What the Anonymous attacks on MI5 and MI6 tell us

They join a growing list of government sites in both the UK and Sweden that have been attacked in protest against the treatment of Julian Assange, founder of WikiLeaks and currently blockaded by the UK police in the Ecuador embassy in London. The action against MI5 and MI6 was a mainstream Anonymous action. While Anonymous tends to use DDoS as its form of online protest, a separate hacking group known as NullCrew engages in actual hacking – breaking into computers and frequently dumping its spoils on sites such as Pastebin. One member of NullCrew, known as ‘0x00x00’ has been breaking into sites (such as the Northern Ireland Home Office) and pasting an Assange poster. NullCrew supports several Anonymous operations – including OpFreeAssange – but is not a part of Anonymous.

An Anonymous spokesperson yesterday told TechWeek Europe that the online protests were there to support the ongoing physical protest outside the Ecuador embassy: people on the ground and hackers and DDoS crews online. He added, “We have found [a] way to circumvent the government’s new security and we are testing different methods.”

Paul Lawrence, VP International Operations at Corero Network Security, finds this last statement particularly worrying. “Although these comments may be sensationalizing the attack that brought down both sites for just over an hour,” he said, “it should serve as fair warning to any government agency or business that operates online. A motivated hacker who has targeted your organization will find even the smallest of flaws in your security and exploit it.”

There are indeed indications that political activism is changing the nature of the online threat, with activist hackers becoming more and more targeted and focused in their actions. The dump of Apple UDIDs supposedly stolen from the FBI by AntiSec is a good example. Although the FBI has denied that it ever happened, many security commentators suspect that it could be true. Imperva’s Rob Rachwald is one. “This breach resembles a new innovation by hacktivists. Specifically, they targeted an individual in the same way government-sponsored hackers (a.k.a., APT hackers) would attack.”

It suggests that Anonymous is no longer content with mere DDoS as an online protest. And with skilled hacking teams like NullCrew and AntiSec replacing the defunct LulzSec, they have the ability to take their protest into, rather than merely against, high profile targets. “Any and every site can be a target,” said Lawrence, “and the sooner businesses and government agencies come to understand this, the sooner they can start putting in place measures to protect themselves, and limit the damage that an attack may cause.”

What’s Hot on Infosecurity Magazine?