Wikiboat against the Pentagon, risks on Anonymous evolution

We live in the cyber era, governments measure their capabilities in the cyberspace with reciprocal attacks of increasing complexity.Every government is developing an adequate cyber strategy investing huge quantity of money in the establishment of cyber units, on formation of groups of cyber experts and on the development of new cyber weapons.

In this scenario unpredictable forces could alter an unstable equilibrium causing serious damages and providing precious advantage to the adversary. Independent hackers and hacktivists daily direct thousands of attacks against government and critical infrastructures, for profits or fame and the consequences could be devastating.

How much secure are fortresses such us the Pentagon?

We have read that the US networks are daily hacked and to demonstrate the affirmation let’s comment the news that a hacking collective has published private information that they say was stolen from the official website of the US Department of Defense.

Hacker belonging to the new group named WikiBoat last week released a collection data including names, email addresses and phone numbers stolen from a database hosted on defense.gov, according their announcement.

 

Respecting the classic communication methods of the most famous groups of hacktivist such as Anonymous they have published the leaked data on pastebin web site releasing the following statement:

“Recently today, I stumbled across a very old leak on my Computer; I cannot remember if I have already leaked this site, but I do know that this site deserves to be leaked. Who is this site we are targeting? defense.gov ,”

“[W]hile this is not a SQLi vulnerability we still did manage to get our hands on part of the database not all. So enjoi!”

Who are the members of WikiBoat group?

They are surely hacktivist, we can consider them as a rib of the Anonymous collective  composed by individual that love to emulate the famous group without any specific motivation, they act just for “lulz”.

It is important to do not underestimate the event, not for the damaged caused by the action, but for the phenomena that I have described in my previous articles, the born of new separated groups that partially share, or act independently, the guide lines provided by the principal collective of Anonymous.

Well I consider the event serious under this perspective, new groups of hacker are leaving political and ideological motivations just for the pleasure to attacks strategic objectives already target of attacks of hacktivist.

These offensives are more dangerous due the knowledge shared by the hackers with the Anonymous collective that in my opinion must take distance from attacks for “recreational” purposes.

The group also added:

“We hack for the lulz just because we can, and while this may be dismayed as a complete Black Hat way of operating among the Internet, the truth is that it is just that,”

“Just because we simply target any vessel that may be portrayed as enemy, we encourage anyone, whether their vessel is small or large to come aboard our ship and work beside us.”

Let’s consider that anonymous collective several time has attacked government targets such as the FBI, the CIA, US Trademark Office and The White House and don’t forget that one of the representatives of the Anonymous collective, known as Commander X, declared that the groups has already infiltrated US government and its networks.

Right now we have access to every classified database in the US government.”

It ‘clear that similar statements have the sole purpose of increasing the media capacity of the group, however we must keep in mind that Anonymous in the past has had the opportunity to collect information on its targets, data that can be the basis for future attacks. No need to trivialize such claims, as many experts have done, the events have taught us that even an email address and password can be a powerful weapon in the hands of an attacker.

The posting of some factions of the main collective can give rise to cells very offensive and dangerous, especially because they have information useful to the success of future attacks.

Pierluigi Paganini

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

New AT&T data breach exposed call logs of almost all customers

AT&T disclosed a new data breach that exposed phone call and text message records for…

18 hours ago

Critical flaw in Exim MTA could allow to deliver malware to users’ inboxes

A critical vulnerability in Exim mail server allows attackers to deliver malicious executable attachments to…

20 hours ago

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo…

1 day ago

Smishing Triad Is Targeting India To Steal Personal and Payment Data at Scale

Resecurity has identified a new campaign by the Smishing Triad that is targeting India to…

1 day ago

October ransomware attack on Dallas County impacted over 200,000 people

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000…

1 day ago

CrystalRay operations have scaled 10x to over 1,500 victims

A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake…

2 days ago

This website uses cookies.