The group – which promised last week that it would strike out in protest at the amount of money being spent on the World Cup – launched its #OpHackingCup campaign on June 11 and started by defacing eight World Cup websites and DDoSing one other – www.worldcup2014.gov.br.
The DDoS attack against the aforementioned attack lasted for several hours and access to the site was intermittent throughout the day. At the time of writing, the website was offline.
The campaign, which is targeting government websites and those of World Cup sponsors including Adidas, Budweiser, Coca-Cola, McDonalds, Sony and Visa, also saw the take-down of the Brazilian websites for Universal Music, the Bank of Brazil, the police of São Paulo, one of the host cities, and – bizarrely – British singer Taio Cruz (the website has since come back online).
Other websites to have been targeted included http://www.cm.guaiuba.ce.gov.br/, http://www.itaicaba.ce.gov.br/, www.saobento.ma.gov.br (hacked and defaced), barro.ce.gov.br (recovered), http://indaial.sc.gov.br/ (down), http://igarapedomeio.ma.gov.br/ (recovered) and http://procon.sp.gov.br/ (down).
In a security advisory posted earlier today, Symantec said that hackers would be relying on attack methods like DDoS attacks bandwidth saturation, resource starvation and data theft attempts. It didn't rule out attacks on critical infrastructure.
“Public announcements by these groups are often used as a means to gain notoriety or media attention and can be of highly volatile credibility,” said the company in the advisory. “These attacks are typically low scale consisting of DDoS activity against publicly accessible webservers, website defacement efforts, or data exploitation.”
Edward Parsons, senior manager in cyber security at KPMG, said that it was normal for attacks to peak before and during major tournaments.
“There were warnings about the potential for such attacks from the cyber security community for about six months. It's now normal for the risk of cyber attacks to rise before and during major events, though many organisations will have already prepared for this,” he said in an email to SCMagazineUK.com.
“Issue-motivated groups have long used major sporting events as a platform to promote their cause. This kind of attack is the modern equivalent of a crowd protests outside an office. Cyber attacks have become a popular way of gaining notoriety and publicity, though it's not clear what motivations were behind this attack but could well be the issues that have seen Brazilians protesting almost daily.
“The hackers used DDoS, or Distributed Denial of Service attacks – sending high volumes of traffic to sites unable to cope with the numbers – causing them to crash. DDoS mitigation is possible but attacks are getting bigger in scale as capability once on the hands of only sophisticated actors become available as a service. Businesses therefore need to determine whether the outlay in cost is worth incurring to allay this risk. Otherwise it will not be a question of if, but when they will be attacked and brought down.”