Vulnerabilities / Threats
2/28/2013
10:16 AM
50%
50%

Anonymous: 10 Things We've Learned In 2013

The Anonymous hacker group continues to seek equal measures of revenge, justice and reform -- preferably through chaotic means -- for perceived wrongdoings.
Previous
1 of 10
Next


Anonymous continues to evolve. After launching online attacks against the Church of Scientology in 2008, Anonymous gained renewed energy with distributed denial-of-service (DDoS) attacks in 2010 against PayPal, MasterCard and other organizations it accused of blockading financial payments to WikiLeaks.

Since then, the loosely organized and chaos-loving hacktivist collective has continued stealing and dumping -- doxing -- data from businesses, government agencies and individuals that the group's members disliked, gaining further notoriety with high-profile breaches of HBGary Federal, private intelligence firm Strategic Intelligence (better known as Stratfor), consumer electronics giant Sony and even an FBI transatlantic cybercrime coordination call. Along the way, a limelight-seeking spinoff, LulzSec, and subsequent re-merger in the form of Operation AntiSec, helped further burnish the Anonymous brand.

At least, that is, until authorities caught up with alleged key members, leading to multiple arrests and convictions. Worst of all for Anonymous supporters, court documents revealed that founding father and LulzSec leader Sabu -- real name: Hector Xavier Monsegur -- had been busted by the FBI in June 2011 and within a day of his arrest turned informant. In short order, U.S. and British authorities claimed to have collared the ringleaders of the attacks launched against not just Sony and Stratfor, but numerous police departments and businesses. Far from being a group without a leader, authorities said, the Anonymous and LulzSec attacks had been carried out by a few key people, typically by exploiting known vulnerabilities in websites.

But with the alleged ringleaders facing jail time, the Anonymous brand didn't seem to suffer. Notably, Anonymous groups in specific geographies, including Mexico, South America, France and beyond, began promoting a more local and overtly political agenda.

In the United States, meanwhile, the group appeared to gain new impetus in January 2013, after Internet activist Aaron Swartz committed suicide. The co-founder of Reddit had been facing a potential jail sentence of at least 35 years after being arrested in 2011 for illegally gaining access to the JSTOR academic database and downloading millions of articles that had been funded by the U.S. government, and which he planned to post for free. Ultimately, he never did so, and after he agreed to unspecified damages, as well as to delete all of the data he'd downloaded, officials at JSTOR considered the case to be closed. Federal prosecutors and the Massachusetts Institute of Technology, however, pressed ahead, ultimately charging Swartz -- who'd long suffered from depression -- with 13 felony violations.

In the wake of Swartz's death, Anonymous focused its efforts on reforming an issue already near and dear to many members' hearts: The 1986 Computer Fraud and Abuse Act (CFAA) law that's often used to prosecute hackers, and punishing anyone it felt was responsible for contributing to Swartz's death. Cue website defacements and takedowns.

Read on to catch up on the latest Anonymous developments.

Photo courtesy of Flickr user Edans.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:38:40 PM
re: Anonymous: 10 Things We've Learned In 2013
eslamp 248
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:38:29 PM
re: Anonymous: 10 Things We've Learned In 2013
top covere pix
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:38:11 PM
re: Anonymous: 10 Things We've Learned In 2013
my friends
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:36:39 PM
re: Anonymous: 10 Things We've Learned In 2013
eslampop785
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:36:30 PM
re: Anonymous: 10 Things We've Learned In 2013
eslampop
EslamP248
50%
50%
EslamP248,
User Rank: Apprentice
8/15/2013 | 10:14:14 PM
re: Anonymous: 10 Things We've Learned In 2013
facebook
majenkins
50%
50%
majenkins,
User Rank: Apprentice
4/24/2013 | 5:10:14 PM
re: Anonymous: 10 Things We've Learned In 2013
Revenge yes, justice only their own eyes, and reform only to remake the world to comform their ideas.
PJS880
50%
50%
PJS880,
User Rank: Ninja
3/14/2013 | 11:12:35 PM
re: Anonymous: 10 Things We've Learned In 2013
Great article but I have to agree with Leo, I dislike reading these articles for that reason alone. All though the topics are of interest, I donG«÷t have the patience. I also have to disagree with Jonathan on his views on people and their awareness about their online security. I believe because of all the attacks and breeches and the general publicG«÷s knowledge is constantly increasing, which was the exact opposite in the past.

Paul Sprague
InformationWeek Contributor
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Apprentice
3/5/2013 | 9:47:33 PM
re: Anonymous: 10 Things We've Learned In 2013
I hadn't heard of this Rustle League incident before. Hackers hacking hackers. I wonder if all of the news surrounding hacking and cybercrime lately could put a big enough dent in people's trust in the internet to actually change people's behavior. Will people start taking their individual online security more seriously? Personally, I doubt it. I feel like we have already developed a sort of blind trust in the internet because it makes our lives so convenient that we don't even want to consider what would happen if our online credentials were compromised.
Leo Regulus
50%
50%
Leo Regulus,
User Rank: Apprentice
3/3/2013 | 8:54:42 PM
re: Anonymous: 10 Things We've Learned In 2013
Information Week only had one important New Year's Resolution this year. '"No Slide Show Articles with out a prominent 'View-as-one-page' link." How's that working out for you so far?
Page 1 / 2   >   >>
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2382
Published: 2014-11-20
The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function.

CVE-2014-3625
Published: 2014-11-20
Directory traversal vulnerability in Pivitol Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.

CVE-2014-8387
Published: 2014-11-20
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.

CVE-2014-8493
Published: 2014-11-20
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.

CVE-2014-8767
Published: 2014-11-20
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?