BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Exclusive - FBI warns of U.S. govt breaches by Anonymous hackers

From: Lee J <lee () riskbasedsecurity com>
Date: Sat, 16 Nov 2013 12:07:56 +1100
http://in.reuters.com/article/2013/11/16/usa-security-anonymous-fbi-idINDEE9AF00920131116

(Reuters) - Activist hackers linked to the collective known as Anonymous
have secretly accessed U.S. government computers in multiple agencies and
stolen sensitive information in a campaign that began almost a year ago,
the FBI warned this week.

The hackers exploited a flaw in Adobe Systems Inc's (ADBE.O) software to
launch a rash of electronic break-ins that began last December, then left
"back doors" to return to many of the machines as recently as last month,
the Federal Bureau of Investigation said in a memo seen by Reuters.

The memo, distributed on Thursday, described the attacks as "a widespread
problem that should be addressed." It said the breach affected the U.S.
Army, Department of Energy, Department of Health and Human Services, and
perhaps many more agencies.

Investigators are still gathering information on the scope of the cyber
campaign, which the authorities believe is continuing. The FBI document
tells system administrators what to look for to determine if their systems
are compromised.

An FBI spokeswoman declined to elaborate.

According to an internal email from Energy Secretary Ernest Moniz' chief of
staff, Kevin Knobloch, the stolen data included personal information on at
least 104,000 employees, contractors, family members and others associated
with the Department of Energy, along with information on almost 2,0000 bank
accounts.

The email, dated October 11, said officials were "very concerned" that loss
of the banking information could lead to thieving attempts.

Officials said the hacking was linked to the case of Lauri Love, a British
resident indicted on October 28 for allegedly hacking into computers at the
Department of Energy, Army, Department of Health and Human Services, the
U.S. Sentencing Commission and elsewhere.

Investigators believe the attacks began when Love and others took advantage
of a security flaw in Adobe's ColdFusion software, which is used to build
websites.

Adobe spokeswoman Heather Edell said she was not familiar with the FBI
report. She added that the company has found that the majority of attacks
involving its software have exploited programs that were not updated with
the latest security patches.

The Anonymous group is an amorphous collective that conducts multiple
hacking campaigns at any time, some with a few participants and some with
hundreds. In the past, its members have disrupted eBay's Inc (EBAY.O)
PayPal after it stopped processing donations to the anti-secrecy site
Wikileaks. Anonymous has also launched technically more sophisticated
attacks against Sony Corp (6758.T) and security firm HBGary Federal.

Some of the breaches and pilfered data in the latest campaign had
previously been publicized by people who identify with Anonymous, as part
of what the group dubbed "Operation Last Resort."

Among other things, the campaigners said the operation was in retaliation
for overzealous prosecution of hackers, including the lengthy penalties
sought for Aaron Swartz, a well-known computer programmer and Internet
activist who killed himself before a trial over charges that he illegally
downloaded academic journal articles from a digital library known as JSTOR.

Despite the earlier disclosures, "the majority of the intrusions have not
yet been made publicly known," the FBI wrote. "It is unknown exactly how
many systems have been compromised, but it is a widespread problem that
should be addressed."

(Reporting by Joseph Menn in San Francisco and Jim Finkle in Boston;
Additional reporting by Valerie Volcovici and Alina Selyukh; Editing by
Tiffany Wu and Tim Dobbyn)

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: