DecryptedTech

Thursday08 December 2022

Anonymous has a busy weekend


Reading time is around minutes.

broken-lockAnonymous had a rather big weekend starting off with taking down the CIA’s public website cia.gov. This was done through an interesting trick that appeared to be a combination of a DDoS and some DNS tinkering. On the day of the outage the CIA’s website resolved to 192.81.129.107 which when looked up showed as an address belonging to an IP pool in the UK. Once the attack was completed the site resolved to 192.81.129.130 which is undeniably part of the same range, but now shows as a US IP range.  Looking at the evidence this could possibly be a new form of attack from the collective. Unfortunately we just do not have enough information on the subject to be sure and the CIA is not releasing any new information.

During the weekend Anonymous also broke into the Alabama state government servers and skimmed off the personal information of 46,000 Alabama residents. This was stumbled upon while they were looking for more information on a controversial immigration bill that has passed recently.  According to an Anonymous press release on Pastebay (that just sounds odd doesn’t it?) the information contained full names, social security numbers, dates of birth, criminal records, addresses, phone numbers, and license plate numbers.  Unlike previous data breaches the group has not released this information to the world. They did publish a heavily redacted list of about 500, but were quick to add the comment; “We mean no harm by releasing this redacted information. This data was not securely segregated from the Internet, nor was it properly encrypted."

This last move seems to come after a splinter in the collective happened a few months ago. Not that long ago one of the groups inside the larger Anonymous collective was responsible for releasing personal information about law enforcement officers including their home addresses. This was not well received by the public at all and caused a minor war within the collective which resulted in a breakaway of one of the more radical factions. Anonymous as a group has always maintained they support the public and appear to be standing behind that with this latest theft of data as they now state that the stolen data has been deleted.

“Because of the possible cost of lives and money to regular citizens, we are deleting this data and are seeking to make it known that you not only have shown zero regard for immigrants, but for the very citizens that live in the great state of Alabama.”

Anonymous also points out something that we have been saying about corporate data for years; lazy coding and cost cutting will always hurt you in the end (you will pay for it now or pay for it later).

“This data was not securely segregated from the Internet, nor was it properly encrypted. This is what happens when not enough resources are spent on proper design and the training that comes with it”

In other news Anonymous went after the Mexican government for labor conditions in their Mining Chamber Camimex. Some are also claiming it is in response to a SOPA-like act that the Mexican government is proposing.  This attack netted the email addresses and other information about the chamber members this time the group which was then released to the public again on Pastebin.  

It was a busy weekend for many IT departments as they rushed to recover from these attacks and then try to find ways to prevent them in the future.

Discuss this in our Forum

Last modified on Sunday, 12 February 2012 09:56

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.