, one of which is the Matto Grosso state site.

A spokeswoman for the local government said: "Our site was hacked.

"We were able to take it off the air and restore the service within 30 minutes."

Sites belonging to the Sao Paulo police, the Sao Paulo Metro (where workers are striking) and the Brazilian Football Confederation.

The names are included on a long list but some companies and bodies have denied being hacked.

Last month, it is believed Anonymous hackers infiltrated the foreign ministry's email service.

They were able to see dozens of classified documents including a list of foreign leaders planning to attend World Cup matches.

Computer experts are now warning it may be too late with many sites already infected.

William Beer, a cyber security analyst said: "Even though people are starting to realize there are problems, a lot of sites have probably already been attacked and are infected."

quote:

Hackers Warn Of Cyber Attacks On Oil Companies In Saudi, UAE, Qatar

The threat has been issued by Anonymous, a politically motivated group of hacktivists, according to Symantec.

A Middle East-based group of hackers has issued a threat warning of cyber attacks against oil, gas and energy companies in the Middle East, security firm Symantec has revealed.

The threat, made by Anonymous, a politically motivated group of hacktivists, states that they are planning to attack before, during, and after June 20, 2014.

This is due to Anonymous disagreeing with the US dollar being used as the currency to buy and sell oil, Symantec said.

According to the security firm, governments that may be attacked include those in Saudi Arabia Kuwait and Qatar.

Some of the possible company targets include Kuwait Oil Company, Petroleum Development Oman, Qatar Petroleum, Saudi Aramco, ADNOC, ENOC and Bahrain Petroleum Company.

While there are limited details regarding the tools that will be used, based on previous observations, Symantec said the attacks will most likely include distributed denial of service (DDoS) attacks, phishing/spear-phishing emails, intrusion and data-theft attempts, vulnerable software exploration, web application exploits, and website defacement.

“Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility,” the company said.

The Middle East’s petrochemical industry has been vulnerable to cyber attacks over the last few years, and Saudi Aramco, the world’s biggest oil producer, was hit by a major virus infection in August 2012.

Security experts have warned that the region is not well-prepared to deal with cyber crime and is susceptible to attacks.

Symantec said it has detection measures in place regarding the recent threat and also issued the following recommendations:

· Use a layered approach to securing your environment, including enterprise-wide security monitoring.

· Deploy network intrusion detection/prevention systems to monitor network traffic for malicious activity.

· Ensure all operating systems and public facing machines have the latest versions and security patches, and antivirus software and definitions up to date.

· Ensure all web servers are patched, configured to minimise the impact of DoS/DDoS attacks, and hardened against external threats.

· Utilise web application firewalls as a front-line defense against attacks.

· Ensure your IT and IT security staff are prepared and know what they need to do in the event of attack.

· Discuss DoS/DDoS mitigation strategies with your upstream provider and ensure they are aware of this threat.

· Ensure relevant third party vendors are also aware and accessible.

· Utilise DDoS protection services.

· For technologies not monitored/managed by MSS, ensure all signatures are up to date, including endpoint technologies.

· Ensure systems have a running firewall, unnecessary ports are closed/blocked, and unused services are disabled.

· To reduce the impact of latent vulnerabilities, always run non-administrative software as an unprivileged user with minimal access rights.

· Do not follow links or open email attachments provided by unknown or untrusted sources.

· Ensure staff is educated on social engineering and phishing techniques

quote:

Massive security flaws allowed for Stratfor hack, leaked report reveals

The intelligence firm at the center of a notorious cybersecurity breach that affected top government officials failed to institute standard security measures prior to the attack, according to a newly leaked report.

In December 2011, a group of skilled hackers broke into the network of Strategic Forecasting, Inc. (Stratfor), compromising the personal data of some 860,000 customers, including a former U.S. vice president, CIA director, and secretary of state, among others.

The hackers, known collectively as AntiSec, exfiltrated approximately 60,000 credit card numbers and associated data, resulting in a reported $700,000 in fraudulent charges. Roughly 5 million internal emails were obtained by the hackers and later released by the whistleblower organization WikiLeaks as the "Global Intelligence Files."

For Stratfor, a Texas-based geopolitical intelligence and consulting firm, the incident was an international embarrassment that caused roughly $3.78 million in total damages—and all of it could’ve been avoided by meeting common fraud prevention requirements.

Based on confidential internal documents obtained by the Daily Dot and Motherboard, Stratfor employed substandard cybersecurity prior to the infiltration that left thousands of customers vulnerable to potential identity theft. The documents also lend credibility to statements made by Hyrriiya, a relatively unknown hacker who claimed responsibility for the breach.

The Daily Dot–Motherboard investigation is based on a cache of sealed court documents—roughly 3 gigabytes of previously unseen chat logs, warrants, and various government reports—some of which was collected by Hector “Sabu” Monsegur, a hacker-turned-informant. Evidence provided by Monsegur was used to convict eight members of Anonymous, including Jeremy Hammond, who is currently serving the remainder of a 10-year sentence for his role in the attack.

According to the documents, Stratfor engaged Verizon Business/Cybertrust to “conduct a forensic investigation” into the breach on Dec. 30, 2011, and requested that findings be shared with the Federal Bureau of Investigation. Verizon's security team inspected the computers at Stratfor's office shortly after the attack, as well as servers later confiscated by federal agents from CoreNAP, an Austin-based data center that hosted Stratfor's customer information.

In a 66-page report filed Feb. 15, 2012, Verizon concludes in painful detail that Stratfor had insufficient control over remote access to vital systems, and that those systems were not protected by a firewall and lacked proper file integrity-monitoring. (Editors’ note: The full report can be viewed below. Only Internet protocol addresses and private customer information have been redacted.)

"In light of a confirmed system breach,” Verizon reports, “it should be noted that several distinct vulnerabilities and network configurations existed that allowed this breach and subsequent data compromise to occur.”

For starters, at the time of the attack, no password management policy existed within Stratfor. Passwords were at times shared between employees, and nothing prevented the same passwords from being used on multiple devices. “Users commonly use the same password to access email as the password to remotely access a system containing sensitive information,” the report states.



According to Verizon, no anti-virus software had been deployed on any of the examined systems, which left Stratfor “wide open to not only the more sophisticated and customized hacker attempts, but also to other viruses.” While a firewall was in place for the office portion of the Stratfor network at the time of the breach, it was not properly configured to retain any useful information.

Moreover, Stratfor would have been immediately notified of attempts to exfiltrate its customer data and internal emails had it implemented a proper file-monitoring solution. Such a security precaution could have prevented Stratfor's customer data from being stolen by AntiSec in the first place.

Another "significant factor" in the breach was the design of Stratfor's e-commerce environment, which facilitated the electronic transfer of payments by its customers. According to the report, this system was accessible, needlessly, from anywhere within the company's network, "as well as the Internet directly."

Verizon also discovered traces of exfiltrated cardholder information from the e-commerce environment within Stratfor's mail server. That indicates that there were latent flaws in the architecture of the company’s network.

“This finding highlights the inherent problems around the lack of network segregation between the corporate Stratfor environment and the payment and e-commerce environment," the report claims.

Verizon concluded that Stratfor's customer payment system, at the time of the attack, met only three out of the 12 fraud prevention requirements maintained by the report, which were taken from Visa’s fraud control and investigations procedures. Eight of those requirements, which were not met, directly contributed to the breach.

“Typically you’ll find a company deficient in one or two key areas,” noted Kevin Cunningham, the president and founder of SailPoint, a leading independent identity and access management provider. “This is an extreme case and a breakdown of a magnitude I’ve never seen before.

“Security is an interesting dynamic between risk and flexibility,” he continued. “You have to define your policy and ensure that controls are in place. In this case, it doesn’t look like they had any policies defined. It’d be like not only leaving your front door unlocked and your windows open, but also your family jewels on the kitchen table.

“It was an accident waiting to happen.”

Along with the names, credit card numbers, and affiliated data for Stratfor's customers, AntiSec hackers obtained card verification values, the three-digit number located on the back of payment cards. It’s against payment card industry data security standards (PCI DSS) for merchants to retain those codes, according to the PCI Security Standards Council. (The report speculates that since Stratfor outsourced its payment processing functions, the organization may not have been directly required to adhere to these payment industry standards.)

PCI DSS also require credit card numbers to be encrypted when digitally stored by merchants. Stratfor’s founder and CEO previously admitted to storing unencrypted data in an official statement. It was this cardholder information that was stolen by AntiSec in December 2011.

Stratfor ultimately settled a class-action lawsuit with its customers over the losses in June 2012 for a reported $1.75 million.

Interestingly, Verizon also found evidence of another breach that accessed cardholder information: “Analysis of the Zimbra mail server provided Verizon Business with evidence that the intruder(s) created the database dump file (which was later exfiltrated from the STRATFOR environment) on November 16, 2011.”

That discovery appears to further validate the claims of Hyrriiya, an Anonymous hacker known for his cyberattacks on Syrian government websites. In a May 2012 letter sent to Hammond’s attorneys, Hyrriiya confessed to hacking Stratfor and providing AntiSec with access.

“This initial hack of Stratfor occurred approximately TWO week BEFORE anyone involved in #antisec (including Sabu and Hammond) had ANY knowledge or involvement in Stratfor,” Hyrriiya wrote. “After reviewing the data I was able to access in Stratfor, I realised that the customer details included all pertinent credit card information for both individuals and a multitude of corporate entities, military institutions and espionage agencies. Upon this realisation, I promptly decided that I wanted this information to be public.”

A previous Daily Dot investigation found that—contrary to the FBI’s official statements—the Stratfor breach was orchestrated by informant Hector Monsegur. Chat logs show Monsegur obtained critical information about Stratfor’s vulnerabilities privately from Hyrriiya, and then arranged for Hammond to meet with Hyrriiya and gain access to Stratfor.

Monsegur was released in late May on time served. Barrett Brown, a journalist who pleaded guilty in April to being an accessory after the fact in the Stratfor hack, is scheduled to be sentenced in August.

Verizon Wireless did not respond to multiple inquiries. Stratfor declined to comment on this article.

quote:

#OpHackingCup: Anonymous hacks website of famous Brazilian actress Glória Pires

quote:

The online hacktivist Anonymous is back in news with another high profile hack. This time Anonymous Brasil has hacked and defaced the official website of famous Brazilian actress Glória Pires.

The 50 years old actress had her website (http://www.gloriapires.com.br/) defaced exactly 5 hours ago with a YouTube documentary video ‘Beyond Citizen Kane; (Muito além do Cidadão KAN) in Brazilian Portuguese.

Pires works for Rede Globo media group, the largest in Brazil and it seems the main target of Anonymous was Rede Globo media group, as Beyond Citizen Kane (Muito além do Cidadão KAN) documentary discusses the Globo group’s influence, power, and political connections.

Tweet confirming the hack was done by Anonymous Brazil:

twitter:

AnonBRNews twitterde op maandag 23-06-2014 om 15:38:48 #OpHackingCup #OpWorldCup the game continues #Deface Globo TV actress website. http://t.co/Wge0NoRVM2 http://t.co/RTgZRbb1FS reageer retweet

In March 2014, Anonymous had vowed to attack Brazilian government and companies sponsoring the World Cup in Brazil. As a showcase, Anonymous took official website of Military Police of São Paulo following with the official website of New York’s Board of Elections against world cup.

Let’s see what else coming from Anonymous.

At the time of pubishing this article, Glória Pires’s website was restored and working online.

quote:

Gabriella Coleman vs Anonymous Digital

Chat with Biella Coleman and Anonymous Digital July 15th, 3pm EST | 20:00 BST | 7pm GMT

IRC: || Channel #AnonDigital
[ClearNet] irc.cyberguerrilla.org || PORT 6667 || SSL PORT 6697
[TOR] 6dvj6v5imhny3anf.onion || PORT 6667 || SSL PORT 6697
[I2P] 127.0.0.1:6669 || See I2P || PORT 6669

For our security-conscious clients:
The below fingerprints may be used to verify the identity of IRC cyberguerrilla server’s.
[ClearNet] SHA-1: 94:1C:FF:7D:BF:19:C1:AA:04:49:0C:57:38:89:71:B3:1F:71:AC:EF
[TOR] SHA-1: DB:CB:9B:31:9C:E3:32:85:80:4E:AD:59:2D:D4:07:D2:97:0F:3E:B7
[I2P] SHA-1: F8:B3:65:10:01:F4:71:0E:8F:FD:6E:71:55:6E:A4:A3:CF:8F:72:0D
HowTo’s:
IRC Client setup || Connect via I2P || Connect via TOR
IRC Identifying with CERTFP || IRC with OTR Encryption
WebChat:
Via cyberguerrilla.org || WebIris
Via TOR || WebIris
KiwiIRC

Discuss her new book
“Hacker, Hoaxer, Whistleblower, Spy: The Story of Anonymous”
http://t.co/tHX0gd4wdH
Also hacking, protests, politics, hacktivists and how Keith Alexander is sure to save the world from DDoS attacks for $600k a month
The NSA will be joining us so it’s a guaranteed good time.
The FBI will be giving away National Security Letters as door prizes.
Out of this chat there will be a radio show made

twitter:

SimonZerafa twitterde op dinsdag 24-06-2014 om 08:23:17 Wanna know the password for Brasil World Cup security centre WiFi? It's on the whiteboard ;-) -> http://t.co/vONTc6210d [ cc @thegrugq] reageer retweet

quote:

Teh Internet Is Serious Business

A 16-year-old London schoolboy and an 18-year-old recluse in Shetland meet online, pick a fight with the FBI and change the world forever.

Tim Price gets behind the code with the original Anonymous members and creates an anarchic retelling of the birth of hacktivism. A fictional account of the true story of Anonymous and LulzSec, the collective swarm who took on the most powerful capitalist forces from their bedrooms.

Tim Price, author of Protest Song about the Occupy movement and National Theatre of Wales’ The Radicalisation of Bradley Manning continues his interrogation of contemporary revolutions.

Tim Price’s theatre credits include: Protest Song at The Shed at the National Theatre, I’m With The Band directed by Hamish Pirie at the Traverse, Praxis Makes Perfect (with Neon Neon, at National Theatre Wales), Demos at the Traverse, The Radicalisation of Bradley Manning for National Theatre Wales, For Once for Pentabus and Hampstead Theatre, tour), Salt Root and Roe, as part of the Donmar Warehouse’s Trafalgar Studio season, which was nominated for an Olivier Award and Will and George. Tim is one of the founders of Cardiff’s leading fringe new writing company Dirty Protest. Launched in 2007, the company has worked with over one hundred Welsh writers, staging new sell-out plays in alternative venues, from pubs and clubs, to kebab shops, hairdressers and a forest. The company took over the Jerwood Theatre Upstairs last summer, as part of Surprise Theatre in the Open Court festival.

Hamish Pirie is Associate Director at the Royal Court and this will be the first time he has directed here. He has worked with Tim Price on three of his shows, directing I’m With The Band and Demos at the Traverse, Edinburgh (where he was previously Associate Director) and Salt Root and Roe for the Donmar Warehouse’s Trafalgar Studio season. His credits at the Traverse include Quiz Show by Rob Drummond, Love With A Capital ‘L’ by Tony Cox, 3 Seconds by Lesley Hart, Most Favoured by David Ireland, Bravo Figaro by Mark Thomas, The Last Bloom by Amba Chevannes and 50 Plays for Edinburgh.

Age guidance 14+

Multi-Buy Offer – Save over 20% with tickets at just £25.
To use the multi-buy deal purchase three or more Jerwood Theatre Downstairs productions (The Nether, Teh Internet Is Serious Business, Hope or How To Hold Your Breath). Only valid on full price, top-price tickets. Must be booked by 31 July 2014.

quote:

Anonymous Hacktivists Prepare For Strike Against ISIS 'Supporters'

The hacktivist group Anonymous is planning to launch a series of digital attacks against nations it accuses of funding or arming the radical Islamic terror group ISIS.

Sources within Anonymous told me the campaign will be called Operation NO2ISIS and will target three states suspected of offering support to the Islamic State of Syria and al-Sham (ISIS). Government websites will be blasted with DDoS attacks with Anonymous planning to “unleash the entire legion” upon its enemies.

One of the targets will be Saudi Arabia, a Sunni Muslim nation that has long been suspected of supporting ISIS and other hardline terror groups. However, the Saudi government has dismissed Iraqi prime minister Nouri al-Maliki’s claims that it arms and funds ISIS, describing the “false allegations” as a “malicious falsehood”. The Saudis are thought to be terrified of blowback from the wars in Iraq and Syria, so have taken steps to ban private individuals from donating cash to ISIS militants.

The hacktivists of Anonymous do not believe Saudi Arabia, which is known as the homeplace of Osama Bin Laden and is a long-standing supporter of terrorism. A number of other countries have also been warned to prepare for attacks, which are expected to begin next week. Donors in Kuwait and a number of other Middle Eastern nations are thought to have funded ISIS in the past, making them fair game for Anonymous.

“We plan on sending a straightforward message to Turkey, Saudi Arabia Qatar and all other countries that evidently supply ISIS for their own gain,” the source said. “In the next few days we will begin defacing the government websites of these countries so that they understand this message clearly.

“We are unable to target ISIS because they predominately fight on the ground. But we can go after the people or states who fund them.”

Although ISIS is known to be a savvy user of social media, it has not yet flexed its digital muscles like the Syrian Electronic Army, which famously hacked a number of targets including The New York Times and Forbes itself.

This may be set to change, as Anonymous has already started to lock horns with hackers claiming to be associated with ISIS.

Last week, a Twitter TWTR -1.23% account called @theanonmessage was taken over by ISIS supporters and dozens of graphic images of violence were posted to its timeline. The activist who operates the account admitted that Anonymous were shocked at the attack, which appeared to mimic the tactics already employed by the Syrian Electronic Army itself.

“To be honest, we were taken off guard,” he said. “We didn’t expect a bunch of ragtags to any damage. The ISIS hacking techniques were very similar to hacks done by the Syrian Electronic Army, so that’s pretty interesting.”

As with any cyberattack, it’s difficult to know exactly how much damage will be caused. Anonymous itself once petitioned the White House to make DDoS attacks a form of legitimate protest, which suggests its supporters feel the digital attacks are more useful as a publicity tool than as an actual weapon of war.

This assessment is backed up by security experts. Commenting on a recent threat to attack sponsors of the World Cup, the security firm Symantec SYMC +1.02% summed up the nature of the threat posed by Anonymous like this: “Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility. These attacks are typically low scale consisting of DDoS activity against publicly accessible webservers, website defacement efforts, or data exploitation. Symantec does take these threats seriously and has detection in place.”

Perhaps the most dangerous effect of any Anonymous campaign will be the inevitable reprisal. So far, ISIS supporters have largely shunned online attacks, but this could easily change. If the Anonymous claims of a link up between the Syrian Electronic Army and ISIS are to be believed, the damage they could wreak on Western targets could be much more than simply symbolic. Let’s not forget that one false tweet from an AP account wiped more than $90billion from the US stock market. Provoke ISIS’ digital supporters and they will strike back, possibly bringing the fight to America without a single shot being fired.

quote:

How an FBI informant orchestrated the Stratfor hack

quote:

Sitting inside a medium-security federal prison in Kentucky, Jeremy Hammond looks defiant and frustrated.

“[The FBI] could've stopped me,” he told the Daily Dot last month at the Federal Correctional Institution, Manchester. “They could've. They knew about it. They could’ve stopped dozens of sites I was breaking into.”

Hammond is currently serving the remainder of a 10-year prison sentence in part for his role in one of the most high-profile cyberattacks of the early 21st century. His 2011 breach of Strategic Forecasting, Inc. (Stratfor) left tens of thousands of Americans vulnerable to identity theft and irrevocably damaged the Texas-based intelligence firm's global reputation. He was also indicted for his role in the June 2011 hack of an Arizona state law enforcement agency's computer servers.

There's no question of his guilt: Hammond, 29, admittedly hacked into Stratfor’s network and exfiltrated an estimated 60,000 credit card numbers and associated data and millions of emails, information that was later shared with the whistleblower organization WikiLeaks and the hacker collective Anonymous.

Sealed court documents obtained by the Daily Dot and Motherboard, however, reveal that the attack was instigated and orchestrated not by Hammond, but by an informant, with the full knowledge of the Federal Bureau of Investigation (FBI).

In addition to directly facilitating the breach, the FBI left Stratfor and its customers—which included defense contractors, police chiefs, and National Security Agency employees—vulnerable to future attacks and fraud, and it requested knowledge of the data theft to be withheld from affected customers. This decision would ultimately allow for millions of dollars in damages.

The documents also confirm the integral role of a shadowy hacker, operating under the handle “Hyrriiya,” who provided key access for the now-infamous attack.

The FBI’s official version of the Stratfor hack, as reported by the New York Times, is that the bureau was made aware of the breach on Dec. 6, 2011, after hackers were already “knee-deep” in confidential files. The FBI claims Hammond informed hacker-turned-informant Hector Xavier Monsegur—also known by the online alias Sabu—of the vulnerability at Stratfor. In turn, the FBI immediately notified the intelligence company, though at that point it was already “too late.”

During his trial, Hammond claimed that the roles were actually reversed: It was Monsegur—released last week on time served—who first introduced him to an anonymous hacker, now known as Hyrriiya, who “supplied download links to the full credit card database as well as the initial vulnerability access point to Stratfor’s systems."

I had never even heard of Stratfor until Sabu brought it to my attention, Hammond said.

His statement echoed a May 2012 letter ostensibly written by Hyrriiya and provided to Hammonds legal defense team. I am stating and admitting, AS FACT, that I was the person who hacked Stratfor, wrote Hyrriiya, a skilled hacker, who's known primarily for his involvement in hacks of Syrian government websites for Anonymous, two months after Hammond was charged.

Previously, however, no public records have substantiated Hammonds and Hyrriiyas claims.

New information, obtained by the Daily Dot and Motherboard in April, not only affirms Hammond's version of events, but also longstanding accusations that federal investigators allowed an informant to repeatedly break computer-crime laws while in pursuit of Hammond and other Anonymous figures. Further, contrary to its prior statements, the FBI, through its surveillance of Monsegur, was aware of a security breach in the network of the private intelligence company well before it was too late.

The evidence on which the Daily Dot-Motherboard investigation is based was collected by Monsegur and his FBI monitors during his time as an informant from June 2011 to March 2012. The cache of court documents includes thousands of previously unseen chat logs, surveillance photos, and government documents, all currently sealed under a protective order upheld by a federal judge in the Southern District of New York.