Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come. - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come.


John Bambenek

bambenek \at\ gmail /dot/ com

Bambenek Consulting


248 Posts
ISC Handler
Good article from Cisco about it:

and Radware:

3 Posts Posts
Knowing this, what would you do (outside of your normal security maintenance process/routines) to prepare for "OpUSA"?

A good security maintenance process should already have these items covered:

1. Daily firewall log reviews.
2. Weekly (min.) updates to IPS/IDS signatures/filters.
3. Weekly (min.) updates to AV signatures.
4. Weekly (min.) implementation of critical security patches.
5. Monthly (min.) cycles of your patch management process.

So in addition to the "normal" security process, what can you really do to prepare?

69 Posts Posts
OpUSA Target List.

4 Posts Posts
Thanks for the link to the target list. We have to keep in mind that this could be a fake list (published by Anonymous) to divert attention from their real intended targets.

You would think that if Anonymous really wanted to "hit them where it hurts" as they stated, they would also target the telecommunications and energy sectors - which I would argue are just as essential as banking. Take out telecommunications and energy and banking is crippled by default.

69 Posts Posts
Sorry...but Anonymous is nothing but hype these days. They failed to take down Facebook, they failed to stop the streaming of the last State of the Union, #OPIsrael was a giant flop, failed to knock the NYSE off the Internet, failed to hack the Vatican...and the list goes on and on.

So...I personally have zero faith in Anonymous anymore.

65 Posts Posts
Well, what else would you expect from a bunch of script kiddies? Everyone who was smart enough to find the "Next" button on the LOIC installer is nowadays calling himself Anonymous and blathering about OpWhatevers. They are sheep to a few smart and angry controllers, no hackers.

41 Posts Posts
I agree that Anonymous isn't as effective as it used to be a few years ago. A few of it's leaders have been identified/prosecuted recently and overall the group seems disorganized and without leadership. It's a sinking ship without a compass and without a captain.

However, let's say it was APT1 or any other, more effective hacking group instead of Anonymous. What would you do to prepare for a cyber attack if your organization was on the target list and you also knew the timeline for the attack?

69 Posts Posts
I guess everyone better schedule their Pentagon tours now... can't imagine thats one of the highest profile sites.
I suspect that there will be more arrests of some people behind Anonymous. And I agree with the other comment that they are nothing but hype. Though if they were to successfully attack vital infrastructure that would get a major response from from many governments.


63 Posts Posts
Given that we made their target list for the first time, I hope the prevailing thought that they are hype is true but evidence suggests otherwise. The large number of WordPress hacks recently could be their new firepower in DNS reflection attack. The timing of those hacks is a little too close for me. It's rather interesting to see how the ISPs and DDoS mitigation providers have prices their products. You'd almost think they have a vested interest in seeing them succeed.

Even the OpIsrael, which was proclaimed a failure by the media, hacked several thousand sites. If you're one of those several thousand, it won't seem like hype.

They may not have enough capacity to take down all of those sites, but I'm betting if they focus on the bottom 50% or even the bottom 80%, they are going to see a lot of successes.
I stayed up (UK BST) wondering if AnonGhost were going to pull off a spectacular with all the hype of bringing down banking systems across the US and that UK (where I live and work) might fall victim to collateral damage but I was wrong. I'm now heading home to bed and switching off my pager in full confidence I don't need it on. Andrew
Andrew Wallace

4 Posts Posts

Sign Up for Free or Log In to start participating in the conversation!