PARANOIA IN AFTERMATH OF OF SO CALLED FLOP #0P-USA FLOP OR SMOKE SCREEN ??? QUESTIONS REMAIN bloomberg reports
Hacking attacks that fizzle can be just as dangerous as those that don't.
This week, the loosely coordinated Anonymous hacking crew promised an all-out assault against U.S. government and banking websites in retaliation for drone attacks and the wars in Iraq and Afghanistan. Tuesday was supposed to be a day of "justice for the downtrodden," with the sites of more than 100 large organizations coming under sustained denial-of-service computer attacks.
A wave of attacks against U.S. banking websites this week apparently fizzled. Considering the banks' intense secrecy around security risks, though, we may never know whether "OpUSA" achieved its true aims. Photographer: Getty Images
That didn't happen. A few sites, mostly obscure, were defaced or disrupted, and there were only six serious delays overall, according to Carl Herberger, a vice president at Radware, a security firm in Tel Aviv, Israel, that monitored the attacks.
On the surface, "OpUSA" appeared to be a flop. The truth is, though, that we may never know whether it achieved its real aims. The reason? As I described in a Bloomberg News story this week, hackers are refining their skills of misdirection -- and getting rich from it.
Tens of millions of dollars have been stolen from European banks over the past year by criminals using denial-of-service attacks -- launched by them or by political "hacktivists" -- as cover for stealing credit and debit card numbers, according to Symantec, a Mountain View, California-based security firm that investigated the attacks. While the banks' security teams scrambled to keep their sites online, hackers used malicious software to quietly drain customer accounts.
This week's attacks-that-weren't have the feel of a giant sleight of hand. Maybe the whole thing fizzled because banks' security is getting better, as Herberger suggested. Or maybe Anonymous was trolling the media, which it has been known to do. Another explanation, though, is that maybe the threat of a major attack was just a test to see how officials would react, and possibly a misdirection to pull security resources away from more serious types of fraud.
This exploit reported to us by Mauritania Attacker today, yesterday he also reported the text load injection in graph.facebook.com.