On December 10th, Anonymous posted this video on youtube:
Recapping the entire year of epic hacks and promising an epic “Lulzxmas,” the video implied a massive hack was forthcoming. Naturally, Anonymous and Antisec delivered– with the thorough wrecking of the defense think tank Stratfor.
Stratfor is a “global intelligence company” that has been referred to by Barrons as the “shadow CIA” and routinely advises top scions of the defense, extractive and banking industries. As key shapers of government policy, they particularly had the ear of the administration of George W. Bush. Despite this supposed expertise, they still fell to the cannons of the Lulzboat.
Here’s Anonymous’ statement directly from the defaced front page of Stratfor:
OH STRATFOR. IF YOU ONLY KNEW WHAT ALL IS ABOUT TO GO DOWN.
‘BUT WAIT’, YOU ASK. ‘IS THIS IT?’ 0H N0, WE GOT MORE IN STORE…
BUT FOR NOW, SOME INSPIRING WORDS OF WISDOM FROM IT MANAGER FRANK GINAC:
“You do realize how preposterous it is to suggest that stratfor simply
shutdown completely for 2 days, right? The plan that you’ve attached paints a
gloom and doom picture claiming no chance that such a move will succeed. Does
that really seem a rationale conclusion?”
We couldn’t let the above quote pass without this similar quote:
YOU DONT EVEN KNOW THE EXTENT OF THE GLOOM AND DOOM WE HAVE PLANNED, FRANK
“Attended the TakeDownCon security conference. Focus of the conference was on
wireless and mobile security. No vendors pushing product or service at this
conference. Instead, great presentations by renowned white hat hackers (good
hackers) and security experts. Bottom line is that no mobile platform is
secure, including the Blackberry, but there are best practices that minimize
the risk of their use within the enterprise. We will be incorporating these
best practices in our operation over the coming months.”
INCORPORATING PRACTICES FROM “GOOD WHITE HAT HACKERS”? HOW’D THAT WORK OUT?
“It blew my mind to discover that our email server backups are being stored on
the same physical server. I’m affectionately referring to these little
discoveries as ‘Mooney turds’.”
SO SAD WE RM’D YOUR MAIL SERVER AND ALL BACKUPS, FRANK
“Most if not all of us use professional and social networking sites like
LinkedIn and Facebook. All offer levels of privacy ranging from wide open
where everyone can see your profile, activities, and posts to closed allowing
only your immediate connections (or friends) access. As a private intelligence
company we must all take extra care to protect our personal information from
those who would use that information to exploit us personally or
professionally. Although we don’t have hard and fast rules on how to set your
privacy settings nor do we restrict use of such sites, I suggest that you
temper your need to share with prudence and consider the business that we are
in. It’s also important to check your privacy settings regularly to ensure
that the sites you use haven’t changed the meaning or scope of privacy
settings — we’ve all heard or read the news regarding this practice at
Facebook. I suggest that you never include any information in your profile —
regardless of privacy setting — that could be used to compromise your
identity. Specifically, never include: your birth date, your exact street
address (although this information can usually be found on the web quite
easily), your cell phone number, SSN or other government issued ID number
(that should be obvious), or any other information that someone could use to
compromise your identity if your account were compromised.”
EVEN WITH ALL THE BEST SECURITY PRACTICES LEARNED FROM THE “RENOWNED WHITE
HAT HACKERS” WE STILL MANAGED TO STEAL ALL YOUR PERSONAL INFORMATION. UMAD?
For the uninitiated, “rm -rf” is a command line for unix systems that forces the deletion of all data in a given directory. From this, we can discern that Anonymous deleted… well… everything. A defense contractor should, after all, be quite familiar with a “scorched earth policy,” don’t you think?