U.S. Advises Secure Control Systems Against Anonymous

The latest report provides an assessment of Anonymous' capability to penetrate Industry Control Systems (ICS) and gain access to infrastructural networks, which follows up on a previous report that investigated the group's ability to develop new cyber attack tools.

According to the current evaluation, the government believes that Anonymous has shown that it can access ICS, but may not have the ability to actually understand the structure and inner workings of such software yet. There is speculation that Anonymous may be interested in gaining that knowledge, especially through freely available sources: "Free educational opportunities (conferences, classes), presentations at hacker conferences, and other high profile events/media coverage have raised awareness to ICS vulnerabilities, and likely shortened the time needed to develop sufficient tactics, techniques, and procedures (TTPs) to disrupt ICS," the report states.

However, the government's concern is that the simple capability of "recognizing and posting code", which Anonymous has done, for example, in the case of Siemens Simatic control software, "could gain the attention of those knowledgeable in control systems". However, at least in this unclassified report, there is no clear answer why the government believes that Anonymous appears to have increased interest in ICS, especially those that are tied to its "hacktivist" campaigns.

The report concludes:

"While Anonymous recently expressed intent to target ICS, they have not demonstrated a capability to inflict damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methods, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web-based applications and windows systems) by employing tactics such as denial of service."

The advice to ICS owners is to make sure their security needs of their control system assets are addressed.

TOPICS

Douglas Perry was a freelance writer for Tom's Hardware covering semiconductors, storage technology, quantum computing, and processor power delivery. He has authored several books and is currently an editor for The Oregonian/OregonLive.

35 Comments Comment from the forums

mightymaxio

Thats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.
Reply
amk-aka-Phantom

mightymaxioThats because anonymous are a bunch of script kiddies or mindless sheep that follow the herd where ever it may take them. Anonymous will get caught one of these days and everyone connected to it will be punished, I look forward to that day and not one of V for vendetta. Anonymous are crooks, nothing more complex than that.
These "script kiddies" caused quite a lot of mischief. If anything, I definitely respect their skills :)
Reply
killerclick

mightymaxioAnonymous will get caught one of these days
It's not that kind of organization, it's not even an organization.

Reply
beenthere

The more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.
Reply
darkchazz

Please destroy facebook!!!!
Reply
mightymaxio

beenthereThe more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.Exactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government.

I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.
Reply
CaedenV

Anonymous is similar to a stand alone complex. It is decentralized, with unofficial membership that is easily swayed by the actions of other members who claim to be under the same banner. Governments are ill-equipped to deal with such 'organization' because it is simply not organized. If the current 'leadership' or a member makes a bad move, then the 'members' simply reject that the attack was from the group and can claim it was an individual act. It is only by the actions of individual members that anyone can be caught, and there is no real way to be sure that everyone has been caught, or that the movement would not resurrect itself.
Personally I am torn on the idea of hactavism. I think it a great idea to show that companies need to take proper precautions with personal information, and that corporations and governments should not infringe on the people's rights. But the way they do things often make things worse for the people, which makes me think they are in it simply as hackers who are desperately trying to justify their actions in order to attract nieve morons.
Reply
amk-aka-Phantom

9319048 said:
The more of these criminal hackers that get prosecuted the better. It's just a matter of time as those in denial learn the hard way. See TPB for a reality lesson.

TPB? You mean, The Pirate Bay? Why, what's up with them? Up and running, and the "Legal Threats" section is hilarious.
Reply
CaedenV

mightymaxioExactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government. I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.The US did not become a dictatorship when they overthrew the Brittish. But then again it was not a small group of personalities who lead the rebellion. It was a wide-spread movement where nobody wanted absolute power, because they all wanted freedom. While most rebellions do not end this way, it is wrong to say that every single one does.
Reply
dickcheney

mightymaxioExactly, when did people start thinking its ok to force their opinions on someone else? In the united states we call that dictatorship which is what anonymous is trying to do by forcing people to believe in what they believe by DDOSing, disrupting sites, protesting, etc... What happens if they win? Will we become slaves to them then? Because this is what happens in any country where the people overthrow a government. I don't want anonymous deciding right and wrong for me, i want to make that decision myself and not have it enforced on me.
Since the populace is too dumb to take important decisions?
Reply

Show more comments