In the days following the dispersal of LulzSec, Operation Anti-Security continues on with the rogue hacker group Anonymous releasing a considerable amount of informationfrom IRC Federal, a government contractor with FBI, Army, and DOJ partnerships, to name a few. To quote Anonymous's release notes:
Today we release the ownage of another government-contracted IT company, IRC Federal. They brag about their multi-million dollar partnership with the FBI, Army, Navy, NASA, and the Department of Justice, selling out their "skills" to the US empire. So we laid nuclear waste to their systems, owning their pathetic windows box, dropping their databases and private emails, and defaced their professional looking website.
In their emails we found various contracts, development schematics, and internal documents for various government institutions including a proposal for the FBI to develop a "Special Identities Modernization (SIM) Project" to "reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies". We also found fingerprinting contracts for the DOJ, biometrics development for the military, and strategy contracts for the "National Nuclear Security Administration Nuclear Weapons Complex".
Additionally we found login info to various VPNs and several Department of Energy login access panels that we are dumping *live* complete with some URLs to live ASP file browser and upload backdoors - let's see how long it takes for them to remove it (don't worry we'll keep putting it back up until they pull the box ;D)
This is an embarrassing situation for a company dealing with such sensitive information and yet another lesson learned through exploitation that security needs to be much more than what it currently is for many such high-profile/significant sites. And though the information leaked sounds important at first-glance, the coming days will reveal whether or not this is just another forgetful "hacktivist" release that merely reiterates the flaws of current security measures, or if something significant will come of it all.
Rest assured that either way, the continued hammering of governments and government contractors is sure to yield significant changes in approaches to security. But that's only in the short term. The larger concern of many is how these actions might provoke new legislation that seeks to prohibit certain facets of Internet access/usage. Never mind if these "hacktivists" manage to get a hold of something truly significant that gives some sort of disastrous advantage/insight to feared terrorist/criminal/anti-government organizations.
What are your thoughts? Are you tired of seeing these releases or do you think this whole "hacktivist" movement should continue as long as it can? Weigh in your thoughts in the comments below!