Anonymous takes down Boston PD site, releases FBI/Scotland Yard call
A Boston Police Department Web site was hacked Feb. 3, making it the latest in a string of government systems that have been taken offline in the wake of malicious activity.
The group Anonymous took credit for the attack in support of the Occupy Wall Street movement, defacing the public outreach blog site BPDnews.com with a banner reading “ANONYMOUS HACKS BOSTON POLICE WEBSITE IN RETALIATION FOR POLICE BRUTALITY AT OWS,” and promising “plenty more mayhem to deliver.”
The Boston P.D. incident is an example of high-profile hacktivism, coming in the wake of lower profile incidents at federal agencies that have resulted in the quiet shutdown of systems. The Commerce Department’s U.S. Economic Development Administration has been offline for about two weeks. The Website at eda.gov/ displays only a message reading, “EDA’s website and e-mail system is experiencing a disruption in service. The agency is working to address the issue and resume normal operations as soon as possible.”
Anonymous lures unwitting users into online campaign
FTC site still down after Anonymous hack; anti-piracy fallout spreads
Meanwhile, a Federal Trade Commission site has been offline for more than week after another attack by Anonymous in opposition to antipiracy legislation being considered in Congress. Visitors to the site are redirected to an alternate page with the message, “The partnership site OnGuardOnline.gov run by the Federal Trade Commission was hacked on January 24, 2012. We have taken the site offline until an ongoing review confirms that the site is secure. In the meantime, we've made some of our most popular resources available here. We appreciate your patience.”
Anonymous also claimed credit Friday for intercepting and releasing a call between the FBI and Scotland Yard in which detectives discussed investigations into cyber crime, the Washington Post reported.
It is unlikely that all of the incidents are part of a single pattern, said Kenneth Pickering, development manager for Core Security’s security intelligence.
“The point of hacktivism is to get your message out,” as was done on the Boson site, Pickering said. “It’s a public activity.”
The lack of a claim for credit for the Commerce Department hack makes it appear unlikely the EDA was the victim of hacktivists. And despite the number of recent high-profile breaches, it is unclear whether this represents a real uptick in malicious activity against government.
“It’s hard to say how much it is up or down because more of it is being reported,” Pickering said. But, “the public perception is that we are less secure today and I think that’s the way most people in the industry feel.”
Regardless of the trends, hacktivism is emerging as a potent form of public protest, and the Anonymous collective is in the lead.
“Anonymous is really showing themselves as a credible force in the hacktivist movement,” Pickering said. “Their knowledge and size make them a serious problem to anyone who runs afoul of their politics or takes them head-on.”
The Boston Police Department said in a statement that it is “working diligently to restore the function of BPDNews.com, the department’s public safety blog. Our skillful technical staff is focused on rectifying this issue. Detectives continue their investigation into individuals engaging in this type of disruptive and criminal activity.”
Pickering said the Boston incident emphasizes the need for enterprises to be prepared to respond quickly to attacks to stop malicious activity in the early stages. “We no longer have to focus on how not to be breached, but to anticipate breaches and minimize data loss.”
The Boston police got off lucky, he said. “In terms of breaches, website defacement is embarrassing, but it’s not a huge threat to the BPD.”
William Jackson is freelance writer and the author of the CyberEye blog.