Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Anonymous Takes On State Department, More Banks

Hacktivist group says it will release work email addresses for more than 170 U.S. State Department employees in fifth round of Operation Last Resort attacks.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
The Anonymous hacktivist collective announced that for Presidents' Day, it hacked the U.S. State Department.

Under the flag of "Operation Last Resort," the group Monday claimed "we still have our warheads armed" and announced that for "round five" in its attack campaign, it was releasing information gleaned from a State Department database. The data dump -- or dox -- appeared to include work email addresses for over 170 U.S. State Department employees, as well as some biographical details, and to have been pulled from a database entitled "test_hrwg_careers_usa_ctc_com."

"Our reasons for this attack are very simple. You've imprisoned or either censored our people. We will not tolerate things as such," according to a message included in the Anonymous data dump. "Aaron Swartz this is for you, this is for Operation Last Resort," it said.

[ Want more on Anonynous? Read Anonymous Says DDoS Attacks Like Free Speech. ]

A spokesman for the State Department didn't immediately return a call seeking a request for comment about the assertion by Anonymous that it had hacked into and released data from one of the agency's databases.

The Anonymous Operation Last Resort campaign was launched in the wake of the suicide of Internet activist Aaron Swartz, who had long suffered from depression, and who was facing a 35-year jail sentence after being arrested in 2011 on hacking charges. Those charges stemmed from Swartz allegedly downloading millions of articles from the JSTOR academic database, in part via a Massachusetts Institute of Technology server closet. In the wake of Swartz's death, many legal experts -- as well as Anonymous -- have called for a reform of the country's computer hacking laws.

As noted by Operation Last Resort, the State Department dox was the fifth round of its attacks made in Swartz's memory. For those keeping score, the group executed three rounds of hacks against U.S. government websites and databases, as well as other entities involved in Swartz's case. That included leaking credentials for 4,000 U.S. banking executives that had been obtained from the Federal Reserve System, hacking and defacing the U.S. Sentencing Commission website, and hacking MIT. The group appeared to fail in its fourth bid, however, which was to interrupt the live stream of President Obama's State of the Union address last week.

Are the Anonymous attacks just publicity for the reform of computer crime laws that the group has been demanding? In fact, the attacks appear to have been more damaging than simple defacements or database dumps. Indeed, more than a month after Anonymous launched its attack against the U.S. Sentencing Commission's website, the site appears to remain hobbled, and features only a single "under construction" page, which displays key agency phone numbers, a "save the date" note for a national training seminar, and a link to an external U.S. government website for comment on "Federal Register Notice of Proposed 2013 Amendments to Federal Sentencing Guidelines and Request for Public Comment."

Furthermore, when the agency needed to distribute a major new report on federal sentencing practices that stretched to thousands of pages, it had to find someone else to distribute the report online, reported The Wall Street Journal. The agency reached out to Ohio State University law professor Douglas A. Berman, who posted it on his website.

"I would like to believe our government is functional enough to find some other way to get this out officially," Berman told the Journal. "I don't want to be the only reporter of record for all this material." Currently, however, the commission's single website page currently says that anyone inquiring into the report should contact the agency's office of public affairs, by telephone.

Anonymous, in a separate effort, also claimed Monday to have doxed the investment banking firm George K. Baum & Company by releasing copies of some customer records via ZeroBin. That information appears to include email addresses and account numbers for over 150 customers. Why hack that firm? Via Twitter, Anonymous claimed that the investment bank had ties to private intelligence firm Strategic Forecasting Inc., better known as Stratfor, which was reportedly hacked in 2011 by members of LulzSec and Anonymous. Authorities have accused alleged LulzSec participant Jeremy Hammond of masterminding the Stratfor hack, among other crimes. If convicted of all charges, Hammond faces life in prison. Anonymous also defaced the George K. Burn website, uploading a page that read: "We also know about your finances here Government of the United States ... Are u sure you want to continue this game?" The page was removed from the website by Tuesday.

Of course, Anonymous isn't the only hacktivist group with designs on American institutions. Notably, the Izz ad-Din al-Qassam Cyber Fighters have also threatened to resume their campaign of U.S. banking website disruptions. "We had warned formerly in the event that the offensive films wouldn't remove, we will be forced to resume Operation Ababil," said a Pastebin post uploaded Tuesday.

The Muslim group's distributed denial-of-service (DDoS) attacks against banks were launched last year, supposedly in retaliation for the uploading to YouTube of a copy of a film that mocks the founder of Islam. To date, various copies of the film have amassed tens of millions of hits on YouTube, although the originally uploaded film was removed from the site last month, apparently by the filmmaker. At the time, the al-Qassam Cyber Fighters claimed partial victory in their campaign to rid the Internet of the film, but said it was still holding the U.S. government responsible for excising the other copies.

The group repeated those demands in its Tuesday missive. "We now warn you seriously that remove the copies of the film and don't make much more trouble for yourselves and online users of the banks, there is not much time remaining," it said.

Offensive cybersecurity is a tempting prospect. It's also way too early to go there. Here's what to do instead. Also in the new, all-digital Nuclear Option issue of InformationWeek: Military agencies worldwide are figuring out the tactics and capabilities that will be critical in any future cyber war. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Andrew Hornback
Andrew Hornback,
User Rank: Apprentice
2/21/2013 | 3:30:25 AM
re: Anonymous Takes On State Department, More Banks
Maybe the DoD/DHS should consult with Mossad to see what they did when Anonymous threatened the Knesset? That seemed to work pretty well.

I'm also guessing that the IT staff at the US Sentencing Commission have learned a valuable, if not very hard, lesson here - backups are quite important.

Interesting juxtaposition in the story here, Anonymous (who proport to be all about Freedom of Speech), and the al-Qassam folks who are attacking banking institutions over someone unaffiliated with them utilizing their Freedom of Speech. Why don't these two organizations go after one another, since they're evidently diametrically opposed to one another, and leave the rest of us out of it?

Andrew Hornback
InformationWeek Contributor
User Rank: Apprentice
2/20/2013 | 3:08:05 PM
re: Anonymous Takes On State Department, More Banks
An interesting way to celebrate Presidents' Day.

I bought socks, as our founding fathers intended.

Jim Donahue
Copy Chief
Deirdre Blake
Deirdre Blake,
User Rank: Apprentice
2/19/2013 | 9:24:20 PM
re: Anonymous Takes On State Department, More Banks
Anonymous is not going away.This latest hack is relatively benign, but the egg on the face of the feds is getting pretty thick.
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-27
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)
PUBLISHED: 2021-01-27
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
PUBLISHED: 2021-01-27
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to
PUBLISHED: 2021-01-27
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to
PUBLISHED: 2021-01-27
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to