Critical Infrastructure Security, Threat Management

The government has it wrong on Anonymous and critical infrastructure

(updated below) 

A bulletin released this week from the U.S. Department of Homeland Security, which implies that the hackivist group Anonymous may be interested in crippling critical infrastructure (think electric grids and oil-and-gas refineries), strikes me more as a move to discredit and undermine the collective rather than warn of any actual danger.

Earlier this week, as expected, plenty of press picked up the story, obediently reporting the news despite the scant evidence and lack of on-the-record government sources. (Which is how most government news is dispensed for public consumption, by the way. I've been guilty of this many times myself.)

In my eyes, this seems to be another step by U.S. officials, without exactly coming out and saying it, to label Anonymous as a cyber terrorist organization, bent on indiscriminate destruction of digital property and infrastructure.

And I don't think that's fair.

"The information available on Anonymous suggests they currently have a limited ability to conduct attacks targeting [industrial control systems]," the bulletin read. "However, experienced and skilled members of Anonymous in hacking could be able to develop capabilities to gain access and trespass on control systems very quickly."

"I don't believe it's fair to characterize Anonymous as a group dedicated to sabotaging the very resources...that Americans rely on to survive." 


Certainly, I won't defend any of the alleged actions Anonymous has taken that are illegal. Organizations have a right to keep their personal property out of the hands of hackers, and Anonymous, if its claims are to be believed, has broken the law on a number of occasions in the past.

But, I also don't believe it's fair to characterize it as a group dedicated to sabotaging the very resources, such as oil-and-gas pipelines or water and sewage treatment plants, that Americans rely on to survive.

If anything, given its dedicated support to the Occupy Wall Street movement, it seems Anonymous cares much more about the average person than you might be made to believe – certainly more than some of our lawmakers have shown, who are, on most occasions it seems, more subservient to lobbyists and corporate donors than their own constituents.

In its bulletin, DHS produces, as evidence, two examples of "Anonymous' interest in control systems." One is the group's launch this summer of "Operation Green Rights presents: Project Tarmageddon." The project opposes the development of the Alberta oil sands because of environmental concerns. Anonymous named crude manufacturers Exxon Mobil, ConocoPhillips, Canadian Oil Sands Ltd., Imperial Oil and oil financier the Royal Bank of Scotland as targets.

The other is, are you ready, a tweet from a "known Anonymous member" that included the results of recon he or she did into a directory tree of Siemens software.

Exactly who *isn't* probing SCADA systems these days? It certainly was a very hot session topic at the recent Black Hat conference in Las Vegas, and has caught the eye of researchers so much that the government has set up a clearinghouse for control system vulnerabilities.

Which reminds me: I'm waiting for DHS to publish a warning based on a potential real critical infrastructure issue that popped up just yesterday -- evidence that the Stuxnet authors are back with new malware. I'm sure the bulletin will arrive any minute now.

So why would the government want to paint Anonymous in this way? Well, that's pretty simple to answer. The group has made no qualms about its distrust of the powerful and elite, and has taken steps to expose corruption through hacks and to silence its enemies through distributed denial-of-service attacks.

Thus it's in the government's best interest to stamp the group as some purposeless band of radicals, much in the same way you can't blame the Department of Justice for going after whistleblowers like WikiLeaks, which published a trove of documents cataloging a number of atrocities, including the deaths of innocent Iraqi civilians and detainee tortures at the hands of U.S. and ally forces.

Yes, Anonymous is amorphous and leaderless, with splinter elements, and there is no conclusive way to know what exactly its goals are. But some of the more reliable Anon Twitter accounts that I follow for news about the group don't seem to be mentioning anything about hacking these days, never mind infiltrating industrial control systems. In fact, the group seems to be devoting a good chunk of its energy to the Occupy Wall Street protests, which have spread to scores of cities in this country and around the world.

Remember all those breaches we read about in spring and summer? Well, ever since OWS began, it's like they all stopped in the name of a bigger cause.

I think a tweet on Tuesday from Anonymous was pretty telling of where its motivations currently lie.

Here was the group's apparent response to the DHS bulletin: "Anonymous should issue a warning to the public against the DHS, FBI, etc. related to gov't efforts to subvert freedoms in the USA."

Of course, I'm not here to deride the DHS, either. I think issuing alerts such as these can have a benefit, especially when they come with advice.

"Asset owners and operators of critical infrastructure control systems are encouraged to engage in addressing the security needs of their control system assets," the bulletin concluded.

I think that's something we can all agree on. But in the case of Anonymous taking down critical infrastructure, I don't think we should "expect" them there.

UPDATE: I was interviewed about this story Friday on RT's "The Alyona Show." Video here: https://www.youtube.com/watch?v=KWy1MtOiQT8

[hm-iframe width="420" height="315" frameborder="0" src="https://www.youtube.com/embed/KWy1MtOiQT8"]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.