Exclusive: FBI warns of US govt breaches by Anonymous hackers

Published November 16, 2013
An illustration picture shows a projection of binary code around the shadow of a man holding a laptop computer in an office in Warsaw June 24, 2013. — Reuters Photo
An illustration picture shows a projection of binary code around the shadow of a man holding a laptop computer in an office in Warsaw June 24, 2013. — Reuters Photo

Activist hackers linked to the collective known as Anonymous have secretly accessed US government computers in multiple agencies and stolen sensitive information in a campaign that began almost a year ago, the FBI warned this week.

The hackers exploited a flaw in Adobe Systems Inc's software to launch a rash of electronic break-ins that began last December, then left "back doors" to return to many of the machines as recently as last month, the Federal Bureau of Investigation said in a memo seen by Reuters.

The memo, distributed on Thursday, described the attacks as "a widespread problem that should be addressed." It said the breach affected the US Army, Department of Energy, Department of Health and Human Services, and perhaps many more agencies.

Investigators are still gathering information on the scope of the cyber campaign, which the authorities believe is continuing. The FBI document tells system administrators what to look for to determine if their systems are compromised.

An FBI spokeswoman declined to elaborate.

According to an internal email from Energy Secretary Ernest Moniz' chief of staff, Kevin Knobloch, the stolen data included personal information on at least 104,000 employees, contractors, family members and others associated with the Department of Energy, along with information on almost 20,000 bank accounts.

The email, dated October 11, said officials were "very concerned" that loss of the banking information could lead to thieving attempts.

Officials said the hacking was linked to the case of Lauri Love, a British resident indicted on October 28 for allegedly hacking into computers at the Department of Energy, Army, Department of Health and Human Services, the US Sentencing Commission and elsewhere.

Investigators believe the attacks began when Love and others took advantage of a security flaw in Adobe's ColdFusion software, which is used to build websites.

Adobe spokeswoman Heather Edell said she was not familiar with the FBI report. She added that the company has found that the majority of attacks involving its software have exploited programs that were not updated with the latest security patches.

The Anonymous group is an amorphous collective that conducts multiple hacking campaigns at any time, some with a few participants and some with hundreds. In the past, its members have disrupted eBay's Inc. PayPal after it stopped processing donations to the anti-secrecy site Wikileaks. Anonymous has also launched technically more sophisticated attacks against Sony Corp and security firm HBGary Federal.

Some of the breaches and pilfered data in the latest campaign had previously been publicized by people who identify with Anonymous, as part of what the group dubbed "Operation Last Resort."

Among other things, the campaigners said the operation was in retaliation for overzealous prosecution of hackers, including the lengthy penalties sought for Aaron Swartz, a well-known computer programmer and Internet activist who killed himself before a trial over charges that he illegally downloaded academic journal articles from a digital library known as JSTOR.

Despite the earlier disclosures, "the majority of the intrusions have not yet been made publicly known," the FBI wrote. "It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed."

Opinion

Editorial

Smog hazard
Updated 05 Nov, 2024

Smog hazard

The catastrophe unfolding in Lahore is a product of authorities’ repeated failure to recognise environmental impact of rapid urbanisation.
Monetary policy
05 Nov, 2024

Monetary policy

IN an aggressive move, the State Bank on Monday reduced its key policy rate by a hefty 250bps to 15pc. This is the...
Cultural power
05 Nov, 2024

Cultural power

AS vital modes of communication, art and culture have the power to overcome social and international barriers....
Disregarding CCI
Updated 04 Nov, 2024

Disregarding CCI

The failure to regularly convene CCI meetings means that the process of democratic decision-making is falling apart.
Defeating TB
04 Nov, 2024

Defeating TB

CONSIDERING the fact that Pakistan has the fifth highest burden of tuberculosis in the world as per the World Health...
Ceasefire charade
Updated 04 Nov, 2024

Ceasefire charade

The US talks of peace, while simultaneously arming and funding their Israeli allies, are doomed to fail, and are little more than a charade.