The US Department of Homeland Security’s National CyberSecurity and Communications Integration Center (NCCIC) recently issued a bulletin alerting the security community, especially financial services, of Anonymous’ illicit activities over the coming months. The hacker collective has already taken the initial steps and attempted to “solicit ideologically dissatisfied, sympathetic employees” access and information via Twitter. The bulletin said this could lead to “unwilling coercion through embarrassment or blackmail” on the part of the personnel. The efforts of Anonymous in this regard seem futile so far, but we never really know till we see what happens next.

It would be too meager of the group if they rely solely on persuading employees in order to launch detrimental attacks. They’ve also geared up with some new tools. One such tool is called #RefRef. It can use a server’s resources and processing power to conduct a denial of service attack to itself. They also have the Apache Killer which can cause the same damage but towards other servers.

“Anonymous has stated publicly that the tool will be ready for wider use by the group in September 2011,” the DHS said. “But though there have been several publicly available tools that claim to be versions of #RefRef, so far it’s unclear “what the true capabilities of #RefRef are.”

DHS said there are 3 possible attacks that will happen. It will be initiated by an operation called Occupy Wall Street (OWS) as announced by Anonymous supporter Adbuster in July. The protest will amass some 20,000 people to “flood into lower Manhattan, set up tents, kitchens, peaceful barricades and occupy Wall Street for a few months” in protest to some of the government’s policies. The same thing will happen to other financial districts such as Madrid, Milan, London, Paris and San Francisco. The other two attacks are Operation Facebook and Project Mayhem allegedly set to launch o November 11, 2011 and Dec. 21, 2012 respectively.

“Anonymous has shown through recently reported incidents that it has members who have relatively more advanced technical capabilities who can also marshal large numbers of willing, but less technical, participants for DDOS activities,” the DHS said.

Enumerating the hacking activities executed under the Anonymous flag since last month, they defaced the website of Syria’s Ministry of Defense in order to stand against the brutal regime of Bashar Al-Assad. Anonymous then gets a dose of its own medicine and went down as Syria’s Ministry of Defense strikes back. The hacktivist collective was also enraged by the police force arresting their members and retaliated by unleashing 10GB worth of leaked law enforcement data which prevention tool maker Identity Finder confirmed later on that it contains “hundreds of private emails spools, password information, address, Social Security numbers, credit card numbers, snitch information, training files, and more.”

Then the group set sights on BART (Bay Area Rapid Transit), defacing their webpage and releasing names and passwords, and other personal data stored in MyBart.org. They defaced another defense contractor as well, Vanguard, and published 1GB worth of data belonging to the agency. Set on the other side of the world, Anonymous must’ve found the newly-restored internet on Libya a particularly delightful target and defaced the country’s domain name registry nic.ly. As Anonymous gets stronger and stronger by the day, police forces in affected countries carry on arresting alleged members of the group. The UK police, for example, has carried out another arrest in Hartlepool. They also attacked the Texan Sheriff force, dumping dialogue between sheriffs in memos, emails and discussion, revealing corruption and various other secrets in Pastebin.