Anonymous is 'good' for security

Anonymous is 'good' for security

Summary: Exploits of hacktivist group help improve companies' security posture by exposing vulnerabilities, but its threat remains despite key members of the group being arrested, security insiders warn.

SHARE:

Even as the law catches up with hacktivist group Anonymous, with several key members arrested in recent weeks, security insiders reflect on how its emergence have made a positive impact in raising the overall security awareness and level among organizations. That said, the group still poses a threat and companies should remain vigilant.

Alexandu Catalin Cosoi, chief security researcher at BitDefender, for one, said that hacktivist group Anonymous has been "good" for security. This is because even though it had disclosed people's personal information publicly online, the security breaches it organized had a positive impact, he added.

Now, more companies are willing to secure their networks and private data, which is good news, he stated.

Luis Corrons, director of Panda Security's PandaLabs, added that the much-publicized cyberattacks carried out by the hacktivist group on companies such as Sony, Stratfor, MasterCard and Visa, among others, have helped organizations become aware of the security holes within its IT systems and forced them to fix it.

"It is likely that similar data theft cases would happen anyway, [but] carried out by some other people and without anyone noticing it," he said.

The positives that Anonymous brought to the security industry was also pointed out by Grady Summers, vice president of information security company Mandiant, during the recently-concluded RSA Conference 2012. Then, he said the group was the "best thing that happened in security" as it caused a lot of urgency and traction around security issues and forced companies to improve their security posture.

Threat not eradicated yet
However, the downside to the emergence of Anonymous was that the afflicted companies, and their customers, suffered financial losses and reputational damage, Corrons highlighted.

Cosoi added that had organizations been more proactive in implementing the required security measures, there would have been a lot less incidents. As such, he warned organizations not to let their guard down even as several key Anonymous members have been arrested recently.

According to a had U.S. Federal Bureau of Investigation (FBI) press release on Mar. 6, Anonymous group leader Hector Xavier Monsegur, who went by the alias "Sabu", together with five other hackers from Anonymous and its offshoot organizations, were arrested.

Monsegur had earlier pled guilty to several hacking charges, and was secretly working with the FBI to gather information on the real identities of the other hackers, the release stated.

The BitDefender executive, however, pointed out that Anonymous is not a fixed group of people, but a cause, and any hacker wishing to join this cause can be identifiable as Anonymous, which will lead to the growth of the group regardless of the recent arrests.

"There're millions of threats and vulnerabilities, and a strong amount of hackers that are [still] willing to prove their skills or steal data," he warned.

Corrons also pointed out that for each arrest made on Anonymous members, there will likely be a retaliatory strike. The attacks last week, including that against the Vatican's Web site, were examples of the group's response, he stated.

That said, he noted it is "very likely" that there will be more arrests made soon. This would cause the hacktivist group to be more cautious and reduce the number of high-profile attacks, the executive predicted.

Topics: IT Employment, CXO, Data Management, Networking, Security

Ellyne Phneah

About Ellyne Phneah

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion