ERT Threat Alert- 2014 FIFA World Cup
Threat Alert
Anonymous Threat on 2014 FIFA World Cup
Emergency Response Team
June 6t...
ERT Threat Alert- 2014 FIFA World Cup
THREAT DETAILS
Recently it has been reported in the news that hacktivist group Anony...
ERT Threat Alert- 2014 FIFA World Cup
TARGETS
The following are the partners, sponsors and supports, as stated in the FIFA...
ERT Threat Alert- 2014 FIFA World Cup
INSTRUCTIONS FOR ORGANIZATION
Radware’s ERT offers the following recommendations for...
Upcoming SlideShare
Loading in...5
×

Threat Alert: Anonymous Threat on 2014 FIFA World Cup

3,656

Published on

Recently it has been reported that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup, including its partners and sponsors. This threat has gained public attention after an interview with an Anonymous group spokesman provided select details about the planned operation.

The Radware Emergency Response Team (ERT) offers the following recommendations for organizations that are affiliated with the 2014 FIFA World Cup.

For more from the Radware ERT, please visit: http://security.radware.com/

Published in: Technology, News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,656
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
2
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "Threat Alert: Anonymous Threat on 2014 FIFA World Cup"

  1. 1. ERT Threat Alert- 2014 FIFA World Cup Threat Alert Anonymous Threat on 2014 FIFA World Cup Emergency Response Team June 6th 2014
  2. 2. ERT Threat Alert- 2014 FIFA World Cup THREAT DETAILS Recently it has been reported in the news that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup including its partners and sponsors. The threat gained public attention after an interview with an Anonymous group spokesman, referring to himself as Che Commondore, provided select details about the planned operation. Che Commondore revealed the socio-political motivation for the attack stating, “In 2014 the world will live the 'Brazilian dream'. It's the country of the World Cup, & blessed for God and beautiful for nature. That it's a beauty! But, what beauty? The World [of] Cup have implicit characters, but this the Government Brazilian choose to hide. When you arrive in Brazil, you tourists, will be surprised by assaults with guns." According to Che Commondore, the group had already hacked into the Brazilian Foreign Ministry's database and released sensitive email data based on the efforts of an individual called AnonManifest. AnonManifest also promised upcoming denial-of-service attacks – Anonymous’ known weapon of choice. A Brazilian Foreign Ministry official told Reuters on Friday that only 55 email accounts were hacked and the only documents that were obtained were attached to emails from the ministry's internal document archive. What’s very important to note here from a technical perspective, is that Anonymous performed a server cracking attack to reach the e-mail servers where they downloaded file attachments to create the first leak. This can subsequently be used to DDoS and shut down accounts, and/or gain access from password hacking/server cracking attempts. Although some information has been disclosed regarding the rationale behind the planned attack, more specific details are less known. It seems Anonymous is learning from prior experiences and now chooses to hold its cards close to the chest. What it is clear is that the hacktivist group has once again chosen a target ripe for exploitation. It is purported that as early as 2005 and 2007 Brazil fell prey to cyber-attacks resulting in major power outages. Thus, another attack does not come unexpected. Fast forward to today, in which Brazil has been beset for months by roiling protests on the games and their alleged drain on an already strained economy. It’s a perfect storm. Anonymous is likely betting on that backdrop to boost support and gain advocates to help them carry out their cyber exploit. The FIFA World Cup as well as the Olympics are such high profile sporting events they are now starting to draw malicious cyber attention. Radware’s ERT has been involved in similar threats dating back to the 2010 Vancouver Winter Olympics, the 2012 London Summer Olympics and the 2014 Sochi Winter Olympics. Per a previous US-CERT Security 2014 Olympic Games advisory the targets were similar to the recent threat. According to the Sochi advisory “Anonymous Caucasus, has launched what appears to be a threat against any company that finances or supports the winter games.” This group has been known in the past to launch DDoS attacks. Radware’s ERT reports that the attempts to attack the Sochi Olympics started long in advance of the games on the Olympic committee’s web site and resources. In summary, Radware’s ERT sees this as evidence of a growing trend whereby high-profile sporting events are the newest ‘hot’ target for cyber maliciousness and attack. The ERT additionally cautions that this could extend to streaming providers and other major entertainment outlets (physical and digital) that will be known to promote such events including cloud or infrastructure-as-a-service (IaaS) providers on which some of the current targets rely. Contained in the next section of this alert are general guidelines for preparation and response for potential targets of this threat.
  3. 3. ERT Threat Alert- 2014 FIFA World Cup TARGETS The following are the partners, sponsors and supports, as stated in the FIFA World Cup site, which are considered under threat. It is possible that more organizations will be added when the attack nears launch.
  4. 4. ERT Threat Alert- 2014 FIFA World Cup INSTRUCTIONS FOR ORGANIZATION Radware’s ERT offers the following recommendations for organizations that appear in the above list or are affiliated with the 2014 FIFA World Cup INSTRUCTIONS BEFORE THE ATTACK  Harden security systems as much as possible especially DoS protection, anti-scanning, and all intrusion protection methods.  Make sure that all security systems will not fail-open under DoS/DDoS attack. Attackers today are known to use Dos/DDoS to overwhelm security devices first, and then carry out other type of attacks.  Closely monitor for any new alert and investigate each one carefully. As admitted by Anonymous, they do test their attack vectors in advance, and this should be used to understand their planned techniques and prepare accordingly. INSTRUCTIONS DURING THE ATTACK  Monitor carefully all security systems, service performance and internet pipe utilization to detect the attack as early as possible.  During DoS attacks continue to monitor carefully all other attacks. Attackers today are known to use Dos/DDoS as a smoke screen.  Monitor for site defacement. INSTRUCTIONS FOR RADWARE AMS CUSTOMERS  Radware customers that appear in the above list or are affiliated with the 2014 FIFA World Cup should contact the ERT (by contacting Radware Technical Support) for assistance with attack preparedness the attack.  Radware customers under attack should contact the ERT immediately via phone to Radware Technical Support to gain immediate service.

×