11:37 AM

Anonymous Targets Turkish Government Websites

Hacktivists launch #OpTurkey DDoS campaign to support protests against government of Turkish prime minister Tayyip Erdogan.

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
The hacktivist collective Anonymous, as part of Operation Turkey (#OpTurkey), claimed Monday to have taken down more than a dozen websites belonging to Turkish government agencies.

"Turkey is supposed to be a so called 'modern' democracy, but the Turkish government behaves like the petty dictators in China or Iran. Anonymous is outraged by this behavior, and we will unite across the globe and bring the Turkish government to it's (sic) knees," according to an Anonymous statement released Saturday, which first announced #OpTurkey.

"We will attack every internet and communications asset of the Turkish government," the Anonymous statement promised.

To that end, the collective has published an extensive list of suggested government websites to be targeted via distributed denial-of-service (DDoS) attacks. It also listed four police sites to target, as well as dozens of "vulnerable SQL sites" run by, or affiliated with, the Turkish government.

[ Now that cybercriminals' bank of choice is out of business, where will they turn? See Liberty Reserve Fallout: How Will Cybercrime Move Money? ]

As of Monday, Anonymous reported that 15 government sites had been taken "tango down," in part by "WikiCrew." They include the websites for the country's ruling Justice and Development (AK) party, as well as Istanbul's governor and the Directorate of Security.

The Anonymous campaign is designed to support ongoing protests in Turkey. The protests grew out of a peaceful rally, held last week in Gezi Park by environmentalists challenging the government's decision to turn a central Istanbul green space -- increasingly, a rarity -- near Taksim Square into a shopping mall. Police, early Friday, launched a raid against the protestors, who were staging a sit-in, and attempted to disperse them using tear gas and water cannons. At least 12 people were reportedly injured.

Instead of dispersing the protestors, however, the police action -- and widespread reports of excessive police force -- triggered more protests against the government of prime minister Tayyip Erdogan. As noted by a Slate FAQ on the Turkish protests, Erdogan has ruled the democratic country for the past 10 years, and was twice elected by a near-majority of voters.

What's the problem? According to the Associated Press, the protestors "appear to be urban, secular Turks" who are "frustrated by what they see as Erdogan's close ties to development interests and his alleged attempts to force his religious outlook on them."

"We do not have a government, we have Tayyip Erdogan," protest attendee and political scientist Koray Caliskan told Reuters. "This is the beginning of a summer of discontent."

Erdogan, however, has dismissed the protests as being the work of secularists opposed to his AK party, which grew in part out of banned Islamist political parties but now espouses "conservative democracy" and a pro-American agenda. "This is a protest organized by extremist elements," Erdogan said earlier this week, reported Reuters. "We will not give away anything to those who live arm-in-arm with terrorism."

In recent days, tens of thousands of people have reportedly taken to the streets to demonstrate. The protests have since spread to other Turkish cities, and at least two protestors have been killed.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio