Anonops #6: Anonymous en de MO-revoluties

quote:

The 1999 Battle of Seattle was an event where people from all over the world gathered with a common vision, regardless of their station in life. It was a pivotal moment for the global justice movement as a coalition of groups from labor unions to environmental activists came together to address the inherently exploitative WTO version of globalized economy and governance. They worked for different causes but came together to fight the corporate takeover of the economy and government. The media at that time framed the protest in a simple light, failing to capture the complex mosaic of collectives and motives that gathered on the streets. The generally peaceful protest against the WTO was marred by a handful of vandals and a truly violent police reaction. True to its disposition to magnify lower emotions, the corporate media emphasized a couple of violent images that were replayed over and over until they became the corporate media version of the event. While those cameras shot reality from one angle and delivered an image filtered by corporate interests, the new grassroots media activists captured the eyewitness reports of people and documented what was truly taking place.

Something similar has been happening with the recent revolutions in the Arab world. Images captured from the ground were initially censored, but those denied images found ways through social media such as Facebook and person-to-person sharing to combat the monopolized images filtered by traditional media. Anonymous played a pivotal role in this communication.

quote:

Endgame Systems

Endgame Systems has been of interest to this investigation due to the firm's close association with corrupt HBGary CEO Aaron Barr, their stated intent to avoid public attention towards its work with the federal government, its longtime collaboration with Palantir employee Matthew Steckman (whom Palantir fired in the wake of the Team Themis affair, quite improbably claiming that Steckman had acted on his own), and its creation of a report on Wikileaks and Anonymous which was provided to Team Themis for use in its campaign against both entities.

quote:

http://anonops.blogspot.com/

Saturday the infamous, international Internet hactivist collective known as Anonymous launched a successful DDoS attack against the Spanish National Police website. The attack is a direct response to the Friday arrests of three individuals alleged to be associated with acts of cyber civil disobedience attributed to Anonymous.

Operation Policia (#OpPolicia) is the name for the successful DDoS (distributed denial of service) attack that paralyzed the Official National Police website (Página Oficial del Cuerpo Nacional de Policíawww.policia.es) for hours on Saturday, making it inaccessible to visitors. The DDoS attack is a protest tactic often deployed by Anonymous.

Friday Spanish authorities announced they had arrested three men suspected of participating in cyber-attacks against the Sony PlayStation Network as well as other corporate and government websites - cyber-attacks associated with the mysterious and powerful international Internet hactivist collective known as Anonymous.

Immediately after the arrests, Anonymous issued a press release. The following is an excerpt of that release:

Greetings Spanish Government:

We know you have heard of us; We are Anonymous. It has come to our attention that you deemed it necessary to arrest three of our fellow anons, ... which you claim to be the leaders of Anonymous and for their participation in DDoS attacks against various websites...

First and foremost, DDoSing is an act of peaceful protest on the Internet. The activity is no different than sitting peacefully in front of a shop denying entry. Just as is the case with traditional forms of protest...

Regardless of how many times you are told, you refuse to understand. There are no leaders of Anonymous. Anonymous is not based on personal distinction...

Arresting somebody for taking part in a DDoS attack is exactly like arresting somebody for attending a peaceful demonstration in their hometown. Anonymous believes this right to peacefully protest is one of the fundamental pillars of any democracy...

You have not detained three participants of Anonymous. We have no members and we are not a group of any kind. You have, however, detained three civilians expressing themselves...

You are providing us with the fuel, but now you must expect the fire.

Awaiting your action,

Anonymous,

We are Legion.
We do not forgive your attacks on freedom.
We do not forget your ignorance.
Expect Revolution.
Expect us.

quote:

Twenty reasons why it’s kicking off in cyberspace

In February the Newsnight economics editor Paul Mason very succinctly laid out the radically different nature of recent popular uprisings across North Africa, the Middle East and Europe compared to earlier political movements, and the economic and sociological reasons behind it. This incisive blogpost rang true for many of those involved in those social movements, articulating, as it did, a new sentiment and new political priorities amongst those populations. The short article sketched out a more cohesive image which the media in general was missing, partly through structural failings, but largely because events were unfolding at speed and trying to drag the chaotic events into an understandable analysis was difficult.

Running alongside the (still unfolding) Arab Spring, informing and shaping and being shaped in turn by those events, was a developing online conflict with major similarities; young, optimistic graduates who saw societies in more generalised terms of “power”, highly networked, informal and decentralised decision making processes and a deep cynicism and mistrust of traditional power elites and political ideologies. In the last month especially we’ve seen a series of events and developments that are changing the game of cyber-war (and cyber-class-war).

quote:

http://www.nrc.nl/nieuws/(...)nval-op-netwerk-imf/

Het Internationaal Monetair Fonds (IMF) is doelwit geweest van een grote cyberaanval. De hackers zouden banden hebben met een buitenlandse regering en zijn uitgeweest op het installeren van software die “digitale toegang” zou verschaffen tot het IMF-netwerk.

Het was een geplande aanval met een programmacode die geschreven en gebruikt werd voor deze specifieke aanval. Dat zegt Tom Kellerman van de International Cyber Security Protection Alliance. Met de geïnstalleerde software zouden de hackers toegang kunnen krijgen tot een schat aan niet-openbare economische data over wisselkoersen, internationale handel en de hulpmiddelen die landen die in financiële nood zitten, aangereikt worden.

De aanval, waarbij een aantal e-mails en andere documenten werden buitgemaakt maar volgens eerste berichten geen toegang werd gekregen tot gevoelige informatie, wordt momenteel nog onderzocht. Volgens experts op het gebied is het bij een goed uitgevoerde cyberaanval erg lastig de bron te achterhalen.

De IMF-leiding is afgelopen woensdag van de aanval op de hoogte gesteld. De aanval zelf vond nog voor de arrestatie van voormalig topman Dominique Strauss-Kahn plaats.

quote:

IMF HACKED: "VERY MAJOR BREACH"
The IMF is the latest to be hacked, says the NYTimes.

People are calling it "the maid's revenge."

(Revenge for what, you ask? THIS.)

The NYTimes says, "The [IMF] told its staff and its board of directors about the attack on Wednesday," but they didn't go into detail about the hack.

However senior people familiar with the attack tell the NYTimes that it was a "very major breach."

The fund is fully functional, but according to the Times:

The concern about the attack was so significant that the World Bank, an international agency focused on economic development, whose headquarters is across the street from the I.M.F. in downtown Washington, cut the computer link that allows the two institutions to share information.

Read more about the attack at the Times >

Please follow Clusterstock on Twitter and Facebook.
Follow Courtney Comstock on Twitter.

Read more: http://www.businessinside(...)rstock#ixzz1P3GVHQst

quote:

Spanish police website knocked offline after hacking suspects arrested

Police website hit after suspected leaders of hackers' group held, accused of involvement in attacks on governments' sites

Spain's main police website was knocked offline over the weekend in an apparent revenge attack following the arrest of three suspected leaders of the hacking group Anonymous.

Officers said the three detainees had been involved in attacks on the websites of Sony PlayStation, several banks, an electricity company and the governments of Egypt, Algeria, Libya, Iran, Chile, Colombia and New Zealand. A server allegedly used in the attacks was also seized during a raid on homes in Gijon, Barcelona, Valencia and Almeria.

Anonymous had also launched attacks on the Catalan regional police, a Spanish trade union and the country's electoral administration, police said.

They said a 31-year-old from Gijon, northern Spain, had been a major player in the group. "This person provided infrastructure for the group with a server in his own home, from which major international attacks launched by Anonymous were coordinated," they said.

But a video posted on YouTube by purported members of Anonymous denied that the three people were leaders of the group.

"The police have lied. They cannot detain our leadership because we have no leadership," they said. "The server they took did not belong to Anonymous but was a small Internet Relay Chat (IRC) server that we annexed."

Masks bearing the logo of Anonymous have become popular among the protesters who have gathered in recent weeks in Spanish squares to demand social and political reform.

The Anonymous video stated that the group backed the non-violent protest movement, which finished dismantling its tented city in Madrid's Puerta del Sol square in the early hours of this morning, ending several weeks of occupation.

Anonymous: "La Policía ha creado una cortina de humo"

quote:

Website Amerikaanse Senaat gehackt

De website van de Senaat, onderdeel van het Amerikaanse Congres, is het afgelopen weekeinde gehackt. Dat heeft de beveiligingsdienst van het Congres gisteren bevestigd.

Het computersysteem van de Senaat wordt op dit moment onderzocht. Volgens de dienst is de veiligheid van het netwerk van de Senaat, van de senatoren en hun medewerkers niet in het geding geweest. Informatie van individuele gebruikers zou niet naar buiten zijn gekomen, aldus een woordvoerder.

Lulz Security
De bekendmaking volgde op de claim van een groep hackers die door het leven gaat als Lulz Security. Het collectief zou eerder verantwoordelijk zijn geweest voor het kapen van de websites van Sony en de publieke-omroeporganisatie Public Broadcasting System. Als bewijs van de actie publiceerden ze een aantal documenten van de Senaat op internet. Die leken geen gevoelige informatie te bevatten.

Een computerbeveiligingsexpert zei, na het bekijken van de documenten, dat Lulz Security wel afdoende had aangetoond te zijn doorgedrongen tot het systeem van de Senaat en dat de hackers de server met documenten in elk geval hadden weten te vinden.

'We zijn niet erg dol op de regering van de VS', aldus de persverklaring van Lulz Security. 'Dit is een publicatie, gewoon voor de kick, van wat interne gegevens van Senate.gov. Is dit een oorlogsdaad, heren?' De vraag verwijst naar de nieuwe internetstrategie waarop de Amerikaanse overheid zint. Computeraanvallen vanuit andere landen zouden binnenkort opgevat kunnen worden als oorlogsdaad.

quote:

Celebrity protest: the guy from the movie V For Vendetta turns up in St Moritz for a spell. He tries to remain anonymous by wearing glasses, but I totally recognise him.

quote:

LulzSec hackers claim breach of CIA website

Group announces its latest attack via Twitter with message 'Tango down – cia.gov – for lulz'

The CIA has become the latest target of self-styled "pirate ninja" hackers LulzSec.

The Central Intelligence Agency website was unavailable for a few minutes on Wednesday evening as the group announced the attack via Twitter: "Tango down – cia.gov – for the lulz".

"We are looking into these reports," a CIA spokeswoman said.

The hackers, who describe themselves as "the world's leaders in high-quality entertainment at your expense", have gained international notoriety this month with a series of security breaches.

Over the weekend LulzSec broke into a public website of the US Senate and released data stolen from the legislative body's computer servers.

Last week they hacked the website of an unnamed NHS organisation – one of England's primary care trusts. The Department of Health said no patient's medical records were accessed during the incident, which it described it as "a local issue" and "quite a low-level" lapse in IT security.

Earlier this month LulzSec broke into the website of Sony Pictures Entertainment and exposed information from 37,000 users, including names, passwords, birthdates and email addresses. It also hacked into a webserver belonging to Nintendo in the US.

The name of the group is derived from "LOL" (laugh out loud) and "security".

In Malaysia, at least 51 state-linked websites have been hit by cyber-attacks in recent days, the country's telecommunications regulator has confirmed.

The sites are believed to have been targeted by the Anonymous group of hackers, who had threatened to disrupt Malaysian sites in protest at a crackdown on entertainment piracy.

quote:

Op donderdag 16 juni 2011 10:23 schreef PiRANiA het volgende:
[ afbeelding ]

quote:

Hackers zetten 62.000 wachtwoorden online

AMSTERDAM – De hackersgroep genaamd LulzSec heeft 62.000 wachtwoorden van e-mailadressen van Australische overheidsinstellingen, scholen en universiteiten online gezet.


Dat heeft zij via Twitter laten weten.

Volgens LulzSec gaat het om een willekeurige greep uit een grote verzameling gegevens die zij de afgelopen tijd heeft buitgemaakt. “Vraag dus niet van welke websites de gegevens precies afkomstig zijn en hoe oud ze zijn, want dat weten we niet.”

Onder de slachtoffers zouden in ieder geval acht Australische universiteiten en twee scholen zijn. Volgens LulzSec hebben inmiddels 2000 mensen de gepubliceerde gegevens gedownload.

CIA
Donderdag beweerde LulzSec nog de website van de CIA te hebben gehacked. Hierdoor was deze enige tijd onbereikbaar. Eerder hackte de groep ook al websites van onder meer Sony en Nintendo.

Het doel van de acties is volgens LulzSec aan te tonen hoe slecht de beveiliging van de websites van veel grote bedrijven in elkaar zit.

quote:

Cyberwar heats up with Pentagon's virtual firing range

National Cyber Range intended as replica of internet allowing US scientists to test defences against hackers

The US defence agency that invented the forerunner to the internet is working on a "virtual firing range" intended as a replica of the real internet so scientists can mimic international cyberwars to test their defences.

Called the National Cyber Range, the system will be ready by next year and will also help the Pentagon to train its own hackers and refine their skills to guard US information systems, both military and domestic.

The move marks another rise in the temperature of the online battlefield. The US and Israel are believed to have collaborated on a sophisticated piece of malware called Stuxnet which targeted computers controlling Iran's nuclear centrifuge scheme. Government-authorised hackers in China, meanwhile, are suspect to have been behind a number of attacks on organisations including the International Monetary Fund, French government and Google.

The Defense Advanced Research Projects Agency (Darpa), which developed Arpanet, the forerunner of the internet, in the 1960s, is working on a number of fronts to boost the US's defences against computer-generated attacks. President Barack Obama has asked Congress for more than $250m (£154m) to fund Darpa's cyber initiatives in the coming year, double his fiscal 2011 request.

The National Cyber Range is expected to be working by mid 2012, four years after the Pentagon approached contractors to build it at an estimated $130m.

One of these companies is Lockheed Martin, the Pentagon's No 1 supplier by sales - and itself the target of what it called "a significant and tenacious" cyber attack in May.

Lockheed, the US government's top information technology provider, was awarded a $30.8m contract in January 2010 to continue to develop a prototype. Johns Hopkins University's applied physics laboratory won a similar deal at that time.

Darpa will this summer select one of them to operate a prototype test range during a year-long test.

It will also help train cyberwarriors such as those in the American military's Cyber Command, ordered up by the secretary of defence, Robert Gates, in June 2009 after he concluded the threat of digital warfare had outgrown the country's existing defences.

The "firing range" actually will be a collection of "testbeds" that can carry out independent drills or be woven into one or more larger pieces, depending on the challenge. The range is to test such things as new network protocols, as well as satellite and radio frequency communications. A key goal is to run classified and unclassified experiments in quick succession "in days rather than the weeks it currently takes," said Eric Mazzacone, a Darpa spokesman.

That would require a system capable of being completely reset after an experiment, in which it can be reconfigured and all data purged from related memory, hard drives and storage devices. That ability to reboot and start over is central to the plan, keeping the facility available "at all times for both experimentation and training," without fear of corruption or compromise, Mazzacone said.

Darpa is also working on other plans to advance the US's cyber defences. A program known as Crash – for Clean-slate design of Resilient, Adaptive, Secure Hosts – seeks to design computer systems that evolve over time, making them harder for an attacker to target.

The Cyber Insider Threat program, or Cinder, would help monitor military networks for threats from within by improving detection of threatening behaviour from people authorised to use them. The problem has loomed large since Army Private First Class Bradley Manning allegedly passed confidential state department documents to WikiLeaks, the anti-secrecy website.

Another is a Cyber Genome, aimed at automating the discovery, identification and characterisation of malicious code. That could help figure out who was behind a cyber strike.

The US defence department, meanwhile, is preparing an expanded pilot program to boost the sharing of cybersecurity information with the companies that provide it with arms, supplies and other services costing some $400bn a year. The new effort, like a predecessor that began in 2007, is voluntary and is aimed at protecting sensitive but unclassified information on or passing through computers owned by companies that make up what the Pentagon calls the "defense industrial base", or DIB.

About 35 companies took part in the initial program, including Lockheed Martin, which said last month its computer networks had become "a frequent target of adversaries around the world."

The expanded "DIB Opt-In" program will be open to many more companies. It is "vital to the nation's military readiness and the government's overall efforts to enhance cybersecurity," air force Lieutenant-Colonel April Cunningham, a defence department spokeswoman, said in a statement to Reuters.

Ultimately, the new program may be a step towards putting major Pentagon contractors behind military-grade network perimeter defences, like those that protect the Pentagon's own classified networks.

quote:

Hit the deck: LulzSec and Anonymous start trading blows

Hacker group LulzSec has begun publicly attacking hacker group Anonymous, an action that could lead to a civil war of sorts between the two hacker groups that have similar origins.

LulzSec has begun publicly mocking 4chan.org, the image-sharing message board where Anonymous was reportedly born, on its main Twitter account, which it has used to generate publicity for its attacks. When VentureBeat tried to access 4chan.org, the site was either inaccessible or very slow. That could incite frustration from Anonymous, which has proven time and again that it is a force to be reckoned with.

“Just saw a thread on (4chan.org message board /b/) where they’re trying to hunt us: you /b/tards realize that we are everything you’ve ever tried to be?” Lulzsec said on its Twitter account.

The sparring began when LulzSec initiated a “DDoS Party,” which was a set of large-scale distributed denial of service attacks on several gaming servers and websites that brought a lot of games offline. EVE Online, League of Legends and Minecraft all faced outages or significant latency problems. That was enough to get the attention of “/v/,” an internal image sharing board on 4chan.org that focuses on video games.

“That kind of already happened when Lulzsec DDoSed Mincraft and EVE Online,” one user said on Reddit. “(Video game image board /v/) went out in droves and DDoSed to death anything related to Lulzsec. It was like watching a glorious internet civil war take place. ‘We ride our chocobos to war and enter the fray’ was the rallying cry on /v/ today.”

LulzSec has been quick to state that it is not part of Anonymous. But the group basically said it came from the same core group of hackers that would go on to become what the public currently acknowledges as Anonymous. LulzSec’s attacks also bear an increasing resemblance to Anonymous. For instance, Anonymous regularly takes up political causes, and a recent attack on Senate.gov is one of several politically-motivated attacks the LulzSec team has executed. Anonymous members also use the term “lulz” to describe the amusement they get out of hacking websites and other networks.

“We are the concentrated success of 2005 /b/, being ‘hunted’ by the 2011 furry horde. Challenge accepted, losers,” LulzSec said on its Twitter account.

Lulzsec previously broke into Sony’s Sony Pictures site and invited readers to “plunder those 3.5 million music coupons while they can.” It also said it was targeting Sony in retaliation for how it handled the downtime of its PlayStation Network after it was forced to bring down the service and beef up security after an attack by an as-yet unidentified hacker group. It seems like LulzSec’s modus operandi involves breaking into insecure networks for the sake of exposing security flaws or in retaliation for political causes.

Members of the LulzSec group were able to break into the PBS site several days ago and post a fake story that said rapper Tupac Shakur was still alive. It was the third high-profile hacking attack on a private network in a little more than a month. The group was also able to break into the private network of Bethesda Softworks, the game developer behind several popular games like Brink and Fallout 3. LulzSec also opened up a phone line that lets individuals call in to request targets that LulzSec should consider attacking with either an intrusion or a DDoS attack.