Overview
Operation Antisec (a.k.a Operation Anti-Security, #antisec)is an international hacktivist campaign launched by a coalition of Anonymous hackers including former members of Lulzsec. The operation officially began with the attacks against UK’s Serious Organized Crime Agency on June 20th, 2011 and still continues with high-profile targets in private business, government and even military sectors.
The groups involved claim that the operation aims to protest government censorship and monitoring of the internet. LulzSec members also mentions ending what they believe are corrupt racial profiling and copyright laws as a goal of the operation.
Background
Long prior to the launch of Operation Antisec, the broader concept of Anti Security Movement[1] was conceived in 1999 as a counter-measure against the cyber-security industry and their tendency to disclose security vulnerabilities as a scare-tactic to drive sales profit in computer security programs.
According to Wikipedia, most of anti-security attacks started sometime between 1999 and 2000, targeting websites like SecurityFocus, SecuriTeam, Packet Storm, and milw0rm, as well as mailing lists like “full-disclosure”, “vuln-dev”, “vendor-sec” and Bugtraq, as well as public forums and IRC channels.
The term “Anti Security Movement” was first introduced in the manifesto document available as an indexed page on the website anti.security.is[2]:
The purpose of this movement is to encourage a new policy of anti-disclosure among the computer and network security communities. The goal is not to ultimately discourage the publication of all security-related news and developments, but rather, to stop the disclosure of all unknown or non-public exploits and vulnerabilities. In essence, this would put a stop to the publication of all private materials that could allow script kiddies from compromising systems via unknown methods.
More recently in 2009, several security communities like Astalavista[3] and milw0rm[4], as well as the popular image-hosting site ImageShack[5] have been targeted by Anti-Security associates. The group behind Operation Antisec has claimed that it aims to protest government censorship and monitoring of Internet usage. In addition, various digital rights-related issues like corrupt racial profiling, hardline copyright laws and the War on Drugs have been also cited as grounds for launching particular attacks.
Notable Developments
June 20th: Lulzsec and Anonymous Join Efforts
- On June 20th, 2011, Lulzsec announced via Twitter it has formed a partnership with the mysterious hacking collective Anonymous under the banner of “Operation Anti-Security” or “Operational Anti-sec.” Between June 20th, and 26th, the newly formed coalition released several packets of confidential information obtained from various sectors, including government and private businesses.
June 26th: Lulzsec Disbands
- Though LulzSec disbanded as a group on June 26th, 2011, members have been reported to be continuing the operation from within Anonymous.
June 27th: Homeland Security Department & The Sentinel Program
- On June 27th, Anonymous released sensitive information obtained from the Cyberterrorism Defense Initiative’s Sentinel program, a network security initiative designed to provide anti-cyberterrorism tactics for workers in public safety, law enforcement, state and local government, and public utilities. Administered by the U.S. Department of Homeland Security and the Federal Emergency Management Agency to “educate technical personnel in cyberterrorism response and prevention,” the released information contains resources on publicly available hacking resources and counter-hacking tools, as well as form letters that could be used to obtain user information from Internet service providers.
June 28th: Brazil, Anguilla, Zimbabwe and Tunisia
- On June 28th, the group released a large set of private, user-related information obtained from government sources in the countries of Anguilla, Brazil, Zimbabwe as well as the Municipality of Mosman council using the method of SQL injection. On Twitter, Anonymous accused Brazil of data manipulation and Zimbabwe for the controversial 2008 presidential election. In addition, Anonymous hackers also gained control of a Tunisian government website under the name of Operation Tunisia, replacing the webpage with a propaganda flyer.
July 11th: Military Meltdown Monday
- On July 11th, Anonymous hacked into systems belonging to U.S. defense contractor Booz Allen Hamilton, thereby gaining unauthorized access to nearly 90,000 personal accounts from a number of U.S. government and military agencies under the banner “Military Meltdown Monday.” Some of the targeted victims include the United States Central Command, United States Special Operations Command, the United States Marine Corps, the United States Air Force, the United States Department of Homeland Security and the United States Department of State. AntiSec also includes an “invoice for our audit of your security systems,” for a total of $310, for four hours of work.
July 13th: Operation Green Rights
- On July 13th, Anonymous issued an announcement of a new campaign entitled “Operation Green Rights,” which would target any and all companies it perceived as harming the environment.
In a related video released via YouTube on the same day, the group named several corporations like Exxon Mobil, Conoco Phillips, Canadian Oil Sands, Imperial Oil and the Royal Bank of Scotland as companies that are especially responsible for the world’s current environmental problems.
July 14th: Monsanto Employee Contacts
- On July 14th, the agricultural biotech company Monsanto confirmed that its network had been infiltrated by the hacker collective Anonymous. In a statement provided to CNET news, the firm’s Director of Corporate Affairs Tom Helscher explained:
“Last month, Monsanto experienced a disruption to our Web sites which appeared to be organized by a cyber-group. In addition, this group also recently published publicly available information on approximately 2,500 individuals involved in the broader global agriculture industry.”
According to the CNET report, the hackers allegedly obtained the contact details of 2,500 people in protesting the company’s lawsuits against organic dairy farmers who have used labels stating their products don’t contain growth hormones, a product Monsanto used to make. Monsanto currently make genetically engineered seeds and pesticides. It was also one of the seven company’s to supply the U.S. military with Agent Orange during the Vietnamese War.
The attack was publicized through a tweet posted by Anonymous earlier in the week, which stated: “#Anonymous hacks Monsanto computers; posts employee info http://on.msnbc.com/qhqs1m #OpMonsanto goes #AntiSec.”
July 19th: FBI Arrests 14 suspects of Anonymous Hacks
- On July 19th, cable news outlets CNN[7] and Fox News[8] reported at least 14 people were arrested in New York, New Jersey, Florida and San Francisco Bay Area as part of an ongoing FBI investigation of the notorious “Anonymous” collective, citing a senior federal law enforcement official. In New York City alone, federal agents executed the search warrants in a half dozen locations in Long Island, Brooklyn and the Bronx, where they seized computers and other digital records.
The federal authorities have yet to reveal the specific charges of the arrested individuals, but all are believed to have been involved in carrying out distributed denial of service (DDoS) attacks on numerous high-profile corporate and government websites.
August 7th: Shooting Sheriffs Saturday
On August 5th, members of the Antisec hacking group posted an official statement via Pastebin[9], releasing 10 gigabytes of confidential data allegedly obtained from over 70 U.S. sheriffs’ offices and law enforcement agencies. The leaked information reportedly contains over 300 e-mail accounts associated with law enforcement officers and agencies, home addresses, social security numbers, credit card numbers, police training videos and identities of anonymous tipsters. The group also claimed to have used the stolen credit card information to place donations to the Bradley Manning Support Network, ACLU, Electronic Frontier Foundation and several other digital rights advocacy groups.
Codenamed “Shooting Sheriffs Saturday,” the mass infiltration of law enforcement databases was served in retaliation to recent arrests of Anonymous associates, including the British teenager Jake Davis (also known as Toipary) who’s been identified by the U.K. police as a key member of Anonymous operations and the spokesperson of the mysterious hacking group Lulzsec.
Most of the targeted law enforcement sites were hosted by Brooks-Jeffrey Marketing Servers and they were successfully hacked within the first 24 hours of launch,according to the TIME Magazine Blog[10]. Furthermore, not long after Antisec’s initial intrusion and data heist, the group also claimed it was able to hack their replacement servers and deface all 70+ domains.
We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information. For too long they have been using and abusing our personal information, spying on us, arresting us, beating us, and thinking that they can get away with oppressing us in secrecy. Well it’s retribution time: we want them to experience just a taste of the kind of misery and suffering they inflict upon us on an everyday basis. Let this serve as a warning to would-be snitches and pigs that your leaders can no longer protect you: give up and turn on your masters now before it’s too late.
August 19th, 2011: Vanguard Defense Hack
On August 19th, 2011, Antisec released a gigabyte of private documents and 4,713 emails obtained from Vanguard Defense Industries (VDI), the Texas-based firm best known for its development of U.S. military weapons like ShadowHawk, an unmanned helicopter capable of handling aerial surveillance, as well as security consulting services with U.S. government agencies.
Antisec also revealed that after breaching the company’s website, they extracted thousands of published e-mails from an account associated with Vanguard’s senior vice president Richard Garcia. He is also a board member at Infragard, an FBI program designed to facilitate cooperation between public and private cybersecurity initiatives.
The Tech Herald reported that Antisec targeted Vanguard due to their affiliation with a number of state and federal law enforcement agencies, including the Texas State Police, FBI, Department of Homeland Security and U.S. Marshals Service. According to their interview with an Antisec associate, they were able gain access to Garcia’s e-mail account through VDI’s website, though the source wouldn’t specify what method was used.
The VDI data leak will have a searchable index, and its own website. Within the leaked messages, there were emails to several government agencies, as well as law enforcement agencies in Arizona, Illinois, and Ohio, each one wanting to purchase or gather information on VDI’s unmanned vehicle. There were several memos, some Confidential, most classified as For Official Use Only, related to intelligence gathering for various business sectors. One such memo, several months old, warned that a group calling itself Rising Tide were planning “protest and possibly civil disobedience” activities against oil and natural gas interests in Pennsylvania and Texas.
Back in June 2011, AntiSec affiliate LulzSec hacked the Web site of InfraGard Atlanta, releasing passwords and other sensitive information.
September 2011: Texas Police Chiefs Association
Following the arrest of Topiary and several members allegedly linked to Operation Antisec, Anonymous launched retaliatory attacks against the websites of the Texas Police Chiefs Association and the U.S. Court of Appeals for the Ninth Circuit. On September 1st, the Texas Police Chiefs Association website was defaced by the group and various documents marked “sensitive” and “for official use only” including police officers’ personal phone numbers were released in public.
October 2011: International Association of Chiefs of Police
On October 21st, Anonymous dumped 600 megabytes of information obtained from various law enforcement agencies including the International Association of Chiefs of Police, Boston Police Patrolmen’s Association, and the Sheriff’s office of Baldwin County in Alabama in support of the Occupy movement.
Leaked information included membership rosters, internal documents, and social security numbers from the International Association of Chiefs of Police; nearly 1000 names, ranks, addresses, phone numbers, and social security numbers of police officers in Jefferson County, Alabama and Birmingham, Alabama; 1000 names and passwords of members of the Boston Police Patrolmen’s Association; and the financial information and client list of web developer and marketing company Matrix Group, a business with several law enforcement clients.
In addition to the leaks, Antisec claimed that at least 40 law enforcement-run websites were targeted by the hacktivist group, many of which had their content replaced with an anti-police rap video.
November 2011: California Department of Justice
On November 18th, 2011, Anonymous published 38,000 email messages that were obtained from the Gmail account of Alfredo “Fred” Baclagan, a special agent supervising computer crime investigations with the California Department of Justice and the Computer and Technology Crime Hightech Response Team. According to the group’s statement, obtained information included exchanges among forensic experts discussing techniques for tracing cybercriminals and coordinating requests filed by law enforcement agencies. In addition to official correspondences, Anonymous announced it had gained access to Baclagan’s home address and phone number, as well as his text messages and his voicemail. The group also claimed that they used his Google Voice account to reach Baclagan’s friends and family members and purchased a camera using his Google Wallet account.
December 2011: Strategic Forecasting E-mail Hack
On December 24th, 2011, members of Anonymous had stolen e-mails and credit card data from the website of Strategic Forecasting Inc, a United States-based global security think tank group commonly known as Stratfor. Claiming to have retrieved over 200 gigabytes of data, the hackers criticized Stratfor in a Pastebin statement[11] for being “clueless when it comes to database security,” noting that the passwords were unencrypted and many of them were simply the name of the company.
After the hacking incident was reported in the news, the group posted two sets of credit card information, one containing 3,956 items and the other with 13,191 items. On the following day, they posted a set of over 30,000 items. The hackers also stated the credit card data was used to make donations to several charity organizations, including the Red Cross, Save the Children and CARE, though it remains in doubt whether the payments were ever processed to the groups.
February 2012: Wikileaks Publication of Global Intelligence Files
On February 27th, 2012, Wikileaks began publishing more than 5 million e-mails[12] from Strategic Forecasting Inc. that were allegedly obtained by Antisec-affiliated hackers in December 2011. According to the statement accompanying the leaked documents, the e-mails dubbed “Global Intelligence Files” reveal the inner workings of the intelligence publisher and its affiliations with large military defense contractors such as Lockheed Martin, Northrop Grumman, Raytheon and various government agencies.
Stratfor, a self-described publisher of geopolitical analysis based on private intelligence, released a statement via its Facebook page on the same day, describing Wikileaks’ decision as “deplorable” and “illegal.” The firm further asserted that some copies of the e-mails may have been forged or altered to include inaccuracies, though they refused to validate the authenticity of any documents. Following the leak, numerous Anonymous-affiliated Twitter feeds including @AnonOps, @AnonyOps and @YourAnonNews posted links to the Wikileaks page along with warnings about future leaks. According to the Wired article[12] citing an anonymous source with ties to Anonymous, the hackers decided to turn the information over to Wikileaks because the site was deemed more capable of analyzing and publishing the data.
“Basically, WL is the ideal partner for such stuff. Antisec acquires the shit, WL gets it released in a proper manner.”
August 2012: Wikileaks Exposes TrapWire
On August 9th, 2012, Wikileaks began releasing a new batch of documents regarding a governmental surveillance program known as TrapWire, a predictive software designed by the U.S. security firms Stratfor and Abraxas Corp to detect early signs of impending terrorist plots. Due to the covert nature of its operations prior to the release of the documents, the news was quickly met by baseless speculations and sensational headlines in the blogosphere as well as mainstream news outlets. Shortly after the Wikileaks’ release in August, the news site became targeted with a series of distributed denial-of-service (DDoS) attacks allegedly launched by a group calling itself “AntiLeaks,” rendering it virtually inaccessible for nearly a week.
September 2012: Millions of Apple ID Leaked
On September 3rd, @AnonymousIRC tweeted a link to a Pastebin post[18] allegedly containing more than one million Apple Unique Device Identifiers (UDIDs), a 20-digit hex value code that is used by Apple developers and mobile advertising networks to track user behaviors. In the following hours, the announcement of the data dump became widely reported in the tech news blogosphere[15] and picked up by major U.S. news outlets[16] as well.
1,000,001 from a total of 12,000,000 iOS devices, courtesy of FBIpastebin.com/nfVT7b0Z#Anonymous#AntiSec
— AnonymousIRC (@AnonymousIRC) September 4, 2012
According to the communique, AntiSec hackers obtained the data during the second week of March 2012 after gaining access to the Dell laptop computer belonging to FBI special agent Christopher K. Stangl, who has been actively involved with the agency’s cybersecurity recruitment efforts in the FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team. Shortly after the breach, Stangl’s laptop yielded a spreadsheet file with sensitive user information of more than 12 million Apple devices, ranging from UDIDs, user names, names and types of devices to mobile phone numbers, mailing addresses and zip codes linked to the UDIDs. Furthermore, the group explained that the hack was intended to raise public awareness surrounding the FBI’s intelligence gathering and monitoring of millions of Apple user information.
In addition to the release of Apple device-related data, the group specifically addressed journalists and reporters that it will not reveal any further information until Gawker staff writer Adrian Chen was featured on the front page of the news site with a huge picture of him dressed in a ballet tutu and shoe on the head. On the following day, Chen jokingly complied with the request by writing an article titled “Anonymous Demands to See Gawker Writer In Ballet Tutu For More Information On Massive FBI Hack”[17] featuring a photo of a pug wearing a tiara and a pink ballet tutu.
On Twitter
Search Interest
External References
[1]Anti Security Movement – Anti-Sec Movement
[2]WebArchives – anti.security.is
[3]Kotrotsos – Astalavista Hacked and Torn Apart
[4]SecLists – Ant-Sec – We are going to terminate Hackforums.net and Milw0rm.com
[5]ImageShack – ImageShack hacked by anti-full disclosure movement
[6]International Business Times – AntiSec: Biotech Company Monsanto Confirms Anonymous Hacker Attack
[7]CNN– Source: At least 14 arrested in operation targeting Anonymous
[8]Fox News – EXCLUSIVE: 16 Suspected ‘Anonymous’ Hackers Arrested in Nationwide Sweep
[9]Pastebin – Shooting Sheriffs Saturday | Official Release Statement
[10]TIME– Anonymous and LulzSec Fire Back at Police with Lethal Data Dump
[11]Pastebin – On Stratfor
[12]Pastebin – WikiLeaks begins publishing 5 million emails from STRATFOR
[13]Wikileaks – The Global Intelligence Files
[14]Wired – Wikileaks Pairs with Anonymous to Publish Intelligence Firm’s Dirty Laundry
[15]ZDNet – FBI hack yielded 12 million iPhone and iPad IDs, Anonymous claims
[16]CBS News – Anonymous hackers claim to have obtained 12 million iPhone and iPad IDs from FBI computer
[17]Gawker – Anonymous Demands to See Gawker Writer In Ballet Tutu For More Information On Massive FBI Hack
[18]Pastebin – SPECIAL #FFFEDITION– ANONYMOUS