U.S. Advises Secure Control Systems Against Anonymous

The latest report provides an assessment of Anonymous' capability to penetrate Industry Control Systems (ICS) and gain access to infrastructural networks, which follows up on a previous report that investigated the group's ability to develop new cyber attack tools.

According to the current evaluation, the government believes that Anonymous has shown that it can access ICS, but may not have the ability to actually understand the structure and inner workings of such software yet. There is speculation that Anonymous may be interested in gaining that knowledge, especially through freely available sources: "Free educational opportunities (conferences, classes), presentations at hacker conferences, and other high profile events/media coverage have raised awareness to ICS vulnerabilities, and likely shortened the time needed to develop sufficient tactics, techniques, and procedures (TTPs) to disrupt ICS," the report states.

However, the government's concern is that the simple capability of "recognizing and posting code", which Anonymous has done, for example, in the case of Siemens Simatic control software, "could gain the attention of those knowledgeable in control systems". However, at least in this unclassified report, there is no clear answer why the government believes that Anonymous appears to have increased interest in ICS, especially those that are tied to its "hacktivist" campaigns.

The report concludes:

"While Anonymous recently expressed intent to target ICS, they have not demonstrated a capability to inflict damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methods, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web-based applications and windows systems) by employing tactics such as denial of service."

The advice to ICS owners is to make sure their security needs of their control system assets are addressed.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
35 comments
    Your comment
    Top Comments
  • killerclick
    mightymaxioAnonymous will get caught one of these days


    It's not that kind of organization, it's not even an organization.
    22
  • darkchazz
    Please destroy facebook!!!!
    21
  • CaedenV
    Anonymous is similar to a stand alone complex. It is decentralized, with unofficial membership that is easily swayed by the actions of other members who claim to be under the same banner. Governments are ill-equipped to deal with such 'organization' because it is simply not organized. If the current 'leadership' or a member makes a bad move, then the 'members' simply reject that the attack was from the group and can claim it was an individual act. It is only by the actions of individual members that anyone can be caught, and there is no real way to be sure that everyone has been caught, or that the movement would not resurrect itself.
    Personally I am torn on the idea of hactavism. I think it a great idea to show that companies need to take proper precautions with personal information, and that corporations and governments should not infringe on the people's rights. But the way they do things often make things worse for the people, which makes me think they are in it simply as hackers who are desperately trying to justify their actions in order to attract nieve morons.
    17
  • Other Comments
  • mightymaxio
    Thats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.
    -5
  • amk-aka-Phantom
    mightymaxioThats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.


    These "script kiddies" caused quite a lot of mischief. If anything, I definitely respect their skills :)
    11
  • killerclick
    mightymaxioAnonymous will get caught one of these days


    It's not that kind of organization, it's not even an organization.
    22