Risk
8/15/2011
12:29 PM
Connect Directly
RSS
E-Mail
50%
50%

BART Braces For More Attacks From Anonymous

The SF Bay area's transit agency expects more website disruptions after an attack over the weekend.

Strategic Security Survey: Global Threat, LocalPain
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full slideshow)
One of the San Francisco Bay Area's transportation systems is bracing itself for more hack attacks Monday after a data breach by Anonymous over the weekend that affected thousands of Bay Area residents.

The hactivist group infiltrated a Bay Area Rapid Transit (BART) website called MyBart.org and stole personal identification data on thousands of users, which it posted online. Anonymous notified people of the hack on one of the Twitter feeds it uses, @Anonymous IRC. BART provides train service in and around the city of San Francisco.

On Sunday BART officials warned users that the organization's online services--used by nearly 2 million customers a month--may be subject to a disruption of service due to another attack, although BART was doing everything it could to defend its website and keep services up and running.

They also stressed that BART's website infrastructure is separate from any networks running BART transportation services, so train service would not be affected by any further hacks.

Anonymous said the attack was inspired by two recent shootings by BART police and the agency's shutdown of a mobile network available in trains and BART stations to quell a protest last week over one of those shootings, which resulted in the death of a homeless man.

"We do not tolerate oppression from any government agency," Anonymous said in notes on its posting of MyBart.org information. "BART has proved multiple times that they have no problem exploiting and abusing the people."

In its so-called Op BART Action post, Anonymous released information such as the names, home addresses, email addresses, and phone numbers of at least 2,400 Bay Area residents, which were notified by BART after the intrusion, officials said in a post Sunday on its website. They also apologized about the incident and temporarily shut down MyBart.org.

BART has notified law enforcement agencies, including the FBI and the Department of Homeland Security, about the attack.

Meanwhile, Anonymous, which appears to be losing no steam after months of stepped-up attacks in collaboration with AntiSec and the now-defunct LulzSec groups, tweeted that it will be releasing more stolen information later this week.

"We been busy the last 2 days, but: There will be some wild #AntiSec leak crossing your course this week, all (allied) vessels: stay tuned!" according to an @AnonymousIRC tweet.

At a full-day virtual event, InformationWeek and Dark Reading editors will talk with security experts about the causes and mistakes that lead to security breaches, both from the technology perspective and from the people perspective. It happens Aug. 25. Register now.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio