WebProNews

FBI Anonymous Hackers Net Over 100k Employees’ Info

System76 Pangolin - Credit System76

Reuters and the Atlantic Wire reported today about hacktivist collective Anonymous, which utilized backdoor entry to gain access to over 100,000 government employees’ information.

It all started last year, but we learned about it when 28-year-old Lauri Love, a British hacker loosely associated with Anonymous, was arrested in October for stealing the information. Love’s hacking team had installed backdoor malware in networks belonging to the U.S. Army, NASA, and the Missile Command Agency. Other affected agencies included the Department of Energy, and the Department of Health and Human Services.

Investigators have indicated that they believe Love obtained access utilizing a flaw in Adobe Systems’ ColdFusion web-building software. An Adobe spokeswoman added that the majority of cyberattacks took place because of software that had not yet been updated with security patches.

Between Love’s initial hack and the arrest, the FBI believe that Anonymous hackers repeatedly entered the government system, stole personal details from employees, contractors and families. 2000 bank accounts were stolen, and the FBI is worried about theft. Love’s lawyers are fighting his extradition and are hoping to keep him in the U.K. to face hacking charges.

An FBI memo has called the hacking “a widespread problem that should be addressed… the majority of the intrusions have not yet been made publicly known [and] It is unknown exactly how many systems have been compromised.”

Anonymous has called the attacks “Operation Last Resort,” and campaigners for the hacktivist collective have said the operation was a retaliatory measure for the prosecution and suicide of Aaron Swartz, a computer programmer who attained notoriety when he allegedly saved hundreds of published articles from the academic digital library, JSTOR. Swartz had illegally accessed hundreds of academic papers and made them free for anyone to download.

A second hacktivist with Anonymous and Lulzsec, Jeremy Hammond, was sentenced to 10 years in jail yesterday for one count of the Computer Fraud and Abuse Act.

“I have tried everything from voting petitions to peaceful protest and have found that those in power do not want the truth to be exposed,” Hammond said in his sentencing statement, which he used as a soapbox. “When we speak truth to power we are ignored at best and brutally suppressed at worst. We are confronting a power structure that does not respect its own system of checks and balances, never mind the rights of it’s [sic] own citizens or the international community.”

[Image via Thinkstock]