Sign in with
Sign up | Sign in

U.S. Advises Secure Control Systems Against Anonymous

By - Source: NCCIC | B 35 comments

A recently published bulletin by the U.S. Department of Homeland Security shows that the government has a close eye on hacker group Anonymous, especially in their shift in interest.

The latest report provides an assessment of Anonymous' capability to penetrate Industry Control Systems (ICS) and gain access to infrastructural networks, which follows up on a previous report that investigated the group's ability to develop new cyber attack tools.

According to the current evaluation, the government believes that Anonymous has shown that it can access ICS, but may not have the ability to actually understand the structure and inner workings of such software yet. There is speculation that Anonymous may be interested in gaining that knowledge, especially through freely available sources: "Free educational opportunities (conferences, classes), presentations at hacker conferences, and other high profile events/media coverage have raised awareness to ICS vulnerabilities, and likely shortened the time needed to develop sufficient tactics, techniques, and procedures (TTPs) to disrupt ICS," the report states.

However, the government's concern is that the simple capability of "recognizing and posting code", which Anonymous has done, for example, in the case of Siemens Simatic control software, "could gain the attention of those knowledgeable in control systems". However, at least in this unclassified report, there is no clear answer why the government believes that Anonymous appears to have increased interest in ICS, especially those that are tied to its "hacktivist" campaigns.

The report concludes:

"While Anonymous recently expressed intent to target ICS, they have not demonstrated a capability to inflict damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methods, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web-based applications and windows systems) by employing tactics such as denial of service."

The advice to ICS owners is to make sure their security needs of their control system assets are addressed.

Display 35 Comments.
This thread is closed for comments
Top Comments
  • 22 Hide
    killerclick , October 20, 2011 1:24 PM
    mightymaxioAnonymous will get caught one of these days


    It's not that kind of organization, it's not even an organization.
  • 21 Hide
    darkchazz , October 20, 2011 1:35 PM
    Please destroy facebook!!!!
  • 17 Hide
    CaedenV , October 20, 2011 1:49 PM
    Anonymous is similar to a stand alone complex. It is decentralized, with unofficial membership that is easily swayed by the actions of other members who claim to be under the same banner. Governments are ill-equipped to deal with such 'organization' because it is simply not organized. If the current 'leadership' or a member makes a bad move, then the 'members' simply reject that the attack was from the group and can claim it was an individual act. It is only by the actions of individual members that anyone can be caught, and there is no real way to be sure that everyone has been caught, or that the movement would not resurrect itself.
    Personally I am torn on the idea of hactavism. I think it a great idea to show that companies need to take proper precautions with personal information, and that corporations and governments should not infringe on the people's rights. But the way they do things often make things worse for the people, which makes me think they are in it simply as hackers who are desperately trying to justify their actions in order to attract nieve morons.
Other Comments
  • -5 Hide
    mightymaxio , October 20, 2011 1:17 PM
    Thats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.
  • 11 Hide
    amk-aka-Phantom , October 20, 2011 1:22 PM
    mightymaxioThats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.


    These "script kiddies" caused quite a lot of mischief. If anything, I definitely respect their skills :) 
  • 22 Hide
    killerclick , October 20, 2011 1:24 PM
    mightymaxioAnonymous will get caught one of these days


    It's not that kind of organization, it's not even an organization.
  • -6 Hide
    beenthere , October 20, 2011 1:32 PM
    The more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.
  • 21 Hide
    darkchazz , October 20, 2011 1:35 PM
    Please destroy facebook!!!!
  • -7 Hide
    mightymaxio , October 20, 2011 1:38 PM
    beenthereThe more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.

    Exactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government.

    I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.
  • 17 Hide
    CaedenV , October 20, 2011 1:49 PM
    Anonymous is similar to a stand alone complex. It is decentralized, with unofficial membership that is easily swayed by the actions of other members who claim to be under the same banner. Governments are ill-equipped to deal with such 'organization' because it is simply not organized. If the current 'leadership' or a member makes a bad move, then the 'members' simply reject that the attack was from the group and can claim it was an individual act. It is only by the actions of individual members that anyone can be caught, and there is no real way to be sure that everyone has been caught, or that the movement would not resurrect itself.
    Personally I am torn on the idea of hactavism. I think it a great idea to show that companies need to take proper precautions with personal information, and that corporations and governments should not infringe on the people's rights. But the way they do things often make things worse for the people, which makes me think they are in it simply as hackers who are desperately trying to justify their actions in order to attract nieve morons.
  • 17 Hide
    amk-aka-Phantom , October 20, 2011 1:52 PM
    Quote:
    The more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.


    TPB? You mean, The Pirate Bay? Why, what's up with them? Up and running, and the "Legal Threats" section is hilarious.
  • 13 Hide
    CaedenV , October 20, 2011 1:55 PM
    mightymaxioExactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government. I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.

    The US did not become a dictatorship when they overthrew the Brittish. But then again it was not a small group of personalities who lead the rebellion. It was a wide-spread movement where nobody wanted absolute power, because they all wanted freedom. While most rebellions do not end this way, it is wrong to say that every single one does.
  • 10 Hide
    dickcheney , October 20, 2011 1:56 PM
    mightymaxioExactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government. I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.


    Since the populace is too dumb to take important decisions?
  • -3 Hide
    nikorr , October 20, 2011 1:59 PM
    mightymaxioThats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.

    Agree, time is running out for them...
  • -4 Hide
    nikorr , October 20, 2011 1:59 PM
    They are overdue now!
  • -4 Hide
    nikorr , October 20, 2011 2:01 PM
    amk-aka-phantomThese "script kiddies" caused quite a lot of mischief. If anything, I definitely respect their skills

    They are reversed way too much.
  • 0 Hide
    amk-aka-Phantom , October 20, 2011 2:04 PM
    Quote:
    They are reversed way too much.


    Maybe, maybe not. All I said is that they can cause mischief, and that's always fun.
  • -8 Hide
    goatsetung , October 20, 2011 2:44 PM
    "Free educational opportunities" such as conferences and classes should probably be shut down.
  • -3 Hide
    digiex , October 20, 2011 3:00 PM
    Quote:
    internet accessible systems (such as web-based applications and windows systems) by employing tactics such as denial of service.


    Let me emphasize that.
  • -1 Hide
    captaincharisma , October 20, 2011 3:17 PM
    amk-aka-phantomThese "script kiddies" caused quite a lot of mischief. If anything, I definitely respect their skills


    yea but they could have just looked at the systems and found there was an easy way to get around the security. so yea there script kiddies
  • 9 Hide
    acadia11 , October 20, 2011 3:44 PM
    mightymaxioThats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.


    I'd have to disagree with your assessment. The reality is that Anonymous isn't seeking to do real damage. Bringing down a website, and say bringing down the Air Traffic control system, are two different things, and anonymous isn't into actually endangering peoples lives and such, just being a nuisance.
  • 12 Hide
    Vladislaus , October 20, 2011 3:45 PM
    mightymaxioExactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government. I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.

    So you're saying that any time someone makes a protest they're supporting a dictatorship?
  • 6 Hide
    acadia11 , October 20, 2011 3:46 PM
    killerclickIt's not that kind of organization, it's not even an organization.


    Exactly, Anonymous has no structure, simply put, it's a collective of individuals with hacking skillz that do XY and Z because someone posts hey let's attack XY and Z , hacker community, and then of course the hackers that do it, want to remain anonymous. It's just an idea to hide behind both literally and figuratively.
Display more comments