The Italian cyber crime agency has been hacked, with 8GB of data released online.
With media speculation that the incident against the Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche (CNAIPIC) was in retaliation for arrests of Italian members of Anonymous, a statement from the hackers did not bear the typical trademarks of the group.
The hacktivism group did post a link to a statement, which said that it was a ‘pre-release of a series' that was going to reveal European cyber operation evidence exploitation and abuse' and would be ‘the biggest in history'.
It said that information was going to be published and tweeted ‘all over Anonymous and the LulzSec community'. The statement, which was signed off as ‘NKWT LOAD', said: “Today we were granted with the Italian law enforcement's Pandora Box; we really think it shall be a new era of ‘regreaissance' to the almighty Homeland Security Cyber Operation Unit in the EU. So we decided to leak everything they got since they were established as a full-scale cyber taskforce named CNAIPIC.
“This corrupted organisation gathered all the evidence from the seized property of suspected computer professional entertainers and utilised it over many years to conduct illegal operations with foreign intelligence agencies and oligarchy to facilitate their lust for power and money. They never used obtained evidence to really support ongoing investigations.”
Among the estimated 8GB of data that was leaked, it said that it was information relating to government departments in Egypt, Australia, Russia, Ukraine, Nepal, Belarus, Gibraltar, Cyprus, the Cayman Islands and Vietnam. Also among the data was details relating to legal firms and oil company Exxon Mobil.
David Harley, senior research fellow at ESET UK, said: “The British government should always be concerned about the security of its websites. Even if Anonymous or its cronies aren't planning a revenge attack (and they may well be), someone is always looking for access to ‘interesting' sites. The new wave of hacktivists and for-the-giggles attackers are going to look for sites with maximum potential for notoriety/PR/bragging rights.
“We are seeing more and more of these types of attack and I'm sure we will see more to come. These types of attack fuel public opinion and regardless of what anyone says, these groups have a large following.
“I think any organisation should be worried if they hold public records, quite often in these cases the data is ‘subbed' out to third parties for storage and management (and often worryingly to the lowest bidder), whilst all of this is pure speculation I'm sure we will never know the full truth of who is or were to blame.”
The news follows another cyber security centre hacking in Germany. The German government opened a new cyber defence centre in Bonn in June, but the centre was hacked only a few weeks later.
According to Techworld, the ‘n0n4m3 cr3w' (No Name Crew) claimed responsibility in an interview and offered an encrypted file for download on its website, stating that it had collected emails and confidential data from the police and customs authorities. The group said it would release the password for the encrypted file should police arrest any of the group's members.
Security authorities reported to have arrested two members of the group on Sunday, including a 23-year-old calling himself ‘Darkhammer'. However the group denied that the people arrested were members of the No Name Crew.
Also this week, US Computer Emergency Readiness Team (US-CERT) director Randy Vickers resigned after several high-profile attacks on government computer systems.
According to Reuters, the Department of Homeland Security declined to comment on the reason for his departure, but Vickers' resignation follows several high-profile attacks against the Pentagon and public websites of the Central Intelligence Agency and US Senate.