On Tuesday, May 7, the U.S. government hunkered down with expectations for massive cyber attacks by Middle Eastern Hackers on a mission being referred to as "OpUSA." The OpUSA mission is group of hacktivists from around the world – some of them taking on the Anonymous label – who have set their sights on the United States' most powerful institutions. They had claimed that they planned to take down nine U.S. government websites. On this list were the sites of the Pentagon, the National Security Agency, the FBI, and the White House, and additionally, claims were made towards targeting over 130 banking websites, including those of Bank of America, Capital One, and TD Bank.
According to Adnan Farooqui, a writer for Ubergizmo, the threats behind an attack like this could include: DNS attacks, doxes (leaking email addresses etc), redirects, defaces, DDoS attacks, admin takeovers, and database leaks of the aforementioned targets. In response to the proposed attacks, the Department of Homeland Security released an announcement stating that the attack "poses a limited threat of temporarily disrupting USA websites, nothing more."
A couple weeks back, I wrote an article about the Syrian Electronic Army, a group of hackers who targeted and infiltrated the Twitter account of the Associated Press, which resulted in a temporary dip in the stock market after a tweet went out claiming "Breaking: Two Explosions in the White House and Barack Obama is injured." This group was active again this week and made a breech in Twitter security – this time on the account of The Onion, a satirical news site that has almost 5 million followers. The group sent out a series of tweets to ridicule U.S. policy on Syria. When the tweets first started, many followers were unsure as to whether The Onion had been hacked, or was simply sending out some sort of sarcastic or satirical messages as, the publication is often known to do.
While I read these stories and found them to be somewhat interesting, much of it seemed to have little effect on my personal life. And many others likely assumed the same.
But then I was made aware that a server, which is host to many local sites, had been compromised, and as a result, its sites are down and an investigation has been opened.
One such local site that was affected was the Erie Chamber of Commerce (www.eriepa.com). Also a message was put out on the Facebook page of Enormis Mobile Specialties – another company hosted on (what I am speculating was) the same server – informed users: "Our website is down today. Servers have been targeted by hackers. We were able to use their IP address to pinpoint the origin of these attacks, which appears to be a known group located in Iran. The FBI has been made aware of the situation and is looking into it further."
While these breaks in security are not turning my world upside down, I suppose I find them mildly annoying in my daily productivity when trying to contact the local Chamber or attempting to shop for automobile products. Although I am unaware of it at this time, I am willing to bet there are others among Erie who have been affected as a result and may be scratching their heads like me.
My takeaway and advice for the average Internet surfer: don't download or install anything you are not sure of. Sure, that seems like simple advice, but sometimes when we feel safe or forget the imposing threat of others on the Internet when hacking attacks don't directly affect us in our everyday routines. Remember, there are countless malware programs circulating right now, and you do not want to be a victim forced to deal with the annoyance of removing them – or worse, the aftermath of vital information being compromised.
Brennan Donnelly can be contacted at Epic@ErieReader.com.