Attacks/Breaches
3/1/2012
08:56 AM
50%
50%

Anonymous Retaliates For Interpol Arrests

Hacktivists use DDoS attacks to knock Interpol website offline following arrests of 25 alleged Anonymous associates. FBI official at RSA credits Anonymous for accelerating international law enforcement cooperation.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Anonymous launched a sustained distributed denial-of-service (DDoS) attack that knocked Interpol's public-facing website offline for several hours Tuesday.

Members of the hacktivist group Anonymous apparently took credit for the attacks via the AnonOps Twitter channel, which has served as a reliable source of Anonymous information. "Tango Down >> Free International Anons!" read one tweet, while another said, "Tango Down II 404 Interpol, #Anonymous is not a criminal organization."

The DDoS attacks were in retaliation for Interpol Tuesday announcing that it had coordinated the arrests of 25 people in four European and Latin American countries for alleged illegal activities conducted under the Anonymous banner. The alleged hackers were all between the ages of 17 and 40, and as part of the investigation, Interpol also seized 250 pieces of IT equipment and mobile phones, as well as credit and debit cards, and cash.

[ See our complete RSA 2012 Security Conference coverage, live from San Francisco. ]

Interpol had launched its so-called Operation Unmask--a not-so-subtle nod to Anonymous' own naming conventions--in February, in response to a series of cyber attacks that originated from Argentina, Chile, Colombia, and Spain. The attacks were directed at numerous organizations, including Columbia's Ministry of Defense and presidential website, as well as utility companies.

"This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted," said Bernd Rossbach, acting Interpol executive director of police services, in a statement.

Interpol said it's continuing to investigate how the attacks were funded, and noted that the arrests were facilitated by Interpol's working parties on IT crime, which "were created to facilitate the development of strategies, technologies, and information on the latest IT crime methods." Interpol said there are five such working parties, covering Africa, the Americas, Asia and the South Pacific, Europe, and the Middle East, and North Africa.

But the Interpol working groups are far from the only examples of governmental organizations that have banded together to fight cybercrime. Indeed, as various hacktivist groups continue to hack into websites and "dox"--release sensitive documents--businesses, government agencies, and law enforcement agencies in various countries have begun working much more closely together to share information on pending attacks, as well as to help with ongoing investigations. "A year or so ago, there was a movement to attack a number of Turkish websites. We called our counterparts in Turkey, and within 24 hours, they'd arrested 32 people," said Eric Strom, the unit chief for the cyber initiative and resource fusion unit in the FBI's cyber division, speaking at this week's RSA conference in San Francisco. "This is an international problem."

In other words, just as Anonymous has united a number of people in different countries in the pursuit of common aims, it's also resulted in unprecedented levels of cross-border cooperation. "It's made the world a lot smaller for law enforcement," said Strom.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5395
Published: 2014-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.00, and E586Bs-2 before 21.322.10.00.889 allow remote attackers to hijack the authentication of users ...

CVE-2014-7137
Published: 2014-11-21
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4...

CVE-2014-7871
Published: 2014-11-21
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API call.

CVE-2014-8090
Published: 2014-11-21
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nes...

CVE-2014-8469
Published: 2014-11-21
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?