Hack Attacks Proliferate with CIA, State of Alabama Latest Victims
Hackers are on a spree again with the latest infiltration of websites run by the CIA and the state of Alabama, an alarming trend that lays bare the ease and frequency with which they seem to be able to cause mischief.
Anonymous appears to be the most recent culprit. Computer hackers claiming affiliation with the hacking group on Friday penetrated several websites, including those run by the U.S. spy agency, the state of Alabama, and a large number of sites in Mexico. The day before, the United Nations website was also hit, although Anonymous doesn’t appear to be involved with that attack.
According to CNN, messages on Twitter and Tumbler February 10 indicated members of the loosely-structured hacking network were celebrating the shutdown of the CIA's website. While the site is working now, it was out of commission for several hours Friday night.
Anonymous also accessed Alabama state servers, and said in a press release that it did so in retaliation for "racist" immigration legislation. In its diatribe against the state, Anonymous said it had gained information about more than 46,000 citizens, including full legal names, Social Security Numbers, license plate numbers, dates of birth, phone numbers, addresses, and criminal records, although the group said it deleted the data.
Anonymous said its goal with the Alabama hack attack also was to point out "the amount of incompetence that is taking place within the state government in Alabama." It said "this data was not securely segregated from the Internet, nor was it properly encrypted. This is what happens when not enough resources are spent on proper design and the training that comes with it."
The U.N. has also been criticized for its lax security protocols that allowed a hacker to infiltrate its website on Thursday and release a list of the organization's potential vulnerabilities.
According to MyFox New York, the security firm Identity Finder says it looks like the U.N. was not using basic web security and that a simple SQL injection attack (SQLIA) was what enabled the hacker to gain access to the U.N.'s database.
And Friday night, one Twitter account associated with Anonymous indicated the group was responsible for taking down scads of websites in Mexico in protest of anti-piracy laws.
Even security companies who make their living protecting people from such attacks are not immune. Earlier this week, Anonymous made public the source code of Symantec's pcAnywhere.
The week before, Anonymous secretly recorded a conference call between the FBI, U.K. authorities, and other foreign police agencies, and then posted the recorded conversation online, a move that made a mockery, once again, of efforts to combat the hackers.
And last month, Anonymous claimed responsibility for attacks that took down websites run by Universal Music, the U.S. Department of Justice and the Recording Industry Association of America in retaliation for the government's removal of the Megaupload websites.
There's more. If you want to see the larger breadth of Anonymous' hacking feats so far this year, check out PCWorld's coverage.