Attacks/Breaches
2/13/2012
12:23 PM
Connect Directly
RSS
E-Mail
50%
50%

CIA Website Hacked, Struggles To Recover

Anonymous and other hacktivists also left their marks on the U.S. Census Bureau, Interpol, and Mexico, as well as law enforcement websites in Alabama and Texas.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
An Anonymous-related Twitter channel claimed Friday that the group had successfully taken down the CIA's public-facing website.

The CIA website reportedly remained inaccessible several hours after the attack, then appeared to be offline intermittently for the rest of the weekend, as well as on Monday, in the face of what appeared to be a distributed denial of service (DDoS) attack. Anonymous had previously been making a habit of targeting the FBI on Fridays.

The CIA has acknowledged that it's been having website issues, but hasn't publicly commented on the cause. Interestingly, it's not clear if Anonymous was indeed responsible. "We'd remind media that if we report a hack or ddos attack, it doesn't necessarily mean we did it...FYI," according to a tweet from YourAnonNews, which is a reliable source of information about Anonymous activities.

[ Worried? Check out 10 Strategies To Fight Anonymous DDoS Attacks. ]

Saturday, hackers announced via Pastebin--with a shout-out to Anonymous and AntiSec--that they'd hacked the U.S. Census Bureau, and they listed the names of stolen database tables. The same day, the website of Interpol was also knocked offline, although the attack wasn't the work of Anonymous. Instead, via a Pastebin post, a group known as Black Tuesday (tagline: "We'r revolution of your mind!) claimed credit.

"We'r not Anonymous! Stop calling us a part of them:[ Yeap, we support their ideas, but we have own ideas at all!" according to a Twitter post made by the group.

Regardless, members of Anonymous have been busy. As part of the Anonymous anti-law enforcement effort AntiSec, the group released Friday what it said were 730 MB of emails plus a database of information from Mexico's Chamber of Mines, aka "Camimex." In a Pastebin post, "AnonMex" said the attack was in retaliation for mining syndicates working in parts of Mexico without consulting with the indigenous population.

Last week, pro-Anonymous hackers CabinCr3w and w0rmer hit the Texas Department of Public Safety, and detailed what they'd stolen, which included contact information for training centers. The hackers also released what it said were two Excel spreadsheets allegedly stolen in the attack. While one appeared to contain non-sensitive training center contact information, the other appeared to be a dummy file used to disguise a known piece of spyware called "BadSRC."

The same two hackers last week also launched an attack against the Alabama Department of Public Safety, and released seven spreadsheets containing information on sex offenders as well as victims, as well as a database of vehicle information for offenders.

Much of that information, however, was redacted. "Inspection of the spreadsheets indicates that no names were dumped, but it might be possible to recognize particular cases of child sexual abuse or rape by the dates of the arrests and the description of the crime and victim's age if a case had been reported in the media or occurred in a small town," said Databreaches.net. "Similarly, while offenders' names were not included in the data dump, their vehicle information and license plate number were. It's not clear whether the hackers also acquired other files or databases that would enable identification of what appear to be unique IDs."

In another attack, CabinCr3w and w0rmer, as well as another hacker known as Kahuna, hacked into a website for the Mobile, Ala. police department, to protest "recent racist legislation," according to the Pastebay post announcing the attack. "Because of your police being lazy when it comes to data security, we have acquired the following information of over 46,000 citizens of the state of Alabama," said the attackers.

The stolen data included people's full legal names, social security numbers, birth dates, and criminal records. But the hackers involved told Databreaches.net that they'd purposefully chosen to release only a redacted subset of the data they'd obtained, and then deleted all of the data.

Hacks of Comodo and DigiNotar exposed weakness in the Secure Sockets Layer protocol. The new Dark Reading supplement shows you what's being done to fix it. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0619
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

CVE-2014-2230
Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

CVE-2014-7281
Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

CVE-2014-7292
Published: 2014-10-23
Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx.

CVE-2014-8071
Published: 2014-10-23
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to all...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.