Security rundown for week ending Aug. 19

Comments Off on Security rundown for week ending Aug. 19

Debate over wisdom of firewalls, passwords and SSL — plus, Anonymous strikes again

And speaking of anonymity and disruption in the more sinister sense of the words, this week didn’t go by without the shadowy hacker group Anonymous yet again hitting more targets for what are apparently their activist causes.


Best comptia A+ Training, Comptia A+ Certification at


The group Anonymous released personal data belonging to more than 2,000 public transport customers in the San Francisco area in retaliation for the Bay Area Rapid Transit (BART) transit system’s shutdown of mobile phone service on Aug. 11.

That mobile phone and Wi-Fi shutdown was a decision made by BART to try to slow a planned public protest against a police-related shooting awhile back.

BART last week officially apologized to the public that its network was hacked and customer data publicly exposed. But it didn’t end there. Another hacking break-in took place at the website of the union representing the rank-and-file BART police, an attack which may also be traced back to Anonymous.

Many thought BART went too far in cutting off communications to hundreds of thousands of BART commuters as an attempt to stall a planned protest, and, as an editorial from the San Francisco Chronicle noted, no one held the high ground in the conflict — not Anonymous, not the BART bureaucracy, not the protesters.

In addition, the Federal Communications Commission also took an interest last week, saying it was investigating what happened. “We are continuing to collect information about BART’s actions and will be taking steps to hear from stakeholders about the important issues those actions raised, including protecting public safety and ensuring the availability of communications networks.”

It was a pretty busy week for Anonymous, as the group also allegedly hacked yet another U.S. Department of Defense contractor, this time Vanguard Defense Industries. Anonymous says its latest haul, posted at Pastebin, includes internal meeting notes and contracts, schematics and non-disclosure agreement, among other things. Our reporter notes that a cursory look does seem to match the description provided by Anonymous, and one email shows Vanguard’s chief executive responding to a U.S. DOJ contact regarding the suitability of its ShadowHawk drone for use by the U.S. Marshals. Anonymous earlier this year said it would be turning its wrath against governments and corporations around the world in retaliation for anything of which it disapproves.

Hackers have a wide variety of motivations. Last week, Jason Cornish, 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pled guilty to computer-intrusion charges in connection with an attack on that company’s network last February. He wiped out 15 VMware host systems running email, order tracking, financial and other services at the Florham Park, N.J., company. The disruption is believed to have cost Shionogi $800,000.

So why did Cornish do this? It’s apparently a variant on the disgruntled employee/insider threat. He was a former IT staff employee who was still able to log in to the company’s network from a public McDonald’s Internet connection with a password. Hmm, maybe the NTSIC program and the Jericho Forum do have a point about reusable passwords … and should we hope Anonymous one day weighs in on whether firewalls are keeping them out? These days, malicious emails loaded up with malware are apparently a favored route to break into the corporate network. And Google issued a report last week detailing how it’s getting harder to detect Web-based malware.