This weeks multiple attacks on the enemies of WikiLeaks by the Anonymous group shows the scale that ‘hacktivists' can work on and this should be a call to arms for securing websites.
In the latest distributed denial-of-service (DDoS) attacks, the Anonymous group claimed to have taken down the Visa website, as well as launching a fresh assault on PayPal. However its Twitter account was temporarily suspended overnight.
Following the hit on MasterCard, a report from rawstory.com claimed that the Anonymous group had published a list of what it said were 10,000 MasterCard credit card numbers, with a tweet saying: "To the people of the industrial world, dismiss your MasterCard now!" The list included card numbers and expiry dates but not the names of the cardholders.
However it later emerged that the numbers were not genuine, as MasterCard spokesman Chris Montero said that all MasterCard numbers begin with a ‘5', and the list seen by Raw Story did not appear to include any serial number that began with a five.
Claire Sellick, event director of the InfoSecurity Europe event, said: “The fact that the massive MasterCard website, which is accessed on a regular basis from many countries around the world, has been downed by a DDoS attack shows the scale the hacktivists can now operate on.
“Other sites of organisations that severed their links with Assange in recent days have also been subjected to DDoS attacks of varying intensity, but one thing is for sure, these attacks will continue on the sites concerned for a long time to come.”
She commented that for organisations, route diversity can often include using more than one business ISP for internet access, which if combined with the use of different local phone exchanges for the broadband lines, can make a firm's internet facilities far more robust against a disaster.
“Good IT security planning also has its place. You don't need to spend a fortune on beefing up your internet security. A little forward planning can go a long away," she said.
"Once thing is for sure, however, and that is the WikiLeaks DDoS attacks are not going to go away. If anything we expect they will intensify in the days ahead and companies need to take this opportunity to review and boost their IT/IP security arrangements to protect themselves.”
ForeScout recommended establishing an information security policy to limit the distribution of sensitive information, segment information resources and network topology and enforce policy at the application, desktop and network layers as a preparation of defence.
Roger Rawlinson, managing director of the assurance division at NCC Group, said that the series of attacks by the Anonymous group in defence of WikiLeaks charts the growing use of cyber attacks as a weapon to make political statements by attempting to embarrass large organisations.
“However, these are more commonly seen against political groups or government websites, rather than blue chip companies. In cancelling their contracts with WikiLeaks through political pressure, the companies are thought to have become the targets of hacktivism, one of the fastest growing uses for cyber crime. Others that have cancelled contracts or severed ties with WikiLeaks would do well to review the robustness of their websites and review their security strategies as quickly as possible,” he said.
Chester Wisniewski, senior security advisor at Sophos Canada, said: “It is against the law to participate in DDoS attacks, even if many people are angry about the coordinated efforts to shut down WikiLeaks. The public has had its eyes opened to how easy it is for a small group of internet users to have a large impact on the functioning of major websites. Unfortunately the internet is still a growing entity and is not yet strong enough to defend itself against determined adversaries.”