Attacks/Breaches
3/1/2012
08:56 AM
50%
50%

Anonymous Retaliates For Interpol Arrests

Hacktivists use DDoS attacks to knock Interpol website offline following arrests of 25 alleged Anonymous associates. FBI official at RSA credits Anonymous for accelerating international law enforcement cooperation.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Anonymous launched a sustained distributed denial-of-service (DDoS) attack that knocked Interpol's public-facing website offline for several hours Tuesday.

Members of the hacktivist group Anonymous apparently took credit for the attacks via the AnonOps Twitter channel, which has served as a reliable source of Anonymous information. "Tango Down >> Free International Anons!" read one tweet, while another said, "Tango Down II 404 Interpol, #Anonymous is not a criminal organization."

The DDoS attacks were in retaliation for Interpol Tuesday announcing that it had coordinated the arrests of 25 people in four European and Latin American countries for alleged illegal activities conducted under the Anonymous banner. The alleged hackers were all between the ages of 17 and 40, and as part of the investigation, Interpol also seized 250 pieces of IT equipment and mobile phones, as well as credit and debit cards, and cash.

[ See our complete RSA 2012 Security Conference coverage, live from San Francisco. ]

Interpol had launched its so-called Operation Unmask--a not-so-subtle nod to Anonymous' own naming conventions--in February, in response to a series of cyber attacks that originated from Argentina, Chile, Colombia, and Spain. The attacks were directed at numerous organizations, including Columbia's Ministry of Defense and presidential website, as well as utility companies.

"This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted," said Bernd Rossbach, acting Interpol executive director of police services, in a statement.

Interpol said it's continuing to investigate how the attacks were funded, and noted that the arrests were facilitated by Interpol's working parties on IT crime, which "were created to facilitate the development of strategies, technologies, and information on the latest IT crime methods." Interpol said there are five such working parties, covering Africa, the Americas, Asia and the South Pacific, Europe, and the Middle East, and North Africa.

But the Interpol working groups are far from the only examples of governmental organizations that have banded together to fight cybercrime. Indeed, as various hacktivist groups continue to hack into websites and "dox"--release sensitive documents--businesses, government agencies, and law enforcement agencies in various countries have begun working much more closely together to share information on pending attacks, as well as to help with ongoing investigations. "A year or so ago, there was a movement to attack a number of Turkish websites. We called our counterparts in Turkey, and within 24 hours, they'd arrested 32 people," said Eric Strom, the unit chief for the cyber initiative and resource fusion unit in the FBI's cyber division, speaking at this week's RSA conference in San Francisco. "This is an international problem."

In other words, just as Anonymous has united a number of people in different countries in the pursuit of common aims, it's also resulted in unprecedented levels of cross-border cooperation. "It's made the world a lot smaller for law enforcement," said Strom.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.