Attacks/Breaches
3/1/2012
08:56 AM
50%
50%

Anonymous Retaliates For Interpol Arrests

Hacktivists use DDoS attacks to knock Interpol website offline following arrests of 25 alleged Anonymous associates. FBI official at RSA credits Anonymous for accelerating international law enforcement cooperation.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Anonymous launched a sustained distributed denial-of-service (DDoS) attack that knocked Interpol's public-facing website offline for several hours Tuesday.

Members of the hacktivist group Anonymous apparently took credit for the attacks via the AnonOps Twitter channel, which has served as a reliable source of Anonymous information. "Tango Down >> Free International Anons!" read one tweet, while another said, "Tango Down II 404 Interpol, #Anonymous is not a criminal organization."

The DDoS attacks were in retaliation for Interpol Tuesday announcing that it had coordinated the arrests of 25 people in four European and Latin American countries for alleged illegal activities conducted under the Anonymous banner. The alleged hackers were all between the ages of 17 and 40, and as part of the investigation, Interpol also seized 250 pieces of IT equipment and mobile phones, as well as credit and debit cards, and cash.

[ See our complete RSA 2012 Security Conference coverage, live from San Francisco. ]

Interpol had launched its so-called Operation Unmask--a not-so-subtle nod to Anonymous' own naming conventions--in February, in response to a series of cyber attacks that originated from Argentina, Chile, Colombia, and Spain. The attacks were directed at numerous organizations, including Columbia's Ministry of Defense and presidential website, as well as utility companies.

"This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted," said Bernd Rossbach, acting Interpol executive director of police services, in a statement.

Interpol said it's continuing to investigate how the attacks were funded, and noted that the arrests were facilitated by Interpol's working parties on IT crime, which "were created to facilitate the development of strategies, technologies, and information on the latest IT crime methods." Interpol said there are five such working parties, covering Africa, the Americas, Asia and the South Pacific, Europe, and the Middle East, and North Africa.

But the Interpol working groups are far from the only examples of governmental organizations that have banded together to fight cybercrime. Indeed, as various hacktivist groups continue to hack into websites and "dox"--release sensitive documents--businesses, government agencies, and law enforcement agencies in various countries have begun working much more closely together to share information on pending attacks, as well as to help with ongoing investigations. "A year or so ago, there was a movement to attack a number of Turkish websites. We called our counterparts in Turkey, and within 24 hours, they'd arrested 32 people," said Eric Strom, the unit chief for the cyber initiative and resource fusion unit in the FBI's cyber division, speaking at this week's RSA conference in San Francisco. "This is an international problem."

In other words, just as Anonymous has united a number of people in different countries in the pursuit of common aims, it's also resulted in unprecedented levels of cross-border cooperation. "It's made the world a lot smaller for law enforcement," said Strom.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.