One-hundred and eleven Mexican websites, some of them related to Mexico’s mining industry – others related to Mexico’s Senate and Ministry of Interior, Alabama’s state website, the UN, and even the CIA, were targeted this weekend by various supporters of Anonymous. The reasons for the attacks are as diverse as those who carried them out.
The CIA.Gov website faced a DDoS attack, presumably carried out by Anonymous, though assuredly supported by them if not. As was the case with the previous DDoS attack against the CIA by Anonymous, nothing serious happened other than the main CIA.Gov domain going offline for a few hours. Aside from the fact that it is the CIA, there were no reasons given for the event, it simply happened during a string of attacks over the weekend, just one more target to add to the growing list.
In Mexico, 111 websites were attacked, and either taken offline or exposed via SQL Injection attacks, over Mexico’s version of SOPA, which imposes a fine of $100,000 for copyright law infringement. Some of the domains targeted in the attack were defaced with a message that the copyright law’s “only interest” is economic and those governments supporting it are “forgetting the demands that the people” and “only hear those who have enough money to buy a piece of government power…”
Moreover, the attacks in Mexico targeted the Mexican National Chamber of Mines (Caminex), as well as the Mexican Mining Ministry. The Caminex attack resulted in more than 700MB worth of emails being delivered to the public.
“Mexico, the miner companies and the miner sindicates are together only to steal our minerals. With a value (sic) over $200,000,000 and forcing our miners to work in extreme danger conditions… you rob you own miners, we rob you e-mail accounts,” those responsible for the attack stated. (Note: Comments were cited verbatim)
Lastly, Cabin Crew, a group loosely associated with Anonymous and one of the more vocal supporters online, went after the state of Alabama for their controversial bill on immigration.
“We at the Cabin have been monitoring your recent racist legislation in an attempt to punish immigrants as criminals… We targeted your police and government servers, and as a result of this journey through the nether of your servers, we have stumbled across a treasure trove of data belonging to people in the state of Alabama,” the group explained in an announcement.
However, only a fraction of the data taken during the compromise was exposed, and even then it was redacted to the point of being useless to others. Cabin Crew managed to locate a database containing full names, Social Security Numbers, DMV data, phone numbers, addresses, DOB, and criminal record status. The point of the breach and data leak was to prove a point it seems.
“We believe in protecting citizens’ personal data. Because of your police being lazy when it comes to data security, we have acquired the following information of over 46,000 citizens of the state of Alabama…”
“Our protocol for handling this information was light years ahead of the effort your administrators put into it. We acquired the data, passed it to another of our crew to randomly select 4,000 records shared with our crew. After viewing the nature of this data, we randomly selected 500 records and redacted them for release. The remaining copies were erased,” the group explained.
As the year moves forward, experts speculate that actions and random events such as those observed this weekend are only the beginning. It would seem that 2012 will be the year of exposure, loss, and cyber vigilantism.