In a security bulletin, DHS' National Cybersecurity and Communications Integration Center (NCCIC) is warning that Anonymous is likely to target US intelligence agencies and critical infrastructure.
“Anonymous is likely targeting the IC because it views it as violating its core belief in total freedom of information. Additionally, following the release of government e-mail account data from the July 2011 Booz Allen compromise, an Anonymous operator stated on Twitter that, ‘We are working on two of the biggest releases for Anonymous in the last 4 years. Put your helmets on. It is war’”, the bulletin warned.
The NCCIC added: “Anonymous has also stated its intent to target companies related to certain critical infrastructure/key resources sectors. On 12 July 2011, Anonymous released personally identifiable information of approximately 2500 employees of U.S. agricultural company Monsanto, and claimed to have taken down corporate web assets and mail servers. Additionally, in a separate statement on 12 July 2011, Anonymous declared their intention to attack several U.S., Canadian, and British companies, including Exxon Mobil and ConocoPhillips, who were associated with development of oil sands in Alberta, Canada.”
The center said that Anonymous attacks so far have been unsophisticated but warned that a “higher-level actor” might provide the group with more advanced capabilities. “Therefore, it may be advisable to adjust monitoring of both internal and external resources for indications of a pending or ongoing attack on cyber or telecommunications networks”, it recommended.
The NCCIC advises US government agencies and private sector partners to “ensure they have processes in place to notify their leadership and network operators if their organization becomes a possible target by hacktivists or other malicious actors, and what notifications they are required or plan to make in the event of an attack.”