Stratfor has asserted that hackers from the Anonymous collective did not steal its confidential client list, but rather a list of people who had purchased its publications.
Strategic Forecasting, an organization that focuses on
intenerational security issues, is downplaying the severity of the cyber-attack
it suffered over the weekend, claiming its client list had not been stolen.
A group of hackers claiming to be part of the hacktivist
collective Anonymous attacked the global intelligence think tank on Dec. 24 and
stole approximately 200GB of information, such as credit card numbers and other
personal information, from
Stratfor's
servers, according to various posts on Twitter.
The attackers originally claimed to have obtained and
disclosed Stratfor's confidential client list. However, CEO George Friedman
said in a statement on Facebook on Dec. 25 that the information appears to be
"merely" a list of members that have purchased Stratfor's
publications in the past and did not necessarily mean those individuals or
entities had any kind of relationship with the think tank.
Stratfor suspended its Website and warned members in an
email that some names and personal information may be disclosed by the
attackers on other sites. As of Dec. 27, the Website is still displaying a
maintenance message.
There also appears to be some dissent online about the
collective's role in the Stratfor attack. An "
emergency press release" posted on
text-sharing site Pastebin criticized the attack and said the Stratfor
perpetrators did not represent the loose collection of hackers. Anonymous
doesn't have a formal organization or hierarchy, which means there's no single
"official" voice.
"As a media source, Stratfor's work is protected by the
freedom of press, a principle which Anonymous values greatly," the writers
wrote.
Hacktivist attacks increased dramatically in 2011 and will
continue to increase in 2012, Seth Goldhammer, director of product management
at LogRhythm, told
eWEEK. Hackers
will continue to use data theft, distributed denial of service and Website
defacement as ways to embarrass governments and private corporations,
Goldhammer said.
"Anon, LulzSec, Anti-Sec found their sea legs-buoyed by
a perceived greater cause the ease with which large corporations could be
brought to their knees," Anup Ghosh, founder and CEO of Invincea, wrote on
the company's blog, noting that attackers were often acting in response to
globalization, political unrest and perceived unfair corporate practices.
The Stratfor attackers have published some of the stolen
credit card information, which Identity Finder analyzed using its data
discovery and protection software. The company identified 50,277 unique credit
card numbers, of which 9,651 were active and not expired.
It appears some of those numbers have been used to donate
large sums of money to charitable organizations such as the American Red Cross,
Save the Children, African Child Foundation and CARE, according to
F-Secure's Mikko
Hypponen. The charities lose out twice in this scenario, as they won't see
a dime from these supposed contributions as they will have to return the funds once
credit card owners report the fraudulent transactions and may be hit with
penalties, Hypponen wrote.
Dumping personal information online, or "doxing,"
has become a pervasive security problem in 2011, Kris Harms, a principal
consultant at Mandiant, said in December's "State of the Hack"
presentation. Attackers are publishing sensitive information to publicly
embarrass specific individuals or organizations, and the victims are doubly
hurt when criminals use the information for identity theft and other crimes,
according to Harms.
Identity Finder also found 44,188 passwords in the dumped
dataset. Even though the passwords were encrypted, the company said roughly
half could be easily cracked. Approximately 73 percent of decrypted passwords
were considered weak in the analysis. Considering the prevalence of password
reuse online, the threat is "significant," according to Todd Feinman,
CEO of Identity Finder.
"The victims will have no way to know when an identity
thief is reusing their email and password combination to attempt to log into
their online bank, an online retailer where they have saved their credit card
for future purchases, or other online accounts such as email," said
Feinman.
Email
Print
