icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
7 May, 2013 02:25

US government sites brace for 'nuisance-level' OpUSA hacking spree

US government sites brace for 'nuisance-level' OpUSA hacking spree

Though a confidential alert by the US Department of Homeland Security is asking government websites prepare for an impending round of hacking and website attacks announced as the #OpUSA campaign, officials say the threats are likely a publicity stunt.

Though it remains to be seen to what degree the Anonymous-affiliated “N4m3le55 cr3w“ group will be able to mount a widespread threat to American websites, a DHS alert obtained by prominent online security reporter Brian Krebs suggests that the government is taking the threat seriously. 

Already the #OpUSA campaign seems to have caused some activity on Monday, though the main event is scheduled for Tuesday May 7. Claims by a group calling itself “X-Blackerz Inc” claimed to have penetrated “100 US websites” while an anonymous user via Pastebin appeared to have posted a database of logins and passwords belonging to the Honolulu Police Department.

According to Analysis Intelligence, #OpUSA is comprised of “self-proclaimed online freedom fighters” such as a collective calling itself the “ZCompany Hacking Crew.” In his own analysis, Krebs, the tech security reporter, posited that, should the May 7 action include the participation of Hamas' Izz ad-Din al-Qassam Cyber Fighters (which claims ties with Palestinian political party Hamas) then the disruption could be far more serious.

Rodney Joffe, a senior vice president with the US security and intelligence firm Neustar believes that “all bets are off” if the Qassam Cyber Fighters join the fray, Krebs reported. The group has been held responsible for a series of high-profile breaches of US financial institutions in response to the notorious Innocence of Muslims film promoted by Koran-burning American pastor Terry Jones.

Though there is widespread speculation as to the exact origins of the Qassam Cyber Fighters, since December of 2012 the group has successfully disrupted the websites of JP Morgan Chase, Wells Fargo, Bank of America and the New York Stock Exchange.

“I think we learned our lesson with the al-Qassam Cyber Fighters,” Joffe told Krebs via his news blog, KrebsOnSecurity. “The damage they’re capable of doing may be out of proportion with their skills, but that’s been going on for seven months and it’s been brutally damaging,” he added. 


An expansive declaration posted by the N4m3le55 cr3w threatens US websites with denial-of-service attacks, as well as defacement in retaliation to its military operations abroad.

“On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country. We will now wipe you off the cyber map. Do not take this as a warning. You can not stop the internet hate machine from doxes, DNS attacks, defaces, redirects, ddos attacks, database leaks, and admin take overs.”

A range of links appended to the #OpUSA notice send Internet users out to online tools that participants can use to try and overwhelm websites with web traffic, though analysts generally agree that only the use of a large “botnet” - or rather, an involuntary network of “zombie” computers - and other tools in use by groups such as the Qassam could present a real threat.

In its notice, the DHS acknowledges the May 7 campaign but downplays the danger as largely a publicity stunt, noting that the attacks “likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation. Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message.”

The choice of the May 7 date seems to be deliberate, as it will be one month to the day since another large hacktivist operation known as #OpIsrael. That campaign involved hacktivist groups such as AnonGhost Team and TheHackersArmy, and targeted the Israeli online government domain.

The director of a Tel-Aviv-based network security firm, Ronen Kening, told KrebsOnSecurity that the #OpIsrael campaign, which resulted in several database breaches, failed due to the campaign’s inability to recruit and deploy more powerful disruption tools.

There were some Web site defacements, but OpIsrael was not successful from the attackers' point-of-view,” said Kenig. “The main reason was the fact that the groups that initiated the attack were not able to recruit a massive botnet. Lacking that, they depended on human supporters, and those attacks from individuals were not very massive.”