BOSTON -- Gaining a greater understanding of an adversary typically ends in smarter defenses and ultimately safer data, but two researchers attempting to paint an image of the faceless people that make up the Anonymous hacking group are unraveling a posh entanglement of people with various intentions.
Anonymous held up a mirror to our neglect… They showed us how insecure we're and what sort of of a farce a number of this is often.Joshua Corman,
director of security intelligence,
Akamai Technologies
Not only is it difficult to color an image of the makeup of Anonymous, however it is equally as difficult to define the movement, in step with two security researchers who gave the outlet keynote Tuesday on the 2012 SOURCE Boston Conference. Joshua Corman, director of security intelligence at Cambridge, Mass.-based Akamai Technologies, and Brian Martin, a researcher who goes by the name Jericho of the Attrition.org website, broadly outlined their work of assorted papers trying to outline the intentions of these that describe themselves as members of Anonymous. The research is meant to assist demystify the crowd, shed some common misconceptions, and warn the protection industry of the intense consequences of ignoring the long-term threat posed by the gang, Corman said.
“Anonymous held up a mirror to our neglect,†Corman said. “These were pretty simple exploits… They showed us how insecure we're and what kind of of a farce a number of this is often.â€
Distributed denial-of-service (DDoS) attacks, website defacement by targeting SQL injection, cross-site scripting (XSS) and other common website vulnerabilities, were completed by individuals within the name of Anonymous. The techniques, while simple â€" using automated tools â€" and comparatively unsophisticated, were successful in gaining media attention and giving heft to the worldwide hacktivist movement. The breaches also proved to be costly and embarrassing for some businesses, namely Sony Pictures Entertainment, Fox Broadcasting Company, PBS and HBGary. But, in keeping with Corman, more serious are the attacks being performed by cybercriminals under the guise of Anonymous movement.
“It's more of a brand and a franchise this is borrowed and frequently abused by anyone,†Corman said of the “Anonymous†group name. “I'm more considering the false attacks and pretenders stealing intellectual property within the name of ‘Anonymous.'â€
The two researchers have created a blogging series called Building the next Anonymous, which outlines how the hacking group can overcome its organizational problems, build end-game ethics, become more efficient and attain its objectives with less collateral damage. The series is an outgrowth of a panel discussion about Anonymous and the Anonymous hackivisits by which the 2 researchers participated in at Defcon 19. The goal is to construct a better understanding of the movement in a non-confrontational way, Corman said.
Anonymous had its roots within the Antisec movement inside the early 2000s. It gained prominence during Internet retaliation over legal action against Wikileaks and its founder Julian Assange. It's built at the idea of retaliation, Jericho said. “Anonymous is reactionary; you do bad and we'll punish you,†he said. “What happens in the event that they start using fear as a device?â€
Jericho, who also serves as director of non-profit activity in danger Based Security, said the group has been loosely made up of people reacting to something they don't like. “It isn't a classic group, Jericho said. “It's a meta group or ideology.†Jericho likens the crowd to historical analysis of pirates or to the wide swath of groups that make up modern-day Christianity with various beliefs, moral convictions and tolerance levels.
“With Anonymous there is a huge grey area,†Jericho said. “Some persons are involved sooner or later and not the following.â€
Nessun commento:
Posta un commento
Comments links could be nofollow free