Has Anonymous infiltrated US Government? The insider issue

In last months we have a long discussed about the security status of US networks and infrastructures, we have described the American cyber strategies and the main action proposed to protect the principal assets of the nations. One story in particular struck us deeply, that relating to the vulnerability of U.S. Government networks for admission of senior government officials are routinely hacked. Difficult to accept a reality that is disconcerting, one of the major superpowers in the world forefront of the technology is vulnerable to attack by hacker groups animated by the most diverse motives.

Who is interested to US networks and why?

Consider that cyber infrastructures of a country are a mine of news that attracts foreign governments, independent hackers and also hacktivism, all this forces daily combine their actions against the same target. The success of the cyber attacks against US networks, according the declarations of the security experts, is due the US infrastructure status that are protected by obsolete defense systems unable to fight against continuous incursions. Speaking before the Senate Armed Services Subcommittee on Emerging Threats and Capabilities the experts told the assembled Senators that the U.S. government needed to abandon the notion that it could keep outsiders off its computer networks.

Very meaningful the worlds pronounced by Senator Rob Portman member of the Emerging Threats and Capabilities subcommittee:

“We can do things to make it more costly for them to hack into our systems…,”

“but you didn’t say we can stop them.”

A clear message that expresses the awareness of the threat and impossibility to defeat it in the short term This time the revelations on the status of US networks come from the famous group Anonymous, in a recent interview its component Christopher “Commander X” Doyon, who today lives in Canada, declared:

Right now we have access to every classified database in the U.S. government. It’s a matter of when we leak the contents of those databases, not if. You know how we got access? We didn’t hack them. The access was given to us by the people who run the systems…

The five-star general (and) the Secretary of Defense who sit in the cushy plush offices at the top of the Pentagon don’t run anything anymore. It’s the pimply-faced kid in the basement who controls the whole game, and Bradley Manning proved that.

According Doyon, the great force of the groups is made by insiders in government infrastructures that give the group an unimaginable power, the power of knowledge and information.

Doyon has admitted him participation in some of the most important attacks on websites last year from Sony to PayPal. He was arrested in September for a minor hack on the county website of Santa Cruz, Calif., where he was living, in retaliation for the town forcibly removing a homeless encampment on the courthouse steps.

For that, Doyon is facing 15 years in jail. But he crossed the border into Canada in February to avoid prosecution.  Doyon was the leader of the People’s Liberation Front , a group allied with Anonymous and is considered the most wanted hacktivist after Julian Assange.

The hacker has reiterated the concept saying

“The entire world right now is run by information,”

“Our entire world is being controlled and operated by tiny invisible 1s and 0s that are flashing through the air and flashing through the wires around us. So if that’s what controls our world, ask yourself who controls the 1s and the 0s? It’s the geeks and computer hackers of the world.”

What the hacker claims regarding today’s information society is correct, each date is related to its simple binary representation, a core of information expressed using 0s and 1s that can never be considered completely safe.

What do you think about the revelation of the exponent of the group? What is the truth behind these declarations?

We are now accustomed to sensational statement by Anonymous, we all recognize its great media capacity, but rather than believing the truth exposed the experts have the following interpretations:

• Hackers are operating on psychological front, trying to instilling the culture of suspicion in the enemy lines. Everyone could be a spy, everyone could be Anonymous.
• Just the statement “everyone could be Anonymous” is the base for a second hypothesis regarding the revelations of the hackers. Anonymous is sending a message to all those investigators who are employed by the government and for which collaborations are open.

I think both assumptions valid while acknowledging that Doyon has certainly exaggerated in his claims to more striking its declarations. The risk of insider close to the group is high and to face similar threats requires observations of procedures and protocols in order to prevent access to confidential information.

I’m still convinced that the group is in a phase of profound transformation, new inside tumultuous currents have born and they could degenerate to dangerous insurgents.

In my opinion, such statements must be taken into consideration but I also believe that the group has issued statements to pursue a clear strategy of media presenteeism.

In recent weeks, in several articles I predicted the possibility that law enforcement and intelligence agencies were infiltrating the group, today according hacktivist’s declaration we are assisting to a reverse of the scenario. The reality is that both factions fear the event and are working so that the damage could be minimal in case of external conditions.

Meanwhile we have few info on how Anonymous is approaching the problem, on the opposite site we have perception of how major government agencies are facing the threat. I note that the FBI in more than one occasion pointed out the need to detect insider providing valuable guidance and insights on the topic.

Regard the topic I suggest to read the guidance provided by FBI “The Insider Threat An introduction to detecting and deterring an insider spy.” an introduction for security personnel on how to detect an insider threat and provides tips on how to safeguard your company’s trade secrets. Cyber espionage and theft of intellectual property are increasing threats to organizations and government institutions that can go unnoticed for months or even years.

The message is:

“We must remain on guard, we don’t wait for the day when Doyon’s words will come true”

Pierluigi Paganini