The FBI Cyber Division has sent a warning to some of the world’s top corporations about a coordinated campaign of denial of service attacks and hacking, scheduled for Friday, May 25.
Apple Computer, McDonald’s, ExxonMobil, Hewlett-Packard, Bank of China and Walmart are among the firms singled out for attacks as part of “Operation NewSon,” which will take place tomorrow and involve “online attacks against targeted organizations in the form of Distributed Denial of Service (DDoS) attacks and the leaking of classified data, according to a warning issued from Cyber Division on Thursday.
The Bureau did not immediately respond to e-mail and phone requests for comment. However, the warning was based on what the Bureau termed “open source intelligence” gathered “as part of our impending investigations into hacktivist groups associated with Anonymous.”
Infraguard is an information sharing and analysis group that connects the FBI with private sector firms. It is organized into local chapters based on geography. Some of those chapters have been targets of Anonymous in the past.
The list of companies targeted for attack is varied and includes retail, banking, energy and mining firms, as well as telecommunications and technology companies. Previous targets of Anonymous, including HBGary, Bank of America and PBS, the U.S. Public Broadcasting System, are all listed, as well as Nokia, Cargill, Bestbuy, AT&T and computer giant Apple.
There have been public mentions of Operation New Son (OpNewSon) dating back to April on IRC and in documents posted on file sharing sites like Pastebin. Ostensibly, the goal of the operation is to target “stick it to the man” (their words, not ours!) by attacking high profile companies. A tweet sent out via a Twitter account affiliated with the group called for the operation to begin at 6:00pm PST on Friday, May 25. The group also posted what appear to be leaked e-mail account information from car maker Hyundai and contact information allegedly taken from Stanford University. Neither organization was listed as a possible target in the Infraguard warning.
Anonymous is a decentralized organization at best and promised attacks often fail to materialize. The breadth of the planned action is also enormous. However, Anonymous as well as affiliates like LulzSec have been known to hoard data stolen in compromises and release them at a time of their choosing, which means that Friday may indeed bring evidence that the group has penetrated the defenses of some of the organizations listed.