Vulnerabilities / Threats
10/5/2011
11:57 AM
50%
50%

Anonymous Threatens New York Stock Exchange Attack

Calls for distributed denial-of-service attack as part of the Occupy Wall Street protests.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
A video that purports to be from the Anonymous hacktivist collective has called for a distributed denial-of-service (DDoS) attack to be launched against the New York Stock Exchange (NYSE).

"On October 10, NYSE shall be erased from the Internet, expect a day that will never, ever, be forgotten," according to a "message to the people" video posted to the AnonMessage YouTube channel on Friday. As with previous Anonymous communications, the video sports stirring music, stark visuals, and narration by a disembodied, synthesized voice. It also proposes using the Low-Orbit Ion Cannon (LOIC) DDoS tool, which is an open source network stress testing application, as "an option," but recommends that users "anonymize" themselves first. It also says that "we will have other (more powerful) means of taking down NYSE."

The FBI said it's investigating the Anonymous call to online arms. "The FBI is aware of these schemes and threats and is looking into the matter," FBI spokesman Tim Flannelly told FoxNews.com.

[ Learn the latest tactics that 'hacktivists' are using. Read WikiLeaks 'Hactivists' Target Fax Machines ]

But a post on Tuesday to the AnonOps Twitter feed, which has been a reliable source of information about Anonymous operations, called into question how many Anonymous members--if any--were planning to attack the NYSE. "We'll say it clear: We won't hack Wall Street. Please FBI invest the resources in better things!"

Likewise, a message posted to Pastebin under the Anonymous banner also disputed the video's authenticity. "It is a fake planted operation by law enforcement and cyber crime agencies in order to get you to undermine the Occupy Wall Street movement," said the post. "You must take all notices and information claiming to be 'Anonymous' with a grain of salt. Consider EVERYTHING."

In addition, no official Anonymous communication would encourage anyone to continue using "depreciated tools that have known flaws such as LOIC," according to the post. "Anonymous would never tell you to use LOIC--not after the arrests and failures of Operation Payback."

Indeed, the bureau, as well as law enforcement agencies abroad, continue to arrest suspects over LulzSec and Anonymous hacktivist attacks, for example relating to the breach of Sony's information security defenses, as well as attacks against the Serious Organized Crime Agency in the United Kingdom, and NATO servers. According to court documents, their investigations appear to be aided by people launching DDoS attacks and sometimes even using anonymizing tools, such as Tor, but still failing to fully disguise their IP address.

If the planned attack against the NYSE website isn't officially sanctioned by Anonymous, it does at least appear to fit with the group's previous modus operandi. Indeed, rather than attempting to knock NYSE trading offline, the video proposes attacking the NYSE website. Ranked by Alexa as being "one of the top 50,000 sites" on the Internet in terms of the amount of traffic it sees, the site isn't exactly high profile. But, as with the Anonymous pro-WikiLeaks attacks against the websites--but not payment processing systems--of such businesses as MasterCard and PayPal, the website takedowns-by-DDoS appear to be designed to publicize a cause, rather than compromise the companies' ability to do business.

Likewise, the DDoS attack planned for October 10 appears designed to support the current Occupy Wall Street protests in New York, which by Wednesday had been running for 19 consecutive days, as well as Occupy USA protests taking place around the country. "The events transpiring within Wall Street have gone awry; it seems that the government and federal agencies enjoy enforcing the law a little too much," according to the video supposedly released by Anonymous. "We witness the government enforcing the laws that punish the 99%, while allowing the 1% to escape justice unharmed for their crimes against the people."

Regardless, the FBI said that launching or intending to launch DDoS attacks is against the law. "It is a crime to show the intent to carry out a hack when you are in possession of software or computer applications to do so and we take it seriously," said Flannelly.

In "Becoming A Security Detective," this all-day virtual event from InformationWeek and Dark Reading, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. It happens Oct. 20. Sign up now. (Free with registration.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
UberGoober
50%
50%
UberGoober,
User Rank: Apprentice
10/6/2011 | 3:20:02 PM
re: Anonymous Threatens New York Stock Exchange Attack
Just a bunch of wannabe hippy losers blaming everyone but themselves for their own failure. Get a job!
Exit to Shell
50%
50%
Exit to Shell,
User Rank: Apprentice
10/5/2011 | 8:16:21 PM
re: Anonymous Threatens New York Stock Exchange Attack
Respect!? Anonymous is a bunch of 2 year olds.
JBUDDEMEYER000
50%
50%
JBUDDEMEYER000,
User Rank: Apprentice
10/5/2011 | 6:26:14 PM
re: Anonymous Threatens New York Stock Exchange Attack
at long last Anonymous gets some media attention and itGÇÖs nothing more than nefarious misinformation. when will the press stop playing it safe and give Anonymous both the respect and accurate coverage it deserves?
http://littlebiggy.org/4631847
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7241
Published: 2014-12-19
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.

CVE-2014-7249
Published: 2014-12-19
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 992...

CVE-2014-7267
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7268.

CVE-2014-7268
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7267.

CVE-2014-8272
Published: 2014-12-19
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.