Risk
8/15/2011
12:29 PM
50%
50%

BART Braces For More Attacks From Anonymous

The SF Bay area's transit agency expects more website disruptions after an attack over the weekend.

Strategic Security Survey: Global Threat, LocalPain
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full slideshow)
One of the San Francisco Bay Area's transportation systems is bracing itself for more hack attacks Monday after a data breach by Anonymous over the weekend that affected thousands of Bay Area residents.

The hactivist group infiltrated a Bay Area Rapid Transit (BART) website called MyBart.org and stole personal identification data on thousands of users, which it posted online. Anonymous notified people of the hack on one of the Twitter feeds it uses, @Anonymous IRC. BART provides train service in and around the city of San Francisco.

On Sunday BART officials warned users that the organization's online services--used by nearly 2 million customers a month--may be subject to a disruption of service due to another attack, although BART was doing everything it could to defend its website and keep services up and running.

They also stressed that BART's website infrastructure is separate from any networks running BART transportation services, so train service would not be affected by any further hacks.

Anonymous said the attack was inspired by two recent shootings by BART police and the agency's shutdown of a mobile network available in trains and BART stations to quell a protest last week over one of those shootings, which resulted in the death of a homeless man.

"We do not tolerate oppression from any government agency," Anonymous said in notes on its posting of MyBart.org information. "BART has proved multiple times that they have no problem exploiting and abusing the people."

In its so-called Op BART Action post, Anonymous released information such as the names, home addresses, email addresses, and phone numbers of at least 2,400 Bay Area residents, which were notified by BART after the intrusion, officials said in a post Sunday on its website. They also apologized about the incident and temporarily shut down MyBart.org.

BART has notified law enforcement agencies, including the FBI and the Department of Homeland Security, about the attack.

Meanwhile, Anonymous, which appears to be losing no steam after months of stepped-up attacks in collaboration with AntiSec and the now-defunct LulzSec groups, tweeted that it will be releasing more stolen information later this week.

"We been busy the last 2 days, but: There will be some wild #AntiSec leak crossing your course this week, all (allied) vessels: stay tuned!" according to an @AnonymousIRC tweet.

At a full-day virtual event, InformationWeek and Dark Reading editors will talk with security experts about the causes and mistakes that lead to security breaches, both from the technology perspective and from the people perspective. It happens Aug. 25. Register now.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8802
Published: 2015-01-23
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.

CVE-2014-9623
Published: 2015-01-23
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quote and cause a denial of service (disk consumption) by deleting an image in the saving state.

CVE-2014-9638
Published: 2015-01-23
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CVE-2014-9639
Published: 2015-01-23
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

CVE-2014-9640
Published: 2015-01-23
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.