Monday Mail Mayhem. That's how Anonymous is describing its latest hack. The "hacktivist" group broke in to a 1.7-GB archive of data it says "used to belong to the United States Bureau of Justice, until now."
"Within the booty you may find lots of shiny things such as internal e-mails, and the entire database dump," Anonymous said in a statement. "We Lulzed as they took the Web site down after being owned, clearly showing they were scared of what inevitably happened."
Why the Bureau of Statistics?
Anonymous apparently also uploaded a BitTorrent file of the stolen data to Pirate Bay. That's a potentially serious leak, considering that the Bureau of Justice Statistics' stated mission is to collect, analyze, publish, and disseminate information on crime, criminal offenders, victims of crime, and the operation of justice systems at all levels of government. The bureau describes the data as "critical to federal, state, and local policymakers in combating crime and ensuring that justice is both efficient and evenhanded."
With that in mind, why is Anonymous targeting the Bureau of Justice statistics? Anonymous answered that question with a mouthful of hacktivist-speak reminiscent of WikiLeaks.
"We do not stand for any government or parties, we stand for freedom of people, freedom of speech and freedom of information. We are releasing data to spread information, to allow the people to be heard, and to know the corruption in their government," according to the Anonymous statement. "We are releasing it to end the corruption that exists, and truly make those who are being oppressed free."
The U.S. Department of Justice confirmed the breach and published reports say the government is investigating the hacks. In a statement, a spokesman said the department is looking into the unauthorized access of a Web site server operated by the Bureau of Justice Statistics that contained data from their public Web site.
"The Bureau of Justice Statistics Web site has remained operational throughout this time. The department's main Web site, justice.gov, was not affected," the DOJ statement said. "The department is continuing protection and defensive measures to safeguard information and will refer any activity that is determined to be criminal in nature to law enforcement for investigation."
We caught up with Neil Roiter, director of research at Corero, to get his take on the latest Anonymous hack and what it means for government security. He told us government agencies and high-profile commercial enterprises are and will continue to be targets of politically and ideologically motivated hacktivists.
"As we see again in the case of the Bureau of Justice Statistics breach, these groups often are indiscriminate about what they take and what they make public, simply grabbing what they can and posting it online. They do not consider who it might hurt and how," Roiter said.
"Agencies must take appropriate measures to protect all their servers and sites against data breaches and ensure that their data is encrypted in the event that it is compromised. They must also protect themselves against distributed denial-of-service (DDoS) attacks, which are frequently used as smokescreens for surreptitious attacks aimed at stealing information."
Posted: 2012-05-30 @ 11:12am PT
"We Lulzed as they took the Web site down after being owned, clearly showing they were scared of what inevitably happened."
This is why I like anonymous.