Anonymous Cracks Cops Data Again

The "hacktivist" Anonymous operation known as AntiSec released a 7.4 GB file with emails and personal information from 56 different law enforcement agencies.

Mathew J. Schwartz, Contributor

August 8, 2011

4 Min Read
Dark Reading logo in a gray background | Dark Reading

The Anonymous-driven "hacktivist" operation known as AntiSec over the weekend released a trove of files relating to law enforcement organizations in the United States, as well as Columbia and Ecuador, while defacing websites and social media pages belonging to the Syrian and Columbian governments.

On Saturday, the group uploaded a 7.4 GB file dubbed "Shooting the Sheriffs," via BitTorrent, containing more than 300 email boxes from 56 different law enforcement domains, more than 7,000 Missouri sheriffs' personal details (usernames, passwords, home addresses, telephone numbers, and social security numbers), as well as online police training files and a list of 60 people who fed Anonymous-related tip to a "report a crime" hotline.

"We are doing this in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system," according to the file summary.

Topiary refers to the handle of the spokesperson for LulzSec, who British police allege is Jake Davis, 18. Davis was arrested in Scotland last month and charged with five counts of computer misuse, including unauthorized access to a computer system, encouraging or assisting offenses, conspiracy to carry out distributed denial of service attacks (DDoS), as well as conspiracy to commit computer misuse offenses. Likewise, LOIC refers to the tool used by Anonymous participants to create a DDoS attack against the PayPal website. Last month, the FBI made a number of related arrests.

In this latest incident, members of AntiSec obtained the law enforcement data from websites managed by Brooks-Jeffrey Marketing (BJM). According to the AntiSec post, it exploited a vulnerability in BJM's servers to gain access and copied away the data, all over a 24-hour period.

According to news reports, BJM realized last month that multiple law enforcement websites that it hosts had been breached, at which point it took them offline and alerted the FBI. But according to the AntiSec post, BJM failed to fix the underlying vulnerability or eradicate AntiSec's backdoor code before putting new sites online. "We were surprised and delighted to see that not only did they relaunch a few sites less than a week later, but that their 'bigger, faster server that offers more security' carried over our backdoors from their original box," said the AntiSec statement. "This time we were not going to hesitate to pull the trigger: in less than an hour we rooted their new server and defaced all 70+ domains while their root user was still logged in and active."

AntiSec said it also created a back door into the BJM online store, captured some credit card numbers, and used them "to make involuntary donations to the ACLU, the [Electronic Freedom Foundation], the Bradley Manning Support Network, and more."

Beyond the BJM-related activities, over the weekend, AntiSec also defaced the Syrian ministry of defense website, to protest the government's deadly crackdown against protestors, while a group calling itself "LulzSec Brazil" leaked 8 GB of federal police data. Meanwhile, AntiSec also claimed credit for defacing Facebook and Twitter accounts belonging to German Vargas Lleras, Columbia's minister of the interior, to protest a new copyright law. The group also released information about 45,000 police officers in Ecuador after the government threatened to prosecute Anonymous participants.

In related news, British police last week released a statement via TweetDeck saying that investigations into LulzSec and Anonymous continue, and warned that launching DDoS attacks, from or against Britain, are illegal.

"Anyone considering accessing a computer without authority should understand that such acts are unlawful and can carry a term of imprisonment," said the statement. "Under U.K. legislation, it is an offense if a person acts from within the U.K. upon a computer anywhere else in the world. It is also an offence [for] someone anywhere else in the world to criminally affect a computer within the U.K."

In particular, Britain's Computer Misuse Act 1990 outlaws "acts of unauthorized access to personal accounts, [DDoS] attacks, and intrusive hacks where data is taken or systems changed," according to the statement. Penalties range from up to two years of imprisonment for unauthorized access to a computer, or up to 10 years in combination with modifying data on the computer or impeding its operation. "In the past, hacktivists have compared their activities to legitimate civil disobedience--but such a view is not a defense if suspected hackers are brought to court," said Graham Cluley, senior technology consultant at Sophos, in a blog post.

Bringing suspected hacktivists to court appears to be a priority in Britain. On Friday, U.K. newspaper The Guardian reported that Britain's cyber crime police unit size has quadrupled--to 85 officers--over the past two months, and its budget increased by 30 million pounds ($49 million), as the unit investigates hacktivist groups.

In this new Tech Center report, we profile five database breaches--and extract the lessons to be learned from each. Plus: A rundown of six technologies to reduce your risk. Download it here (registration required).

About the Author

Mathew J. Schwartz

Contributor

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights