|
Videos
July 31, 2011 By Dan Lohrmann
The string of major cyber hacking attacks continued this week, with ManTech International reportedly being the latest company hit. According to Computerworld Magazine:
“As promised, members of the Anonymous hacking movement have released hundreds of megabytes of documents that they say were stolen from government security contractor ManTech.
The data released on the Pirate Bay file-sharing site late Friday contain nearly 400 megabytes of documents -- spreadsheets, résumés, planning documents, even photographs -- that appear to have come from the government contractor….
Anonymous said it was releasing the data to embarrass the government contractor, which recently signed a five-year deal to provide managed security services for the U.S. Federal Bureau of Investigation.”
The list of government agencies and contractors that have been hacked by the group Anonymous is nothing short of astounding. From Apple to NATO, and from India to Turkey, the hacking headlines continue on almost a daily basis.
Yes, some of suspected Anonymous hackers were recently arrested. Still, many more appear to be at large.
In a related turn of events, Anonymous computers were hacked by a former member named Ryan Cleary, who was reportedly angry with the group’s governance structure. According to one UK website, Mr. Cleary and some friends had now formed a splinter hacking group.
If you are feeling a bit uneasy by these events – you're not alone. All of this hacking seems far to easy, although the skills and abilities of these illegal organizations should not be underestimated. As I have stated in numerous blog entries over at CSO.com (see: Lohrmann on GovSpace), the bad guys are way ahead of the good guys right now. This is a battle which won’t be ending soon.
What’s can be done by state and local governments? Network World offered these “7 Ways to Avoid Being Hacked by Anonymous.” It’s a nice list, but offers the same basic advice given to governments and corporations for several years. We all need better passwords, security patches and end-user awareness training – and yes, it is difficult to keep these things going over the long-term. The hackers only need to be right once - but our job never ends.
On a more personal note, this latest ManTech hack hits a bit closer to home. I’ve received several emails over the past few days saying things like, “Check this out - didn’t you work for ManTech?”
Yes, I did work for ManTech as a Technical Director for four years in UK in the mid-1990s, and I still have friends there. They are a good company, and I have many fond memories of our life in North Yorkshire, England. I certainly wish them all the best as they recover from this situation.
Any thoughts you can share on the recent string of hacking attacks? Any stories to share about what your government is doing to protect citizen information?
Building effective virtual government requires new ideas and hard work. Security professionals need to be enablers of innovation. From helpful Internet training to defending cloud computing architectures to securing mobile devices, Dan Lohrmann will cover what's hot and what's not in protecting your corner of cyberspace.
RSS
CONTACT
It would be nice to know who to trust, the leaks of corruption in high places (government, their banker buddies and those working feverishly to remove any freedoms, rights or liberties from the civilian populace to usher in their NWO control system) proves the once thought of "good" guys are actually the criminals. If anon exposes the corruption and those terrorist companies, good on them. To bad the police and the other alphabet agencies can't take care of the corruption in their own house. Anon will never go away as long as those few try and rule over the many with tyranny and deception.
Once again Anonymous believe that they are the revolution. They use terms such as "leaks of corruption in high places," but few have been exposed. It is time that Anonymous add "The Great Conspiracy Theorists" to their name, as that is all they are. There is nothing amazing about what TGCT are doing. DDoS attacks are illegal, so is hacking. Government have enacted laws against these activities before Anonymous became famous, because they knew about how people would abuse the internet to engage in criminal behavior. It is sad that some members of Anonymous may be the first conspiracy theorist to go to jail for activities directed related to their conspiracy theory.
In a corrupt government or system, those following the laws are the criminals. I for one am glad that someone/group is standing up to a freedom, liberty, and rights stealing regime. While DDos attacks aren't the answer, it's a lot more then most are willing or capable of doing. They'd prefer to keep their heads down and not rock the boat, even if the captain of the boat is trying to sink them. America are full of cowards who would back the very system that's trying to destroy them. They deserve to become the slaves for the ultra rich since most don't get involved, heck most are to stupid to research the "Conspiracy Theories" to find out if they are actually fact ~ you lamestream media zombies would be surprised at how many theories have turned out to be fact. I wish Anon. would release more info on those who are corrupt, and I'm glad they have a non-violent way of changing things. Although the fascists and terrorists in charge will no doubt find a way to stop a non violent protest. Funny the same government involved in illegal wars and practices have the nerve to call non violent hacktavists criminals. And the people still defend the criminals in office, even as they are being robbed blind by them and their banker buddies, Americans are to stupid to save themselves, they need revolutionaries like Anonymous.
You correct, Dan, this and many other hacker groups are performing illegal activities to embarass government entities. This has been and will always be the case. I for one am embarassed that we all seem to be such an easy mark. Though security pros tend to talk most about the latest and greatest zero day exploits, my experience is that the lion's share of exploits take advantage of known vulnerabilities that we all could address with more robust operational security processes. And until we start doing those bread and butter security processes better and more thoroughly, all of us in the government security space should get ready for the eventual day when we will stand red-faced in front of the news camara.
The feds can't hang onto security leadership, AND they think the answer to the problem is to hire more "hackers". Meanwhile, every web property they put up is full of bugs they don't require vendors to fix, and has never been tested for security. Awareness training as a firewall for stupidity is not addressed until there is a landmine. All these wounds are self-inflicted. And why is there no CISO of the USA?