Anti-Israel Hacking Collective Strikes Again

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://freebeacon.com/anti-israel-hacking-collective-strikes-again/

A major security consulting group that works with the U.S. government
has admitted its internal servers were breached in an attack believed
to have been carried out by an anti-Israel hacking collective.

The hacker group known as Parastoo claims to have stolen nuclear
information, credit card information, and the personal identities of
thousands of customers, including individuals associated with the
United States military, that work with IHS Inc., a global information
and analytics provider which includes IHS’s Janes, a publisher of
security and defense information.

IHS confirmed to the Washington Free Beacon Tuesday that its servers
had been breached, but maintained that no confidential information was
comprised.

“IHS has become aware that an outside organization has illegally
accessed some of our servers,” said IHS spokesperson Ed Mattix. “Based
on our investigation to date, the stolen information is content from
books, magazines, and websites previously published in the public
domain as part of normal IHS publishing activities.”

“Since it is previously published in the public domain, there is
nothing confidential or privileged contained in the information,”
Mattix said, adding that IHS is “continuing our investigation into
this theft of our information and we are working to ensure that we
remediate any vulnerability in our system.”

Parastoo is an anti-Israel hacking collective linked to the Anonymous
group that has also breached the Energy Department and the
International Atomic Energy Agency (IAEA). It claimed in a statement
posted to the website Cryptome to have obtained “8,500 records of
distinctive current customers,” of IHS, around 70 percent of which
“are [government], military, or their contractors.”

Among the more critical data stolen from IHS pertains to Jane’s
Chemical, Biological, Radiological, and Nuclear (CBRN) Assessments
Intelligence Centre, according to the statement, which includes
detailed source codes outlining how the anti-nuclear Parastoo carried
out the hack.

CBRN data is primarily used to defend against and mitigate the effects
of a major nuclear or chemical attack.

One of Parastoo’s chief goals is to reveal sensitive nuclear data in a
bid to pressure the Israeli government and others to disclose their
nuclear activities. The group is believed to have stolen “highly
sensitive” nuclear data and satellite imagery from the IAEA in
December.

Parastoo claims it now possesses the personal information related to
“roughly 800 individuals linked to nuclear programs of 17 active
countries.”

It also claimed to have obtained sensitive “geo-spatial intelligence
on roughly 180 in-service CBRN facilities around the globe,” of which
“close to 100 facilities officially belong to [government] or
military.”

Detailed information pertaining to “roughly 3,000 event[s] related to
CBRN incidents from 1999 to [January] 2013” also were seized, Parastoo
said.

Additionally, Parastoo claims to have stolen credit card numbers and
other information relating to or connected with Israel.

“We made sure we get everything related to Israel since we read they
get free 5th-[generation] fighters and jet fuel paid by American tax
payers,” the group wrote.

The group vowed to use the information to seize unnamed servers in
Israel “for a greater good.”

Moreover, Parastoo claims to have obtained the personal information of
roughly 4,500 “companies who produce parts of a nuclear program”
during the hack, which the group claims took around six months.

Commercial nuclear targets that contract with IHS and Jane’s were also
hit, Parastoo claims.

This includes the personal information pertaining to some 11,000
companies doing nuclear-oriented “research, manufacturing parts,
selling whole products, consultations, [and] regulations,” as well
those companies dealing with the “fabrication of sensitive detection
and defense equipment against CBRN,” the group claims.

Parastoo also stole more than 450,000 credit card records from some of
IHS’s largest commercial clients, including Pepsi and BMW.

“Records contain names of contact points, their address and phone,
[business] history with IHS-owned services and links to other
databases on internal network containing more than 450,000 credit card
info and purchase history from a roughly 10-year period,” Parastoo
wrote.

Parastoo claims it “did not meet any considerable it defense” as it
penetrated IHS’s network.

Parastoo successfully penetrated the IAEA’s servers twice in late
2012, taking “highly sensitive information, including confidential
‘SafeGuard’ documents, satellite images, official letters, [and]
presentations,” according to the group’s statement at the time.

The hacking group also was suspected to be part of a sophisticated
cyber break of the Energy Department’s networks in January.

Parastoo has demanded the IAEA investigate Israel’s Negev Nuclear
Research Center located near the southern city of Dimona, which is
suspected to house nuclear arms.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.