Feeds

Hackers threaten fresh wave of anti-capitalist web rioting

Sticking it to The Man, man, but for lulz too

Top three mobile application threats

A new activist group is drumming up recruits for a cyberwar campaign against corporate giants due to launch on Friday, 25 May.

TheWikiBoat intends to hit a high profile list of more than 40 multinationals - including BT, Best Buy, Tesco, McDonald's, Wal-Mart and Apple - with denial of service attacks as well as attempts to raid corporate systems for intelligence.

The precise motivations behind OpNewSon, which was announced around a month ago, remain unclear but the overall flavour is part anti-capitalist and part general devilment, a characteristic found in many Anonymous-style hacktivist protests.

"While attacking the major companies of this planet may seem lulzy, we also wish that this operation make a difference," the group said in a manifesto for OpNewSon. "We are 'sticking it to the man' so to speak."

Would be participants in the campaign, which aims to take out targeted sites for at least two hours, are been encouraged to use the LOIC denial of service tool, a favourite with hacktivists. By default LOIC does nothing to shield the anonymity of its users, a factor that has allowed police to track down and arrest many suspected hacktivists across the world over recent months.

Previous pre-announced activist operations to take down Facebook or launch assaults against the internet's DNS structure have turned out to be damp squibs. Security firms nonetheless argue that corporations targeted as part of Operation NewSon ought to take the threat seriously.

"It remains to be seen if the hacking group live up to their claims, but any organisation which is a target would be unwise to dismiss the threat," said André Stewart, president international at Corero Network Security.

"With prior knowledge of an impending attack, they have the opportunity to pro-actively put in place additional security measures to ensure that they remain secure."

Stewart explained that TheWikiBoat pre-announced its intended as a tactic designed to rally recruits to its cause.

“It’s not uncommon for hacking groups to announce their targets, particularly when they are ahead of a Distributed Denial of Service (DDoS) attack," he explained. "This enables them to ‘recruit’ like-minded individuals who support the ideology of the hacktivist group to join in on the attack. However, the majority of DDoS attacks are often carried out using an army of automated computers, called botnets, which can be controlled by a single user."

"The hacking group is planning a second stage attack, in which they will attempt to infiltrate the organisation’s network and steal sensitive information. DDoS attacks are often used as a smokescreen to hide further, more dangerous attacks, and due to the long list of potential targets, there is a high probability that they will succeed."

Additional commentary from application security firm Radware can be found here.

#OpNewSon is due to begin begin at 4pm PST. ®

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.