Hacktivist collective Anonymous tweeted Monday morning that they will be releasing “shiny things” uncovered from an attack against the intelligence community. They unloaded the first batch via Pirate Bay, during an operation the subgroup is calling #MilitaryMeltdownMonday and did so under the AntiSec flag. The injured party this time is Booz Allen Hamilton, a consulting firm that works with the US Department of Defense (DoD) and Nation Security Administration (NSA). Over 90,000 military emails were compromised on top of expunging four gigabytes of source code.
“We infiltrated a server on their network that basically had no security measures in place,” Anonymous wrote. “We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!). We also added the complete sqldump, compressed ~50mb, for a good measure.”
In other words, Booz Allen Hamilton’s infrastructure server containing sensitive information was left unprotected and such revealing its business with DoD and NSA. One of the rather disturbing revelations from the spree was Booz Allen Hamilton’s interaction with HBGary, which centers on a proposed software that would allow security teams to take over online identities in social media to coxswain certain topics in favor of the government (part of a social media astroturfing concept called “persona management”). Dubbed as Metal Gear, Anonymous chuckles by the fact that US military personnel will have to change their passwords to avoid becoming the government’s “sock puppets.”
You would think the words “Expect Us” would have been enough to prevent another
epic security fail, wouldn’t you?
Well, you’d be wrong. And thanks to the gross incompetence at Booz Allen
Hamilton probably all military mersonnel of the U.S. will now have to change
Let it flow!
Booz Allen Hamilton have released no statement confirming or denying the intrusion into their system. When asked, a representative tweeted that it is their general policy to “not comment on specific threats or actions taken against our system.”
A prior primitive AntiSec intrusion initiated by Anonymous occurred at IRC Federal, an FBI-affiliated website. Not only did they steal and leak sensitive internal documents, they also defaced the site.
But to be fair, not all hackers are crude and artless. One such example is the intrusion to the Lochkeed Martin Network, the largest defense contractor in the US. The disruption was associated with compromised RSA SecurID tokens, casuing them to shut their network. The same thing happened to Northop Grumman, which also forced them to shut off remote access to its network without warning.
Months ago, Anonymous also targeted HBGary, which led them to cancel their talks at the RSA 2011. “‘Anonymous’ illegally broke into computer systems and stole proprietary and confidential information from HBGary, Inc. This breach was in violation of federal and state laws, and stolen information was publicly released without our consent,” according to an HBGary statement. “In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks,” they added.