Security Market Segment LS
Tuesday, 24 July 2012 21:29

Anonymous targets Australian data retention intention

By

In a protest against mooted federal data retention laws, hackers claiming to represent the international hacktivist group Anonymous defaced ten Queensland government websites over the past few days. They threaten more is to come.

Floods, tropical storms, hackers… sometimes Queensland just can't take a trick!

Over the past few days, a self-proclaimed splinter group of Anonymous has defaced ten Queensland government-focussed websites as a means of protesting Federal Government proposals in relation to web access data retention - why Queensland sites and not Federal sites is entirely unknown.

Sources provided the following list of websites as having been defaced, although at the time of writing, a handful automatically redirected to different Queensland Government URLs and two (smartawards and createitmakeitliveit) currently fail to load. None showed evidence of defacement - they have clearly been restored to their previous pristine glory.

sunshinecoast.qld.gov.au
regions.qld.gov.au
sd.qld.gov.au
dtrdi.qld.gov.au
science.qld.gov.au
createitmakeitliveit.qld.gov.au
smartawards.qld.gov
tourism.industry.qld.gov.au
workliveplay.qld.gov.au
lib.qld.gov.au

A screen shot of the defacement may be seen here.

Of course, the Defense Signals Directorate (DSD) is investigating.

In a posting on its own Par-AnoiA website, Anonymous claimed that the hack was a very simple one.

Our lizard-like cats have plundered this booty because whoever is responsible for securing the government servers of Queensland, Australia did a bad job. No 0day, obviously, it was a simple authetification [sic] bypass via LFI [Local File Inclusion], shame on you.

Further, the poster claims that the data retention regime currently under discussion via the Parliamentary Joint Committee on Intelligence and Security (Terms of Reference are here) is actually already underway, pointing readers to a 27Mb data file and a simple data format schema to understand the information.  However, the sample record provided to illustrate the schema could not be reconciled by this writer with any Queensland Government employee, despite the apparent connection.

After three tweets to @JuliaGillard the seemingly related group OperationAustralia has warned, "Be Prepared #Australia! Something #BIG is heading your way! #anonymous #OpAustralia." However, in the Government's defence, they have appeared to back away from public support of the data retention proposal over the past few days, if Attorney General Nicola Roxon's words are to be believed.

It seems that the attacks started soon after Prime Minister Julia Gillard engaged in a question-and-answer session via webcam in an online Google+ Hangout session on Saturday.

Anonymous Australia is reported to have said that the attacks were brought forward to coincide with Gillard's online Q and A session after the Twitter requests for a dialog went unanswered.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.

REGISTER HERE!

LAYER 1 ENCRYPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments