Anonymous, Islamist Hackers Plan Major Assault May 7
Anonymous supporters during a 2008 protest against the Church of Scientology in Los Angeles.
CREDIT: Vincent Diamante/Creative Commons
UPDATED 1 p.m. ET Monday with further comment from the Izz al-Din Qassam Cyber Brigades.
Ascribing a consistent political agenda to the hacktivist collective Anonymous is almost impossible. Anyone can claim the "Anonymous" moniker and use it for good or evil, provided that his or her work is subversive.
This time, a number of hacktivists from around the world, some of them taking on the Anonymous label, have set their sights on the United States' most powerful institutions in an event dubbed "OpUSA."
Anonymous and various Islamist groups claim that they will take down nine U.S. government websites tomorrow (May 7), including those of the Pentagon, the National Security Agency, the FBI and the White House, along with over 130 bank websites, such as those belonging to Bank of America, Capital One and TD Bank.
The Islamist hacker group Izz al-Din Qassam Cyber Fighters, which states its sole aim is to get the "Innocence of Muslims" video removed from YouTube, has pulled off many successful distributed denial of service (DDoS) attacks against large American banks over the past six months, but few other groups have managed to muster that kind of firepower.
Anonymous claims the Qassam Cyber Fighters will be participating in tomorrow's attacks; the Cyber Fighters have confirmed only that they support the goals of OpUSA.
[See also: Anonymous' Greatest Hits]
Other Islamist groups, such as Ajax Team, the Mauritania HaCker Team and the Muslim Liberation Army, have been named as participants and have done nothing to disavow that notion. The hackers behind OpUSA cite America's "war crimes in Iraq, Afghanistan, Pakistan and ... your own country" as justification for their upcoming attacks.
These hackers do not appear to be American, given their poor grasp of the English language ("Let's hurt them wher it's hurt the moste," declares their mission statement) and referral to America in the second person ("you shall pay," "your country," etc.).
The U.S. government is not overly concerned. The Department of Homeland Security (DHS) pegs the effort as part of ongoing harassment from Middle Eastern and North African hacker groups with possible connections to radical Muslim groups.
A DHS statement suggests that the group behind OpUSA is the same that launched OpIsrael last month. Security experts largely remember this attempt to disable Israeli websites over similar "war crimes" as a minor nuisance with little technical skill behind it.
If OpUSA runs like OpIsrael did, the DHS states that the attack "poses a limited threat of temporarily disrupting USA websites," nothing more.
OpUSA may actually already be underway, with limited effectiveness. A hacker or hacker group called "X-Blackerz Inc" apparently compromised the Honolulu Police Department's website late yesterday (May 6), posting 23 officers' email addresses and passwords.
X-Blackerz Inc claims that it has infiltrated over 100 other websites, including a number of American small businesses and Indian hospitality companies. A spot-check of these websites reveals that X-Blackerz Inc has indeed commandeered them to display anti-American propaganda, but none of the sites regularly draws major traffic, rendering the hack fairly inefficient.
At present, the U.S. government and banking websites seem unaffected, but the brunt of the attack isn't supposed to occur until tomorrow. If the DHS is correct, OpUSA will likely present little difficulty for major websites, especially since the organizations know that the attack is coming.
Still, expect a few more compromised small sites between now and Wednesday. If yours is one of them, stay calm and take steps to resolve the situation. You probably have more important things to show your audience than Anonymous hijinks.
UPDATE: The Izz al-Din Qassam Cyber Brigades issued a statement to the media Monday regarding their position on OpUSA and their own, ongoing, Operation Ababil series of attacks upon U.S. banking websites.
"Due to the simultaneity of OpUSA with Operation Ababil, and to abstain from ambiguity in the intentions of our operation, this week we will not run any attack and so Operation Ababil will be paused during May 7-9th," the statement read in part.