It is hard to predict whether this week’s arrest of six prominent LulzSec and AntiSec members will have a destructive enough effect on the loosely organized hacker collective Anonymous.
News outlets have tried to discover what kind of men hid under the well-known aliases and, as it turns out, most of them can be considered extremely knowledgeable when it comes to assorted hacking techniques and highly motivated.
Indeed, various security researchers point out that LulzSec members were obviously more capable of breaking into digital assets that the rest of Anonymous, whose members are believed to be “skript kiddies” – the operative word here is “kiddies” – who want to rail against the injustices of the world but don’t actually know how to do it except for joining in DDoS attacks.
Law enforcement agencies involved in the investigations and the arrests are hoping that without these “leaders”, Anonymous will present a lesser threat to everyone – especially to private businesses, governments and their various organizations.
It is too soon to tell whether their hopes will be realized, but for now, the Anonymous collective continues with attacks.
In the last two days they launched DDoS attacks against the websites of the Vatican, and have compromised and defaced a considerable number of website belonging to Panda Security in retaliation for the arrests.
Yesterday they turned their sights onto the website of New York Ironworks, a business that supplies equipment and tactical gear to law enforcement agencies, and have managed to deface it and leave a message of support for the arrested men, an announcement of future hacks, and proof that they have managed to gain root access to the server hosting the website.
Computerworld reports that in the meantime, AnitSec members also posted on Pastebin a file that they claim is the source code of the Norton Antivirus 2006 software, previously stolen following a breach into Symantec’s servers.
Given that they already posted the source code of Symantec’s pcAnywhere and the company confirmed its authenticity, it is likely that their claim is true.
The attack on Ironworks and the release of the stolen code have been executed as a sort of tribute to the arrested men, but these acts, as well as the previous attacks on Panda and the Vatican, cannot be considered particularly sophisticated.
As I said before, time will tell if Anonymous is still capable of more, but I suspect it is – or will be in time.
The world is full of knowledgeable individuals, and some of them are bound not care for consequences or sincerely believe they will never be caught and made to face them.
UPDATE: “Symantec can confirm that the source code for 2006 versions of Norton Antivirus posted by Anonymous is authentic. The exposure of this code poses no increased risk to Norton or Symantec customers,” stated Symantec’s Cris Paden. “We also anticipate that at some point, they will post the code for the 2006 versions of Norton Internet Security. Again, the code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident.”