DHS equates Anonymous with APTs
Despite judging Anonymous’ tactics, techniques, procedures and tools to be rudimentary, the US Department of Homeland Security equates their successful deployment with sophisticated Advanced Persistent Threats.
“However, some members of LulzSec have demonstrated moderately higher levels of skill and creativity, evidenced in attacks using combinations of methods and techniques to target multiple networks,” says the recently published bulletin, and warns: “This does not take into account the possibility of a higher-level actor providing LulzSec or Anonymous more advanced capabilities.”
Describing in short the history of Anonymous – from 4chan and DDOS attacks on the Church of Scientology’s website to the more recent compromises of the websites and systems of various government agencies and businesses and the exfiltration of data from them – the bulletin also attempts to give a heads-up as to likely future targets, which include the intelligence community, government contractors and companies related to critical infrastructure / key resources sectors.
“It may be advisable to adjust monitoring of both internal and external resources for indications of a pending or ongoing attack on cyber or telecommunications networks,” says the DHS.
It also advises computer network defenders to keep their eyes open for reconnaissance attempts executed by the groups before the attack, and to mimic the attackers by using the Internet to search out for chinks in their cyber security armor.