Homeland Security invents new bugbear – Anonymous

Now that Osama bin Laden is dead and the terrorist threat to the US is reduced, the Department of Homeland security appears desperate to need a new super-villain to fight.

After all, if there are no enemies then its reason for existence and all those flashy powers are a bit daft. Voters are not going to allow Homeland Security to continue to exist if they are more likely to get beaten up by a cop than they are by a terrorist.

According to Wired, Homeland Security seems to have settled on the hacker group Anonymous as a potential supervillain. A new Security bulletin claims that Anonymous has expressed interest in hacking industrial systems that control critical infrastructures, such as gas and oil pipelines, chemical plants and water and sewage treatment facilities.

This is the same claim that the DHS made for Al Qaeda and this never happened. The DHS admits that Anonymous has not got the necessary skills but says that it could get them very quickly.

It says that the only reason that Anonymous has not managed to attack such sensitive targets is that it hasn’t got an evil genius running the whole operation. Once someone, with a cat, takes control of Anonymous from his evil island base, then the west could collapse in a matter of minutes.

Anonymous could overcome their lack of specific expertise by studying publicly available information, so the claim goes.

The DHS warns that experienced and skilled members of Anonymous in hacking could be able to develop capabilities to gain access and trespass on control system networks very quickly.

The report admits that attacks on such systems are not really Anonymous’ style. It prefers to “harass and embarrass their targets using rudimentary attack methods.” But the group’s interest in attacking these systems could grow once they realise how poorly the systems are secured, and they figure out how to leverage information that is already publicly available about vulnerabilities in the systems, the report said.

The evidence that Homeland Security used to justify putting Anonymous in its sights is a July 11 post at Pastebin, where a denial-of-service attack against Monsanto and possible future plans against the company were discussed and on July 19, a known member of Anonymous tweeted the results of browsing the directory tree for Siemens SIMATIC software.

Another Anonymous member pointed to XML and HTML code that could be used to query the SIMATIC system to find vulnerabilities in it. The fear being generated here is that Anonymous could launch Stuxnet style attacks against US infrastructure.

Still there is some indication that the DHS is grasping at straws here.

We are talking about Anonymous, and Stuxnet was suspected to have been created by some of most highly trained techies in US and Israeli intelligence. Even then it had to be manually installed in some offline computers, which is something that Anonymous could not do. 

Besides, as a hacktivist movement, Anonymous claims it is on the side of the people, not against them.