Following on from recent concerted campaigns by Anonymous against Israel on April 7 and Facebook on April 5, the latest target for the online hacktivist collective is the USA and American online interests. Today, hackers and script kiddies of various affiliations are expected to begin a campaign of hack attacks and general online disruption against any target that is related to the USA. From previous activity of this sort, the attackers are generally opportunistic in nature and will aim for the low hanging fruit. Attacks may take various forms including the following:
Attackers may use any number of means to gain access or carry out their attacks, the favored methods include:
OpUSA was first announced back in April and it is quite possible that attackers have been preparing for this event for some time. For example, the recent mass attacks against WordPress sites may have netted attackers a large number of compromised webservers which may now be leveraged to perform large scale attacks for an event such as this one. The initial pastebin announcement included a wish-list of targets, indicating that US government and financial related sites are high on the agenda. We know that other US organizations will also be targeted as a large number of participants may not have the necessary skills or wherewithal to perform attacks against high-profile targets. These attackers with limited skills may perform opportunistic attacks against less protected organizations using basic techniques or toolkits widely available.
The much publicized activities of OpIsrael has shown that these concerted campaigns can have some level of success. Clearly, OpIsrael never lived up to its claim of “wiping Israel off the internet” but it did result in an increased number of organizations coming under attack. Another observation from OpIsrael is that attacks often started earlier than planned as some hacktivists either jump the gun or perhaps May 7 comes earlier for them depending on where they are based in the world. The same thing is happening this time and already some reports of site defacements and database leaks are trickling in.
Organizations with American interests should be prepared for attacks in the coming days and monitor for unusual activities in their networks and any attempts to breach their perimeters. Staff should also be trained on social engineering mitigation tactics and provided security awareness training. As usual, increased vigilance and a multi-layered approach to defense should help to ward off all but the most determined attackers.