NATO Systems Breached With Zero Day Attack

Tuesday, July 05, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

A group calling itself "Team Inj3ct0r" has claimed responsibility for an attack that penetrated NATO computer systems using an exploit based on a previously undisclosed zero day vulnerability.

A 50 MB dump containing 2646 NATO files is reported to have been posted online by the hackers in an effort to confirm the attack's authenticity.

In a text file note left on NATO servers the attackers said:

"NATO lamers! I've been watching you day and night since then! W00t! Your Machines rooted! Servers restored to default! what else! F**k you and your crimes! and soon enough all your stupid ideas will be published on WikiLeaks! Greetz.. I stand alone :)"

NATO is taking the threat of hacker attacks very seriously. General Rapporteur Lord Jopling said in a statement released in June:

"Observers note that Anonymous is becoming more and more sophisticated and could potentially hack into sensitive government, military, and corporate files. ...even if one is in favour of transparency, military and intelligence operations simply cannot be planned and consulted with the public. Transparency cannot exist without control. The government, and especially its security agencies, must have the right to limit access to information in order to govern and to protect."

Last month, NATO officials had reported a breach of their ebookstore systems which are administered by a third party. The event is thought ot have compromised customer details including usernames, email and physical addresses.

The NATO breach is the latest in what is expected to be a flurry of attacks against high profile targets by a variety of emerging hacktivist cells inspired by the antics of groups such as Anonymous and offshoots like the now defunct LulzSec collective.

Anonymous recently released the "OpNewBlood Super Secret Security Handbook" in an effort to recruit more would-be hacktivist types to further the Internet anarchy cause.

The publication is intended to instruct aspiring armchair hackers on methods used to obscure one's identity while conducting operations online and avoid exposing one's identity to rival hackers and law enforcement.

The publication is more evidence that Anonymous' leadership may be shifting tactics by moving away from conducting offensive operations themselves, and instead are concentrating on efforts to enable others take up the hacktivist cause.

Anonymous supporters have also initiated the so-called School4lulz, a resource for hi-tech hooligans to learn the finer art of hacking, cross-site scripting, SQL injections, botnet herding, doxing, and tools of the trade.

The shift in tactics is being concentrated under the brand "AntiSec", and we can expect to see a dramatic uptick in hacktivist operations moving forward.

Expect to see the emergence of multiple groups with clever names like "Team Inj3ct0r" and the recent arrival "Scriptkiddies" - the group who just claimed responsibility for hijacking a Twitter accont belonging to FoxNews and posting false messages claiming President Obama had been assassinated over the Fourth of July holiday weekend.

Possibly Related Articles:
22813
Network->General
Attacks Headlines Anonymous Hacktivist hackers breach NATO Lulzsec Scriptkiddies Team Inj3ct0r
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.