Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • Networking
    • Storage

    Anonymous AntiSec Breaches Defense Contractor Vanguard Network

    Written by

    Fahmida Y. Rashid
    Published August 18, 2011
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Another defense contractor’s network and data has apparently fallen to the combined skills of hackers attacking Websites under the “AntiSec” banner.

      Members of hacktivist collective Anonymous have reportedly breached servers belonging to defense contractor Vanguard Defense Industries as part of the movement to steal and publicize documents from government agencies, according to a report in the TechHerald. Anonymous may have extracted nearly 4,713 emails and thousands of documents in this attack.

      Anonymous has gone after a number of defense contractors and government agencies recently as part of AntiSec, including Booz Allen Hamilton and InfraGard, a public-private partnership organization working with the Federal Bureau of Investigation.

      “Any private corporation[s] supporting U.S. military or law enforcement operations are legitimate targets in our eyes,” a member told theTechHerald, justifying the attack on VDI.

      The attack seems to have exploited vulnerabilities in the popular WordPress blogging platform. VDI apparently had not upgraded two out-dated plug-ins, leaving security holes wide open for the cyber-attackers to waltz through.

      “Recent large hacks making headlines are thought to have been performed by compromising just one plug-in in an enterprise,” Michael Sutton, vice-president of security research at Zscaler ThreatLabZ, told eWEEK. According to Zscaler’s latest “State of the Web” report, even if the software has been updated to the most up-to-date version, many organizations tend to fall behind in updating plug-ins, making it a lucrative attack vector.

      “The government requires stringent security methods in place for its contractors and VDI appears to have failed to implement even the most basic security, patching its Website,” Josh Shaul, CTO of Application Security, told eWEEK.

      Attackers also compromised the password used by Richard Garcia, VDI’s senior vice president and the former assistant director in charge of the FBI’s field office in Los Angeles, and gained access to his emails. The attack on Garcia’s account is slightly reminiscent of how Anonymous compromised emails at HBGary Federal because CEO Aaron Barr and chief operating officer Ted Vera had reused weak passwords across several systems.

      Attacks like these prove that even with all the cyber-attacks and data breaches in 2011 so far, some organizations still don’t take information security “seriously,” Shaul said. Simply monitoring database access and regularly patching software could have thwarted many of the basic attacks this year, according to Shaul.

      Vanguard was targeted because of its work with several local law enforcement agencies and ties with the FBI, Department of Homeland Security and the United States Marshals. The Texas-based company makes unmanned ShadowHawk helicopters used for aerial surveillance or equipped with guns and grenades for combat usage.

      The emails from Garcia’s account are expected to be released over the weekend with a searchable index. There are emails to several government agencies and local law enforcement agencies as well as memos marked “Confidential” or “for official use only.” There are email addresses, passwords, resumes, non-disclosure agreements and contracts, and financial details in the messages.

      Anonymous began the week by attacking the Bay Area Rapid Transit’s customer portal myBART.org to protest the San Francisco regional transit authority’s decision to shut down cellular service on several of its stations. Demonstrators were using mobile devices to plan demonstrations protesting two fatal shootings by transit police.

      Transit officials suspended service to prevent the demonstrations from disrupting normal train service. Approximately 2,000 had their personal information stolen in what was supposedly a SQL injection attack. To keep the pressure on BART, Anonymous also helped organize a street protest on Aug. 15 that resulted in BART authorities and the San Francisco police department shutting four downtown San Francisco BART and Muni stations for a few hours.

      An Anonymous group member also breached the BART Police Officer Association Website on Aug. 17 and publicized personal information, such as names, home addresses, email addresses and passwords belonging to 102 transit police officers.

      A leaked Internet Relay Chat log seems to indicate that the attacker was a first-time hacker from Canada acting alone and using a SQL injection tool. She claimed it took her four hours to break into the site. However, a member behind the Twitter account AnonyOps posted a disclaimer. “FYI, no one claimed responsibility for the hack. Some random Joe joined a channel and released the data to the press,” according to the AnonyOps post.

      Fahmida Y. Rashid
      Fahmida Y. Rashid

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.