11 May 2012

PIERLUIGI PAGANINI: Anonymous Reloaded. Yesterday, today, tomorrow

-Cyber-BlackSEC- OPEN SOURCE
US/1; ATTN: PA/2; IT/2; US/12

[ed.note: Please see US/1 note, below…]

by paganinip on May 4th, 2012
The word “Anonymous ” evokes the myth of the hacker in today’s society that defends freedom of expression and agrees with sensational cyber operations in the fight against censorship and government and industrial questionable policies.
better_anonymous

If Anonymous is perceived by future generations as an attractive ideology to follow, industry and government view with concern the threat posed by the group’s operations. The recent security reports, such as that produced by Verizon, indicates the phenomenon of hacktivism as the main threat of cybercrime planet, estimating the damage done by groups like Anonymous in their frequent operations.
The majority of IT and security professionals is convinced that Anonymous and groups of hacktivists are main cyber threats able to attack their organizations impacting on their primary business. Around the 64% of the nearly 2,000 IT professionals who participated in Bit9′s 2012 Cyber Security Survey believe that their companies will be target of a cyber attack during the next six months and 61% of them chose hacktivists as the likely attackers.
Of course the main factor exposes companies to the threat of the group is their media exposure, the participation to the policies or international public debates on new regulations. The group has demonstrated, in my opinion a great consistency in his choice of targets, offending companies that have distinguished themselves in approaching the topics so controversial that the group is interested.  No one can be considered safe, from the provider who is willing to support the new regulations such as the Cyber ​​Intelligence Sharing and Protection Act (CISPA) to the government agency intents on pursuing questionable international policies.
But which is the method of attack that most scares the companies?

Despite the companies afraid Anonymous and hacktivism they are most worried by the usage of malware as cyber weapon instead of the classic Distributed denial-of-service (DDoS) and SQL injection attacks preferred by the notorious hackers.
On this data we can make a couple of interesting reflections:


Companies are scared of hacktivism but consider its mode of attacks not so dangerous. The fear on anonymous attacks is related to the media effect of its operations that could damage the image of the business and also to attract other criminals groups on the target.

Second point, it is expected a radical change in the modus operandi of the Anonymous group because it is attracting also many hackers and professional that are interested to its operations. The skill of the hackers is increasing and the imminent risk is that a 0-day vulnerabilities could be found and exploited by the hacktivist causing extensive damage. The scenario described is not so absurd, let’s consider in fact that many operations of the groups could be shared and approved directly by government groups of hacker under coverage. In this case the power of attack of the group could be amplified. Let’s consider also that there is the high risk of infiltrations of the groups, Anonymous could be compared to a powerful cyber weapon. In that case operations could be addressed against political targets.


Many experts are sure that behind the recent attacks to China and it’s Great Firewall there is also the support of western intelligence, same scenario in Syria and in Tibet where groups of hacktivist have provided technological support to the dissidents.
Anonymous, and foreign governments, are well informed on the impact that political scandals could have on a country like China, emblematic is the case of communist party politician Bo Xilai.

[And Julian ASSANGE’s “thermo-nuclear threat” against Rupert MURDOCH and NEWS CORP. – US/1]
Xilai, the former Chongqing party chief, was removed from it engagements in his party positions last week because with his wife, Gu Kailai, are being investigated over the murder of British businessman Neil Heywood. The news has a dramatic effect on Chinese Public opinion, for this reason immediately the government has increased the monitoring of the social media to contain the diffusion of the news. 

On the other side, groups related to Anonymous have started to attack principal government web sites trying to force the censorship wall. Just for information searches for both Bo Xilai and his wife’s name were quickly blocked on Sina Weibo, and mass censorship of comments began.

What we expect from Anonymous in the future?

Nobody in technology, nor in business, could ignore the cyber threat moved by the group and must consider it in its cyber strategy. In the same time the group have to increase its  operations and their media effects choosing more striking objectives and conducing attacks able to make more and more damage. Next steps will include most advanced attack methods such as creating malware that to exploit unknown vulnerabilities.

Anonymous must be analyzed with a multidisciplinary approach, it is an amorphous creature that quickly changes and is able to adapt its behavior to the context he need to attack thanks the large and heterogeneous participation in its collective. But do not forget that “Anonymous” due its notoriety has become the perfect scape goat, government and private industry can perform cyber attacks in the name of the groups involving critical masses.

We run the serious risk of being frightened by the entity directing our efforts against the wrong image reflected in a mirror, the result of diversions or worse of an undercover action. In my opinion this is the most disturbing aspect of the story.  How to avoid this? It’s hard to say, it is impossible to hazard a forecast. Personally, if I were part of the collective, I would begin to evaluate a social opening considering that the movement is also expression of large masses.

That is the real challenge for a movement that may die due its notoriety, but consider that the outing isn’t so simple because Anonymous has no unified voice and hasn’t a real control center.

The choice could actually split the group, giving rise to crazy cells,
impossible to control and very dangerous.

Pierluigi Paganini


[Information contained in BKNT E-mail is considered Attorney-Client and Attorney Work Product privileged, copyrighted and confidential. Views that may be expressed are those of the author(s) and do not necessarily reflect those of any government, agency, or news organization.]
 

No comments:

CyBER-BlackSEC Debate

BlackNIGHT Target Practice

SEAL Team SIX - Iron Will from CBS News

The Devil's Advocate?

In 1991, [the late former Secretary of State Lawrence 'Just call me George'] Eagleburger explained to The Post why all of his sons were named Lawrence.

“First of all, it was ego,” he said. “And secondly, I wanted to screw up the Social Security system.”