December 8, 2012 in Federal Bureau of Investigation
In February and March 2012, unauthorized IP addresses accessed the Industrial Control System (ICS) network of a New Jersey air conditioning company, US Business 1. The intruders were able to access a backdoor into the ICS system that allowed access to the main control mechanism for the company’s internal heating, ventilation, and air conditioning (HVAC) units. US Business 1 was using the Tridium Niagara ICS system, which has been widely reported in the media to contain multiple vulnerabilities that could allow an attacker to remotely control the system.
March 7, 2012 in United States
Indictments and criminal complaints for Anonymous/LulzSec members Sabu, Kayla, Topiary, Anarchaos, Palladium, Pwnsauce released March 6, 2012.
February 15, 2012 in U.S. Army
Currently, the intelligence warfighting function includes a formidable set of capabilities across all echelons from “mud-to-space.” This flexible force of personnel, organizations, and equipment collectively provides commanders with the timely, relevant, accurate, predictive, and tailored intelligence they need. We provide the intelligence that continuously supports the commander in visualizing the operational environment, assessing the situation, and directing military actions through ISR synchronization and the other intelligence tasks. The intelligence warfighting function is comprised of nine powerful intelligence disciplines. Eight of those disciplines essentially feed the discipline of all-source intelligence which in turn is focused on the commanders’ requirements. Technological advances have enabled single-discipline analysts to leverage other analysts and information and to conduct multi-discipline analysis to an extent not possible in the past. However, all-source intelligence is still the nexus that integrates information and intelligence from all units and the other intelligence disciplines.
December 18, 2011 in California, Intelligence Fusion Centers
US citizens and assets – including the White House, the Central Intelligence Agency, InfraGard, the state of Arizona, and major defense contracting companies – experienced high-profile cyber threats and attacks in the first half of 2011. Most of the tactics and techniques used were not new, however the increase in attacks during the past few months exemplifies the growth of cyber incursions and reinforces the need to be aware of risks and mitigation techniques associated with cyber threats.
December 18, 2011 in Federal Bureau of Investigation
The FBI assesses with high confidence a that law enforcement personnel and hacking victims are at risk for identity theft and harassment through a cyber technique called “doxing.” “Doxing” is a common practice among hackers in which a hacker will publicly release identifying information including full name, date of birth, address, and pictures typically retrieved from the social networking site profiles of a targeted individual.
December 13, 2011 in California, Intelligence Fusion Centers
The purpose of this bulletin is officer awareness. Officers should know that instigators involved in violent demonstrations might be familiar with, and might try to apply, techniques from the “Crowd Control and Riot Manual.” The handbook, from Warrior Publications teaches protestors how to defeat law enforcement crowd control techniques. Although it does not address specific groups or organizations, the information is widely applicable.
December 5, 2011 in Department of Homeland Security
The loosely organized hacking collective known as “Anonymous” has announced through several mediums that they plan on conducting cyber attacks, peaceful protests, and other unspecified activity targeting a variety of organizations. The purpose of this product is to judge the likelihood of occurrence for these events, as well as the potential impact.
October 26, 2011 in Headline
The following photos taken in October 2011 demonstrate the global distribution of support for the ideas of the hacktivist group known as Anonymous. Protesters wearing Anonymous’ trademark Guy Fawkes mask are pictured in Rome, Vienna, Lisbon, Toronto, Ljubljana, Berlin, Los Angeles, Paris, Amman, New York, Washington D.C., Florida, Miami, Mexico City, Bucharest, Stockholm, Brasilia, Seoul and [...]
October 17, 2011 in Department of Homeland Security
The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting industrial control systems (ICS). This product characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in coordination with the other NCCIC components.
October 14, 2011 in Department of Homeland Security
The hacker collective known as ‘Anonymous’ has successfully attacked a wide range of public and private sector entities since 2003 with relatively crude tools. Historically, they rely on tools such as the Low Orbit Ion Cannon (LOIC) or Botnets to deny access to websites, or hijack or deface web pages and post quasi-political statements, or perform other malicious activity. Since many of these older tools made it relatively easy for law enforcement and other government forces to identify the source of an attack and then arrest the perpetrator, Anonymous members may have recognized a need to have more advanced tools that offered a lesser degree of exposure. They recently claimed to have developed and possibly employed several new cyber attack tools for use in their self-proclaimed ‘internet civil disobedience’ campaigns. The NCCIC, coordinating with several of its partners, believes there are at least four new tools being shared among and employed by Anonymous members: #RefRef, Apache Killer, Anonware, and Universal Rapid Gamma Emitter (URGE).
October 14, 2011 in Federal Bureau of Investigation
The FBI assesses that the hacktivist group Anonymous is likely to participate in the “Day of Rage” protest scheduled for 17 September 2011 in New York City‟s financial district. While the extent of group members‟ participation in the event is unknown, in late August 2011 Anonymous endorsed the event through propaganda consisting of a video posted on YouTube and a campaign poster, as well as references in their Twitter accounts. In the past, Anonymous has been involved in physical protests that coincided with planned cyber attacks. This could indicate an intention to conduct a cyber attack in conjunction with the “Day of Rage” protest.
September 26, 2011 in Headline
Photos taken on September 24, 2011 of march to Union Square and subsequent arrests. Photographers Marnie Joyce, Brennan Cavanaugh and especially Paul Weiskel are to be commended for choosing to license their photos under a Creative Commons license. See also:
Occupy Wall Street Photos September 2011
Occupy Wall Street Protest Police State Photos
September 23, 2011 in California
U.S. District Court of Northern California Christopher Doyon and Joshua John Covelli Anonymous Santa Cruz DDoS Attack Indictment from September 21, 2011.
September 9, 2011 in Department of Homeland Security
Department of Homeland Security National Cyber Security Division presentation on “Cyber Resilience” with overviews of recent hacking incidents, including many connected with the hacktivist group Anonymous.
August 1, 2011 in Department of Homeland Security
This Bulletin is being provided for your Executive Leadership, Operational Management, and Security Administrators situational awareness. The actors who make up the hacker group “Anonymous” and several likely related offshoots like “LulzSec”, continue to harass public and private sector entities with rudimentary exploits and tactics, techniques, and procedures (TTPs) commonly associated with less skilled hackers referred to as “Script Kiddies”. Members of Anonymous routinely claim to have an overt political agenda and have justified at least a portion of their exploits as retaliation for perceived ‘social injustices’ and ‘freedom of speech’ issues. Attacks by associated groups such as LulzSec have essentially been executed entirely for their and their associates’ personal amusement, or in their own hacker jargon “for the lulz”.
July 21, 2011 in North Atlantic Treaty Organization
Comprehensive Agreements on Security of Information Within the North Atlantic Treaty Organization signed in June 2002.
July 21, 2011 in North Atlantic Treaty Organization
NATO Restricted Outsourcing Balkans Communications and Information Systems Support from January 2008.
July 19, 2011 in California
U.S. District Court of Northern California indictment of sixteen people filed July 13, 2011 in connection with Anonymous DDoS attacks on PayPal.
July 8, 2011 in Department of Homeland Security
The National Cybersecurity and Communications Integration Center (NCCIC), through coordination with its partners and monitoring of multiple sources, is tracking reports that members of the hacktivist collectives ‘LulzSec’ and ‘Anonymous’ have combined their efforts and continue to perpetrate cyber attacks targeting U.S. and foreign networks. LulzSec Members have posted statements on the internet claiming the attacks, referred to as ‘Operation AntiSecurity’ (AntiSec), are ‘designed to demonstrate the weakness of general internet security’ and have allowed them to collect massive amounts of data. LulzSec is purported to be a group of former Anonymous members who typically use widely available and crude tools to hijack or deface web pages as a political statement. They also routinely post information regarding planned and ongoing activities on publicly available Internet Relay Chat (IRC) sessions and social networking sites like Twitter. Recent attacks by LulzSec and Anonymous have proven simple Tactics, Techniques and Procedures (TTPs) are often successful, even against entities who have invested a significant amount of time and capital into designing and securing their information networks.
March 14, 2011 in Corporate
Emails released by a member of Anonymous relating to the supposed concealment of mortgage fraud by Bank of America. Due to extreme interest, the main site distributing the documents (bankofamericasuck.com) has been intermittently inaccessible. Also, a somewhat confusing presentation makes the actual emails themselves difficult for some people to interpret. Text renditions of the emails contained in the leak are presented.
March 9, 2011 in Threats and Takedown Notices
A representative of Morgan Stanley has demanded the removal of a document originally released by the online hacktivist group Anonymous. Morgan Stanley’s Computer Emergency Response Team (CERT) Physical Memory Standard Operating Procedures is a 23-page document that details procedures written by HBGary employee Phil Wallisch for Morgan Stanley’s CERT. The original source of the document is an email from Phil Wallisch to the Morgan Stanley CERT in June 2010. The document is available in other formats from a variety of sites hosting the AnonLeaks HBGary files.