Compliance Management, Network Security, Privacy, Threat Management

AntiSec hackers target another military contractor

A vigilante hacker group has attacked Vanguard Defense Industries (VDI), a contractor based in Conroe, Texas, that sells advanced weapons to law enforcement, military and private corporations. Among its products is the ShadowHawk, a robotic helicopter used for aerial surveillance that can also be equipped with a grenade launcher.

The hack was part of a venture called Anti-Security, or AntiSec, which is led by the hacktivist groups Anonymous and LulzSec, and calls for hackers worldwide to expose sensitive data that reveals wrongdoing within governments and corporations.

In their continuing efforts to "humiliate" the FBI, AntiSec on Thursday released a gigabyte's worth of private emails and other documents – some deemed counter-terrorism, law enforcement sensitive and for official use only – supposedly belonging to Richard Garcia, senior vice president of VDI, a former FBI director, as well as a former manager for Shell Oil.

The hackers may have been able to penetrate into VDI's site via a vulnerability in a WordPress plugin, according to The Tech Herald. Updates to the utility were still not installed at press time, the site stated.

In a posting on Pastebin, a file-sharing site AntiSec uses to post announcements, the group also claimed that Garcia's passwords were weak.

AntiSec cites VDI's weapons production as the target for its ire. It also claims the exposed documents point to alleged illicit activity between VDI and a wealth adviser from Merrill Lynch, who offered up "private advance notice to Garcia about upcoming S&P US credit rating downgrades."

The group also pointed to Garcia's being an executive board member of InfraGard, a partnership between the FBI and the private sector. "It is our pleasure to make a mockery of InfraGard for the third time, once again dumping their internal meeting notes, membership rosters and other private business matters," AntiSec said in its posting.

LulzSec defaced the website of InfraGard's Atlanta chapter in June, in response to a report that the Obama administration was considering classifying hacking as an act of war.

But, the defense contractor is not the only target in AntiSec's sites. It concluded its message with a warning that anyone, including hackers involved in partnering with law enforcement and military contractors, will be susceptible to exposure.

"White hat sellouts, law enforcement collaborators and military contractors beware: We're coming for your mail spools, bash history files and confidential documents."

A comment from VDI was not available at press time.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.