Earlier this month a group of hackers claimed to have taken down the email servers of CNN, a company with about 4,000 employees globally. It’s the first attack for #OpSilence, hacking group Anonymous’ impending month-long assault on the media for allegedly ignoring the crisis in Palestine.
Looking reflectively at this incident, Stephen Gates, chief research intelligence analyst at NSFOCUS provided @DFMag with the following expert opinion;
“According to reports, a suspected faction of Anonymous, called Ghost Squad Hackers, is targeting quite a few news media outlets with their new operation call #OpSilence. Apparently they believe they are fighting against a “New World Order”; which is a theory claiming a small group of Zionists run the world using banks, the media and corporations. You can read more about the previous Anonymous operation called OpIcarus in a blog I posted last month.
This sounds like another day in the world of DDoS attacks, and the motivations within. What is interesting in this case is the amount of reconnaissance about the victims that was provided in the Pastebin post. Each target listed has a link to another post in Pastebin showing their victims domains, IP addresses, mail servers and more information that could be of value to any would-be hackers. You can find out more about Ghost Squad’s targets on Pastebin.
One noteworthy activity this time around is the attacks on mail servers. I’ve often wondered why they’re not targeted more frequently. Almost every mail server that receives email from the outside-in is completely exposed to the Internet. Although often protected by firewalls, they do little if anything to block DDoS attacks on mail servers. Launch a SYN flood on TCP port 25, and watch your mail server roll over. All of the attack packets will fly right through the firewalls, or the firewalls will begin blocking legitimate email.
Attacks on websites are a pain for the victim. They normally make the news and can marginally impact an organization’s operations. However, attacks on mail servers can be disastrous for organisations who rely on email for their daily operations; notably the news media. I would suspect that journalists use email quite heavily for their daily activities. In other words, the Ghost Squad Hackers are going for the attacks that will cause the most impact for their victims. If you don’t have purpose-build DDoS defences protecting your mail server, if attacked… you’re likely going to see it go offline.”