Anonymous To Launch Cyberattacks Against Trump

Uploaded on 2016-04-05 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

In a reprise of numerous similar campaigns from the past, the Anonymous hacktivist collective has announced plans to disrupt Donald Trump’s presidential campaign by launching cyberattacks on websites associated with the controversial candidate, starting April 1.

In a message on Anonymous’ YouTube channel, an individual purporting to a be spokesman for the collective urged those aligned with its cause to shut down Trump campaign websites and to “expose what he doesn’t want the public to know.”

The spokesman, wearing the group’s signature Guy Fawkes mask, described the planned attacks as a response to Trump’s “appalling actions and ideas” in running his presidential campaign. “We need to dismantle his campaign and sabotage his brand,” the masked spokesman exhorted viewers.

The Trump attack announcement, with its usual colorful rhetoric, has raised some predictable questions about whether Anonymous is really capable any longer of mustering the support needed to launch a disruptive cyber campaign against the leading Republican presidential candidate.

Rene Paap, security evangelist at A10 Networks says the Trump campaign appears to have foreseen the threat and protected its domain by using a Content Delivery Network (CDN) service.

“A CDN provides an extra caching layer in-between the content of a website and the client browser. It is a large network with many points of presence around the world, aimed to redirect a browser to the nearest location where cached content is served,” says Paap. “For Anonymous to break through this is going to be difficult, as the CDN anticipates DDoS attacks,” he says.

Anonymous and its collection of loosely affiliated followers around the world have pulled off several high-profile hacktivist campaigns in the past. Among the examples that Anonymous itself touts are a 2008 campaign against the Church of Scientology, in which it crashed the church’s website; Operation Darknet, in which it exposed IP addresses of nearly 200 alleged pedophiles; and its release of an incriminating video in a 2012 case involving a sexual assault on a high school girl in Steubenville, Ohio.

Following last year’s terrorist attacks on France’s satirical newspaper Charlie Hebdo, Anonymous launched a campaign to expose and disrupt websites spreading jihadist propaganda and, more recently, it has committed to doing the same to ISIS-affiliated websites. Soon after launching the campaign last February, Anonymous claimed it had succeeded in taking down over 1,000 sites and over 9,000 Twitter accounts affiliated with the terror group.

Whether or not Anonymous can replicate such campaigns in its planned attacks against Trump websites and online presence remains to be seen.
Regardless of how successful or not the planned attack is going to be, Anonymous’ call to attack the Trump campaign is another example of how the world of politics and cybersecurity are becoming increasingly intertwined.

The Internet -- social media, in particular -- has become a primary vehicle for candidates to communicate with voters, raise campaign awareness, target specific demographic, gauge voter sentiment, and solicit donations. But the growing use of these channels has given threat actors new ways to attack Internet users, security vendor Forcepoint had noted last year in its 2016 predictions report (registration required).

One of the dangers is that attackers will use email lures related to 2016 campaign issues to try and distribute malicious payloads to unsuspecting users. “Attackers frequently see large events as an opportunity to launch cyber-attacks on a curious population,” Forcepoint pointed out in its report. “Political campaigns, platforms and candidates present a huge opportunity to tailor highly effective lures.”

Another issue is the use of social media to misrepresent or to misdirect public perception of candidates and events related to the presidential campaign. As one example, the Forcepoint report pointed to a campaign by the Syrian Electronic Army (SEA) where hackers supporting the government of President Bashar al-Assad targeted and defaced sites belonging to rival groups.

Hackers affiliated with the same group also targeted the Facebook pages of former French President Nicolas Sarkozy and President Obama with spam messages supporting al-Assad, Forcepoint noted in its report. “The SEA also took over the Twitter accounts of legitimate news organizations, tweeting false news updates, creating uncertainty and alarm as the messages spread online before these accounts were again secured.”

Bob Hansmann, Forcepoint’s director of security analysis and strategy says that campaigns that want to mitigate such threats need to make cybersecurity a core part of their planning.  “A qualified CISO, as a ranking member of the campaign team, would be a game changer,” for the presidential candidates, Hansmann says in comments to Dark Reading.

“If a campaign team has one and, more importantly, if they listen to them, then the odds are in their favor,” he says. “They are likely less susceptible to an attack.”

Dark Reading: http://ubm.io/1RjG9sW

« Cognitive Computing Market Forecast To Be Worth $31Billion In 3 Years
Thought Experiment: Predicting Cyber War »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

Industry IoT Consortium (IIC)

Industry IoT Consortium (IIC)

The Industry IoT Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

IoT Security Institute (IoTSI)

IoT Security Institute (IoTSI)

IoT Security Institute is an academic and industry body dedicated to providing frameworks and supporting educational services to assist in managing security within an Internet of Things eco-system.

BullGuard

BullGuard

BullGuard is an award-winning cybersecurity company focused on providing the consumer and small business markets with the confidence to use the internet in absolute safety.

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications provides critical, tactical capabilities that inform decision making in the most challenging environments.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

AnaVation

AnaVation

AnaVation is a trusted partner delivering high-value, cost-effective solutions that solve the most complex technical and analytical problems for our customers.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

Casepoint

Casepoint

Casepoint is the legal technology platform of choice for corporations, government agencies, and law firms to meet their complex eDiscovery, investigations, and compliance needs.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!

Soteria Communications

Soteria Communications

Soteria Communications supports clients to prepare for and manage crises, with a focus on cyber incidents.

National Cybersecurity Agency (ANCI) - Chile

National Cybersecurity Agency (ANCI) - Chile

ANCI (Agencia Nacional de Ciberseguridad) is the National Cybersecurity Agency of Chile.