The loose hacking collective known as Anonymous resumed its campaign against the U.S. government and companies that do business with it on Monday, releasing a trove of documents from government contractor Booz Allen Hamilton.
The release of data, believed to be stolen from systems belonging to the giant consulting firm agency was telegraphed Monday using a post on one of the group’s Twitter accounts, @ANONYMOUSIRC. The release, in the form of 190 megabytes of data, distributed as a Bittorrent file occured some two hours later. Among the data distributed were files containing the personal and official e-mail addresses and passwords of an estimated 90,000 of U.S. military personnel. The hack was the latest in a campaign dubbed “Antisec” against private sector firms and the U.S. government, which Anonymous alleges is corrupt.
The e-mail data that was released on the Wikisend file sharing Web site and contains the addresses and hashed passwords of U.S. military personnel from across the different branches of the military. The exact source of the hack and the data dump is unknown. However, a Twitter account associated with the group Anonymous warned of the coming release Monday morning, posting, just before 13:00 Eastern Time: “We’ve got some shiny things to start of your week with some Lulz. Stay tuned for a nice release in the next 2 hours. #AntiSec.” Around the same time, the account of a LulzSec and Anonymous leader who goes by the handle “Sabu” was updated to read “IT’S COMING! GET READY. INTELLIGENCE COMMUNITY BRACE YOURSELVES.” Approximately two hours later, the account posted a links to the leaked e-mail data and separate Torrents containing other files and claiming Booz Allen Hamilton as the source of the information.
The latest hacks come in the wake of the apparent “dissolution” of the Anonymous splinter group LulzSec, which was behind a string of high profile attacks beginning in April. That group claimed to have disbanded after 50 days of activity. However, it appears that the core leadership of LulzSec have merely folded back into the larger Anonymous organization and carried on attacks in that group’s name.
The hacks, including the most recent attack on IRC Federal and an earlier attack on HB Gary, reveal the extent to which government contractors can be targets of attack, and an avenue to obtaining sensitive government plans and documents. Anonymous reportedly breached IRC’s Webs site using a SQL injection attack, and other means to compromise e-mail and file servers at the organization.
Other attacks, also attributed to the nebulous #Antisec campaign, include hacks of the German Federal Police, the Greek Parliament and Turkish government Web sites.