Risk
4/9/2012
12:48 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Anonymous Continues Barrage Of Government Hacks

Hacktivist group Anonymous continues string of cyber attacks on governments worldwide, with attacks on China, Tunisia, Uganda, and the United Kingdom in the last few weeks.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
In the wake of a continuing series of reports of cyber attacks by the Anonymous hacking group against China, the Chinese government admitted Thursday that it had indeed recently fallen prey to those attacks.

Anonymous supporters also claimed to attack Ugandan government websites over the weekend, and said that they planned to begin attacks on United Kingdom government servers. Anonymous also claimed to have hacked the Tunisian prime minister's private email account, and released what it said was his email archive to the Web. The hackers' collective has targeted numerous governments in recent months, including U.S. federal agencies, NATO, and the Israeli government.

As for China, hackers have in the past few weeks defaced websites with messages calling China's government "evil" and warning Chinese Internet users to be "careful" because their "government has been in control of [the] network and filters harmful things."

The attacks have continued in recent days. Over the weekend, the recently launched Twitter handle @AnonymousChina announced the hacking of numerous additional Chinese websites, posting data dumps to Pastebin and Pastebay from alleged Chinese government servers. The @AnonymousChina account also announced its intention to take down Chinese censorship technology.

[ See Anonymous Vs. DNS System: Lessons For Enterprise IT. ]

Anonymous has claimed that its attacks have been in pursuit of Internet freedom. "All these years the Chinese Government has subjected their people to unfair laws and unhealthy processes," stated a recent Pastebin post attributed to the group. "People, each of you suffers from tyranny of that regime. Fight for justice, fight for freedom, fight for democracy."

In a press conference Thursday, Chinese Ministry of Foreign Affairs spokesman Hong Lei admitted that the Chinese government has fallen "victim to Internet hacker attacks," according to a transcript of his remarks.

The so-called Great Firewall of China blocks content that it labels subversive, and China has aggressively pursued online dissidents for years. Within the last few weeks, China's official state-run news service has reported that the country temporarily suspended comments on popular microblogging websites QQ and Weibo, shuttered 16 websites, and arrested six people for spreading rumors online.

However, in response to a question about the attacks, Lei claimed that "China's Internet is open," that Chinese Internet users "enjoy full freedom on the Internet," and that the large number of Chinese Internet users demonstrates the "openness of the Chinese Internet."

The Tunisian emails appear to include months' worth of emails in French and Arabic, including emails about political activity in the country. Anonymous claimed that the cache also includes bank transaction records and invoices from year's Tunisian election campaign.

In the United Kingdom, meanwhile, the government's Home Office website was offline for several hours on Saturday, and Anonymous claimed responsibility.

Secure Sockets Layer isn't perfect, but there are ways to optimize it. The new Web Encryption That Works supplement from Dark Reading shows four places to start. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice post
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1750
Published: 2015-07-01
Open redirect vulnerability in nokia-mapsplaces.php in the Nokia Maps & Places plugin 1.6.6 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the href parameter to page/place.html. NOTE: this was originally reported as cross-sit...

CVE-2014-1836
Published: 2015-07-01
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.

CVE-2015-0848
Published: 2015-07-01
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.

CVE-2015-1330
Published: 2015-07-01
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vecto...

CVE-2015-1950
Published: 2015-07-01
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report