Forgot your password?
typodupeerror
Security Government United States

FBI Reports US Agencies Hacked By Anonymous 156

Posted by timothy
from the can't-quite-put-a-finger-on-it dept.
Rambo Tribble writes "Reuters is reporting that the FBI has issued a warning to several U.S. Government agencies that the Anonymous collective has hacked their systems. Included in the list of compromised agencies are the U.S. Army, Department of Energy, Department of Health and Human Services, and potentially many more agencies. The avenue of attack: Adobe Cold Fusion."
This discussion has been archived. No new comments can be posted.

FBI Reports US Agencies Hacked By Anonymous

Comments Filter:
  • by Anonymous Coward on Saturday November 16, 2013 @11:34AM (#45442827)

    I thought the only people left in Anonymous were FBI informants.

    • by pieterh (196118) on Saturday November 16, 2013 @11:45AM (#45442891) Homepage

      The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

      So it's fairly likely that the FBI/NSA and their legal or criminal subcontractors are heavily involved in any dramatic security-related event. The fact that government websites are targeted makes no difference. Simple little false flags that keep the pressure up on legislators.

      It's easy to mock all this but the threat to our digital lifestyle is real and serious. We're a few years away from a fully regulated Internet where if you don't conform -- by running approved hardware, approved software, approved monitoring -- you simply won't get access, period. Clipper chip, remember that?

      And the only way to convince the mass of "who cares?" public are a series of dramatic, dangerous, unacceptable attacks on websites, infrastructure, transport, etc.

      • by Anonymous Coward on Saturday November 16, 2013 @12:04PM (#45442993)

        I was about to post something that would go line by line of your post arguing the usual things against conspiracies that I'd parrot from Skeptics like Michael Shermer.

        Then, I though about the latest events, the PATRIOT Act. the lobbying by big IT firms and defense contractors, and just the pathetic power hungriness and narcisism of our elected officials.

        So, I said to myself, "What the parent has suggested is completely probable in this day and age."

        It's not an individual super villian, but it is bunch of sociopathic people all working towards the same goal as stated in the parent's post. And they have the greatest weapon on Earth - people's irrational fear and desperation to feel safe.

        We are all fucked.

        • by pieterh (196118) on Saturday November 16, 2013 @12:20PM (#45443073) Homepage

          There's a dark irony in so-called skeptics pushing their own conspiracy theories (mysterious gangs hate our way of life) to muffle out the obvious truth that it's (always) all about the money.

          It's not only probable, it's by far the simplest explanation, that the military-security complex needs to create threats to justify its existence, so a handsome slice of its budget consistently goes back into black operations against the very people it's meant to be protecting. If you argue that only crooks would do this, then my question is, what evidence do you have that the FBI, CIA, NSA, GCHQ et al are not run by simple crooks?

          As for being pessimistic, it's a normal feeling but not useful. Read my book (free, see below) for a background into how this state of affairs came to be, and how to fix things.

          • Re: (Score:2, Troll)

            by cavreader (1903280)

            The FBI, CIA, or the NSA are not collecting credit card information or other personal data used to commit online fraud against the average citizen. If your credit card information or your SSN has ever been compromised your screwed. If you live in the US I assure you the government already has a lot of your personal data. Just your SSN and Tax Returns provide everything the government would need to find you if they wanted to. Of course they have had this data long before the Internet ever came into play. Th

          • by FriendlyLurker (50431) on Saturday November 16, 2013 @06:55PM (#45445247)

            what evidence do you have that the FBI, CIA, NSA, GCHQ et al are not run by simple crooks?

            What, facilitating the sale hard drugs [wikipedia.org] in America or selling military equipment on the black market [wikipedia.org] to "axis of evil" type countries is not criminal enough? People forget the criminal history [wikipedia.org] of some of these organizations rather quickly and seem to ignore the current ongoing [commondreams.org] continuation of the same [matthewaid.com]. Guess that propaganda and a firm grip on the corporate mass media message reaching the majority just works. We have a serious amount of evidence that those organizations have committed egregious crimes, so the real question is: How do we know/guarantee that they are NO LONGER being run by criminals?

          • by rtb61 (674572)

            This is not a conspiracy it is simple logical extrapolation. The FBI is aware of incursions into specific computer networks, they do not know who has committed the incursions, hence literally those person or persons are anonymous, as they are anonymous logically they must be a member of "Anonymous", else they would not be anonymous.

            Fucking, Bloody, Idiot, thinking, what could be more obvious. Here's a hint, unless they have been caught and prosecuted and they publicly claim to be a member of Anonymous, t

      • It's not beyond these people to lie to achieve what they want. Hopefully I didn't even need to mention that, but I did just to be sure we were on the up and up here. Reading the article, there is nothing I can see to verify that this was in fact the work of Anonymous. Some things don't line up with the normal activities. This article not only spreads FUD for internet censorship and control, but FUD about activism/hactivism.

        From TFA, they first claim that anonymous used PDF exploits. Well, just about eve

      • by nurb432 (527695)

        The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

        Just like the 'war on drugs' is. And people get in line willingly to support it.

        • by tlambert (566799)

          The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

          Just like the 'war on drugs' is. And people get in line willingly to support it.

          The war on drugs doesn't crack down on young smart kids, it cracks down on kids who spend all day on the couch eating Cheetos and watching T.V. because they can't muster up the energy to play Call of Duty after the last bong hit, and then they head out to White Castle at two AM because they saw Derek and Kumar do it in a movie, and, besides, they have the munchies and there's no food left in the house. Neil Patrick Harris on the unicorn is optional at that point.

          Typically, the war on the Internet also only

      • by sgt_doom (655561)
        pieterh, you pretty well summed it up, dude!

        I'm with you, brother!
      • by romons (2767081)

        The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

        So it's fairly likely that the FBI/NSA and their legal or criminal subcontractors are heavily involved in any dramatic security-related event. The fact that government websites are targeted makes no difference. Simple little false flags that keep the pressure up on legislators.

        It's easy to mock all this but the threat to our digital lifestyle is real and serious. We're a few years away from a fully regulated Internet where if you don't conform -- by running approved hardware, approved software, approved monitoring -- you simply won't get access, period. Clipper chip, remember that?

        And the only way to convince the mass of "who cares?" public are a series of dramatic, dangerous, unacceptable attacks on websites, infrastructure, transport, etc.

        If you consider who stands to gain from this sort of control, it becomes apparent that any alleged 'war on the internet', if it exists, is likely to fail. I've been using what became the internet before it was called the internet (usenet and arpanet, from UC in 1982, arpanet at BBN in 83 and beyond). Folks have been ranting about the internet going to the dogs since the thing started. (Remember folks putting 'terrorist' keywords into their usenet posts to foil the NSA?) The sky hasn't yet fallen. I realize

    • You just don't understand what Anonymous is then.

    • Erh... yes? So? How do you plan to justify the next batch of internet-lockdown legislative?

      Is it me or is it interesting that this "attack" hit Healthcare and Energy instead of, say, NSA or HS, two targets that would be much more fitting to the Anonymous profile?

    • It would appear that it has become a case of FBI vs. FBI?
    • by melikamp (631205) on Saturday November 16, 2013 @01:45PM (#45443581) Homepage Journal
      I can't shake off a feeling that the law enforcement and friendly news sources are using "Anonymous" as a boogeyman. When I see "Anonymous collective has hacked their systems", I read "Their systems were hacked. FBI has no leads". The law enforcement has finally found a perfect line for every situation where they demonstrate incompetence, since "anonymous" turns into "Anonymous" so easily.
      • I can't shake off a feeling that the law enforcement and friendly news sources are using "Anonymous" as a boogeyman. When I see "Anonymous collective has hacked their systems", I read "Their systems were hacked. FBI has no leads". The law enforcement has finally found a perfect line for every situation where they demonstrate incompetence, since "anonymous" turns into "Anonymous" so easily.

        Anonymous should just announce a name change "We who were formerly Anonymous announce that we are officially changing out name to 'The Boogeyman', and are claiming credit for X, Y, Z that we have been accused of perpetrating" kinda thing.

        Then all the news reports get corrected to "Security Company Q attacked by The Boogeyman".

        Hilarity ensues...

    • by symbolset (646467) *
      Anonymous includes people who actually run these systems all day at their JOB. They don't have to steal info from inside... just a hint on an anonymous board will do. "mbry at fbi.gov, mid-level bureaucrat, local and net admin access, clueless, valuable shared volume access, DB admin, fancies /., Chase, FB, FARK and Brony fansites. Cannot resist smiley packs and IE toolbars."
    • by gweihir (88907)

      They probably have gone rogue after realizing where the US is headed...

    • by RockDoctor (15477)
      So ... the FBI have stopped paying, and now the informants are turning on their handlers?

      Just a second while I get my popcorn. This is going to be good.

  • by etash (1907284) on Saturday November 16, 2013 @11:35AM (#45442833)
    who watches the watchers. it iz t3h 31337 h4x0rz t34m.

    i pity the fool
  • We wuz hacked! (Score:4, Insightful)

    by oldhack (1037484) on Saturday November 16, 2013 @11:39AM (#45442867)
    Now double our budget so we can counter them. And yeah, pass some laws against these terrorists.
  • by Anonymous Coward

    And the party hasn't even begun yet,
    you didn't really think that tapping 6+ billion peoples Internet would not have consequences ?

    that Mr Anderson, is the sound of inevitability

  • 2,0000 bank accounts....
    Is that 2k or 20k?

    TFA needs to be reviewed before going out.
    I expect more from Reuters.

  • "Hacked!"? (Score:4, Insightful)

    by BringsApples (3418089) on Saturday November 16, 2013 @11:54AM (#45442931)
    Ok, I know what hacking is. But I hate how it's become a term that allows for future explanation(s). "We've been hacked!" is something that someone who knows what just happened, tells another person that hasn't got a clue, to tell the masses, while some story is created to eventually explain to the masses, or not at all.

    "An FBI Spokeswoman declined to elaborate"

    I mean to say, what the hell happened? "Being hacked" isn't a real thing. You're missing stuff, or you see that stuff was accessed, or you found some new shit that shouldn't be there... Why aren't they telling us? Could it be because they left something wide open, and cannot legally admit to that?

    • Re:"Hacked!"? (Score:5, Insightful)

      by Dunbal (464142) * on Saturday November 16, 2013 @12:03PM (#45442985)
      Considering this is the FBI we're talking about, it's probably a bunch of people they managed to convince to snoop around in their wide-open honeypots. Just like the "terrorists" they arrest that were recruited, encouraged and even trained by them because one day someone happened to make a politically incorrect remark to a nearby agent. Government manufactures its own terrorists. Just like it prints its own money, causes its own social problems and creates its own wars. It's all a dog and pony show to keep you distracted while they pick your pocket.
      • You are exactly correct. The FBI telling the public, "We were hacked" is the same thing as me telling the FBI "I was hacked". They'd want to know what I meant by "hacked". Because "Hacked" isn't a real term on any level, it just means to be Macgyver-like in an approach to problem-solving. So basically the FBI issued a statement that there was a problem, and someone came up with a clever way around the problem. I don't get it, and that they expect me to get it, makes me think that they're trying to snea
    • Quick look at ColdFusion vulnerabilities suggests this is probably a real hack. And they aren't saying because its not patched everywhere.
      You seem to imply that if details are not known, nothing of substance happened. Save your objections for when the details are known, and it is actually not a hack.
      Preemptive objections make you seem stupid.

      • I am stupid. But your point is still moot. All I am pointing out is that there are no details, other than "HACKED!!" and not by regular "people" rather "HACKATIVISTS!!" No one is being charged with anything, and yet there is already a group of people named "Anonymous" that are being blamed. So yes, while you're correct that it does make the one who mentions it "stupid", I share this stupidity with the ones that are blaming a group of people that they do not name. AKA terrorists without a face.

        Someti
  • by Coditor (2849497) on Saturday November 16, 2013 @11:59AM (#45442963)
    ... we can't tell.
  • We just learned from the press that targets and directions come from agency.
    So, typical of government
    - create a project
    - fund it
    - find a disposable hacker to perform the "attack"
    - report success
    - ask for more money and staff

  • The real threat is the people who have been compromised in these organizations.
    • The real threat is the people who have been compromised in these organizations.

      You mean the web admins for not securing their servers?

  • by mevets (322601) on Saturday November 16, 2013 @12:18PM (#45443057)

    Is there anything your software canâ(TM)t do?

  • Since when did Anonymous == Borg ???

    • by Anonymous Coward

      Heuristics are futile. You will be asininely humiliated.

  • by Anonymous Coward

    The downfall of this government will not be accomplished by 2nd amendment nuts and their horded ammo, rather by kids clicking from their parents' basements. You go guys!

  • by lapm (750202)
    Hand up anyone thats suprised US goverment IT systems got hacked once again...
    • *facepalms*

      Ok...let's just have them burn static HTML pages on a DVD containing the operating system, and work from there. The other side can then play to win against Write Once media.

      I'll be on my island, brooding, and watching anime. ;-)

      • *facepalms*

        Ok...let's just have them burn static HTML pages on a DVD containing the operating system, and work from there. The other side can then play to win against Write Once media.

        That's actually a very interesting idea for a web front end where you wouldn't actually expect anything to change without an onsite admin being involved. Even dynamic webpages themselves do not change.

  • Seriously, under W, national security was put aside. Now, we need to focus on this and make good with securing our systems.
  • by Anonymous Coward

    Department of Energy was hacked via Cold Fusion. How fitting.

  • by DontLickJesus (1141027) on Saturday November 16, 2013 @04:20PM (#45444503) Homepage Journal
    Anon reported back at the beginning of Operation Last Resort that they were already much more deeply entrenched in US government networks than anyone had found. This isn't a new revelation, it's an ongoing event.
  • I read this /. post, but I also just read this:

    http://www.wired.com/opinion/2013/11/this-is-how-the-internet-backbone-has-been-turned-into-a-weapon/ [wired.com]

    Who to believe? ? ?
  • by runeghost (2509522) on Saturday November 16, 2013 @05:09PM (#45444763)

    A Justice department that claims it's getting hacked (to worrisome levels) by teenagers. A National Security Agency that spends hundreds of billions spying on the citizens it claims to be protecting while accomplishing nothing. A Defense Department whose specialty is fighting foreign wars badly, while shelling out trillions to contractors.

    It's well past the time where an honest government, or a real democracy, would say "enough failure" throw in the towel, and start again from scratch.

  • by Anonymous Coward

    Krebs and Holden Security bloggers reported circulating copies of an Adobe Source Code archive. Implict is the archive contained Coldfusion source code. At the time they reported the archive encrypted and they were unable to break the encryption.

    Fast forward, code surfaces from the archive unencrypted for sale on the internet.

    Websites running Coldfusion 8 (an old version no longer supported or monitored for security fixes) is compromised on a number of websites. Re-developing and re-deploying websites devel

  • Sometimes when you hack the planet, the planet hacks you!
  • If you're still using Coldfusion, you deserve to get hacked.

  • Cold Fusion is one of the buggiest, most insecure of all the web code development platforms, in a world riddled with buggy, insecure web platforms.

The sooner you fall behind, the more time you have to catch up.

Working...