Unless you’ve been living under a rock the past few months, you’ve heard about the attempts made by hackers on government websites, news organizations, and video game companies. There’s been a lot of talk about Anonymous, LulzSec, and the military-sounding Operation AntiSec. Governments are now seeing hackers as a widespread threat, and some members of the movement aren’t necessarily doing much to allay their concerns.
Early today, Twitter user anonymouSabu alerted the masses to something bigger than anything else Anonymous has attempted in the past few years.
Literally explosive? I can’t be the only one who thought of Rob Lowe while reading that…
Well, now Anonymous has released this damaging material in a torrent file on ThePirateBay.org titled “Military Meltdown Monday: Mangling Booz Allen Hamilton.” Booz Allen Hamilton is a Virginia-based consulting firm working primarily with government institutions, like U.S. intelligence agencies, the Department of Defense, and the World Bank. What struck me as particularly ironic about their site being targeted for hacks is that when I went to their main page today, this is the first thing that popped up:
The message accompanying the torrent also noted the irony:
So in this line of work you’d expect them to sail the seven proxseas with a state- of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge.
We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).
We also added the complete sqldump, compressed ~50mb, for a good measure.
Yep, that’s 90,000 e-mails & passwords they released. And to make matters more scandalous, Anonymous tied Booz Allen to HBGary, the computer security firm targeted by the group earlier this year after it threatened to release information about members of Anonymous, by claiming both firms were involved in government attempts to create “sock puppet” social networking accounts to spread government propaganda online, while aiming to making online anonymity a bigger hassle than it is now.
HBGary Federal was just one of several companies involved in proposing software solutions for this project. Another company involved was Booz Allen Hamilton. Anonymous has been investigating them for some time, and has uncovered all sorts of other shady practices by the company, including potentially illegal surveillance systems, corruption between company and government officials, warrantless wiretapping, and several other questionable surveillance projects. All of this, of course, taking place behind closed doors, free from any public knowledge or scrutiny.
This hacking attempt is part of a larger attempt by the “AntiSec” movement to expose government secrets and release confidential information to the public.
So far, Booz Allen has refused to comment on this specific case of hacking, but they have tweeted this message multiple times over the past few hours.
This is probably not the kind of news Booz Allen wants today, especially since they announced earlier that the firm was named as a prime contractor to support the modernization and new technological developments in the Department of Veterans Affairs.
Hacking is an important issue in dealing with the future of internet security, so over the next few days I’ll be writing up a few separate posts on these hacks, looking at the bigger picture and what governments are doing in response to the increases in hacking attempts over the last few years.