Risk
8/15/2011
12:29 PM
Connect Directly
RSS
E-Mail
50%
50%

BART Braces For More Attacks From Anonymous

The SF Bay area's transit agency expects more website disruptions after an attack over the weekend.

Strategic Security Survey: Global Threat, LocalPain
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full slideshow)
One of the San Francisco Bay Area's transportation systems is bracing itself for more hack attacks Monday after a data breach by Anonymous over the weekend that affected thousands of Bay Area residents.

The hactivist group infiltrated a Bay Area Rapid Transit (BART) website called MyBart.org and stole personal identification data on thousands of users, which it posted online. Anonymous notified people of the hack on one of the Twitter feeds it uses, @Anonymous IRC. BART provides train service in and around the city of San Francisco.

On Sunday BART officials warned users that the organization's online services--used by nearly 2 million customers a month--may be subject to a disruption of service due to another attack, although BART was doing everything it could to defend its website and keep services up and running.

They also stressed that BART's website infrastructure is separate from any networks running BART transportation services, so train service would not be affected by any further hacks.

Anonymous said the attack was inspired by two recent shootings by BART police and the agency's shutdown of a mobile network available in trains and BART stations to quell a protest last week over one of those shootings, which resulted in the death of a homeless man.

"We do not tolerate oppression from any government agency," Anonymous said in notes on its posting of MyBart.org information. "BART has proved multiple times that they have no problem exploiting and abusing the people."

In its so-called Op BART Action post, Anonymous released information such as the names, home addresses, email addresses, and phone numbers of at least 2,400 Bay Area residents, which were notified by BART after the intrusion, officials said in a post Sunday on its website. They also apologized about the incident and temporarily shut down MyBart.org.

BART has notified law enforcement agencies, including the FBI and the Department of Homeland Security, about the attack.

Meanwhile, Anonymous, which appears to be losing no steam after months of stepped-up attacks in collaboration with AntiSec and the now-defunct LulzSec groups, tweeted that it will be releasing more stolen information later this week.

"We been busy the last 2 days, but: There will be some wild #AntiSec leak crossing your course this week, all (allied) vessels: stay tuned!" according to an @AnonymousIRC tweet.

At a full-day virtual event, InformationWeek and Dark Reading editors will talk with security experts about the causes and mistakes that lead to security breaches, both from the technology perspective and from the people perspective. It happens Aug. 25. Register now.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.