Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

9 Ways Hacktivists Shocked The World In 2012

Despite the arrests of alleged LulzSec and Anonymous ringleaders, ongoing attacks -- including Muslim hackers disrupting U.S. banks -- prove hacktivism remains alive and well.

Hacking websites, cracking databases, leaving behind defacements and releasing untold amounts of purloined information has been happening for years. The exploits of hackers appeared to reach new heights last year, in the wake of 2011's high-profile attacks against HBGary Federal, Sony and numerous government websites, together with the debut -- and self-imposed demise -- of the sharp-tongued hacktivist group LulzSec.

Yet, throughout 2012, hacking exploits continued unabated, with still more attacks targeting and obtaining sensitive information from governments, law enforcement agencies, businesses and more. Furthermore, the exploits continued despite the surprising news that the leader of LulzSec had not only been busted in 2011, but worked with the FBI to help snare his Anonymous associates.

Here are nine notable ways that hackers and hacktivism have remained in the headlines in 2012:

1. Anonymous Hacks FBI Cybercrime Conference Call

The LulzSec gang announced its retirement in June 2011, and while some alleged members, such as Jake Davis -- accused of being the group's spokesman, "Topiary" -- were arrested, at the beginning of 2012, many participants appeared to be still at large.

[ Rules and regulations may be friends or a foes. See S.C. Security Blunders Show Why States Get Hacked. ]

Come February 2012, elements of Anonymous even took down the CIA's public-facing website, and leaked an FBI conference call in which investigators coordinated Anonymous and LulzSec participants'' arrests. Curiously, however, key details -- such as the alleged hacktivists' names -- had been blanked out of the audio file that was ultimately released.

2. Stratfor Hack Upends Private Sector Intelligence Provider

Also in February, Anonymous announced the release of a trove of emails and personal data stored by Strategic Forecasting, better known as Stratfor, which is an intelligence contractor. A member of Anonymous -- who turned out to be LulzSec leader Sabu -- reported that the plaintext emails and customer information had been obtained by exploiting known vulnerabilities in the Stratfor network. Ultimately, the breach exposed personal information on 860,000 Stratfor customers, 60,000 credit card numbers and a massive trove of emails between Stratfor and its sources.

3. Hacker King Turns Informant: Feds Reveal Sabu Bust

Come March, the FBI announced the arrest of five principal members of Anonymous and LulzSec, accused of hacking into the websites of Sony, PBS and Stratfor, amongst other organizations. In retrospect, the blanked-out audio of the released FBI conference call might have been a giveaway, as court documents unsealed after the arrests revealed that LulzSec leader Sabu -- real name, Hector Xavier Monsegur -- had himself been arrested back in June 2011.

Facing the potential of serious jail time for alleged identity theft, Sabu quickly turned informer and began working around the clock to help investigators counter emerging attacks, as well as bust high-profile Anonymous participants. Since the March arrests, prosecutors have continued to expand the case, including arresting Jeremy Hammond, the alleged ringleader of the Stratfor hack.

4. Hacktivists Drive Global Law Enforcement Agencies To Unite

One side effect of the rise in hacktivism has been increased cooperation -- no need for cybercrime treaties -- between law enforcement agencies in various countries. "A lot of people think this is just a bunch of kids fooling around, but in reality, it's not, it can destroy your business," said Eric Strom, the unit chief for the cyber initiative and resource fusion unit in the FBI's cyber division, at the RSA conference in San Francisco in February. "You know, market share goes down and you're talking about significant damage to a company."

Asked at the conference what the FBI was doing about the problem -- months after the bureau had secretly turned Sabu, but just days before busting the alleged higher-ups in Anonymous and LulzSec -- Strom kept his cards close to his chest. "So let's put it this way, the FBI has put a lot of resources towards this problem ... it's not something that we just look at as a small issue, we have a lot of people around the country working this, as well as around the world, so companies should do the same."

But Strom said the word "hacktivism" meant little to the bureau. Instead, he said the FBI attempted to differentiate between people's online freedoms of assembly and speech versus clear evidence of law-breaking.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
jaysimmons
50%
50%
jaysimmons,
User Rank: Apprentice
12/25/2012 | 6:45:47 PM
re: 9 Ways Hacktivists Shocked The World In 2012
There are mixed feelings behind GǣhacktivismGǥ. On one hand it does release information that can shed light on issues important to the public, while on the other it can also be used to push certain groups own agendas. I find it particularly amusing how in the #1 case from this article the names of hackers in the audio file were blanked out; a group that claims to be about leaking raw information to the public, yet edit the file that was released to the public loses whatever little integrity they had.

Jay Simmons
Information Week Contributor
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18214
PUBLISHED: 2019-10-19
The Video_Converter app 0.1.0 for Nextcloud allows denial of service (CPU and memory consumption) via multiple concurrent conversions because many FFmpeg processes may be running at once. (The workload is not queued for serial execution.)
CVE-2019-18202
PUBLISHED: 2019-10-19
Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests.
CVE-2019-18209
PUBLISHED: 2019-10-19
templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer.
CVE-2019-18198
PUBLISHED: 2019-10-18
In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.
CVE-2019-18197
PUBLISHED: 2019-10-18
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclo...