Pierluigi Paganini June 21, 2012

We live in the cyber era, governments measure their capabilities in the cyberspace with reciprocal attacks of increasing complexity.Every government is developing an adequate cyber strategy investing huge quantity of money in the establishment of cyber units, on formation of groups of cyber experts and on the development of new cyber weapons.

In this scenario unpredictable forces could alter an unstable equilibrium causing serious damages and providing precious advantage to the adversary. Independent hackers and hacktivists daily direct thousands of attacks against government and critical infrastructures, for profits or fame and the consequences could be devastating.

How much secure are fortresses such us the Pentagon?

We have read that the US networks are daily hacked and to demonstrate the affirmation let’s comment the news that a hacking collective has published private information that they say was stolen from the official website of the US Department of Defense.

Hacker belonging to the new group named WikiBoat last week released a collection data including names, email addresses and phone numbers stolen from a database hosted on defense.gov, according their announcement.

Respecting the classic communication methods of the most famous groups of hacktivist such as Anonymous they have published the leaked data on pastebin web site releasing the following statement:

“Recently today, I stumbled across a very old leak on my Computer; I cannot remember if I have already leaked this site, but I do know that this site deserves to be leaked. Who is this site we are targeting? defense.gov ,”

“[W]hile this is not a SQLi vulnerability we still did manage to get our hands on part of the database not all. So enjoi!”

Who are the members of WikiBoat group?

They are surely hacktivist, we can consider them as a rib of the Anonymous collective  composed by individual that love to emulate the famous group without any specific motivation, they act just for “lulz”.

It is important to do not underestimate the event, not for the damaged caused by the action, but for the phenomena that I have described in my previous articles, the born of new separated groups that partially share, or act independently, the guide lines provided by the principal collective of Anonymous.

Well I consider the event serious under this perspective, new groups of hacker are leaving political and ideological motivations just for the pleasure to attacks strategic objectives already target of attacks of hacktivist.

These offensives are more dangerous due the knowledge shared by the hackers with the Anonymous collective that in my opinion must take distance from attacks for “recreational” purposes.

The group also added:

“We hack for the lulz just because we can, and while this may be dismayed as a complete Black Hat way of operating among the Internet, the truth is that it is just that,”

“Just because we simply target any vessel that may be portrayed as enemy, we encourage anyone, whether their vessel is small or large to come aboard our ship and work beside us.”

Let’s consider that anonymous collective several time has attacked government targets such as the FBI, the CIA, US Trademark Office and The White House and don’t forget that one of the representatives of the Anonymous collective, known as Commander X, declared that the groups has already infiltrated US government and its networks.

“Right now we have access to every classified database in the US government.”

It ‘clear that similar statements have the sole purpose of increasing the media capacity of the group, however we must keep in mind that Anonymous in the past has had the opportunity to collect information on its targets, data that can be the basis for future attacks. No need to trivialize such claims, as many experts have done, the events have taught us that even an email address and password can be a powerful weapon in the hands of an attacker.

The posting of some factions of the main collective can give rise to cells very offensive and dangerous, especially because they have information useful to the success of future attacks.

Pierluigi Paganini