Anonymous releases private emails, government contracts, VPN credentials, and more

Anonymous releases private emails, government contracts, VPN credentials, and more

Summary: Rogue hacker group Anonymous has released a slew of information from government contractor IRC Federal. See their release notes and find out the specifics of the leak here.

SHARE:

In the days following the dispersal of LulzSec, Operation Anti-Security continues on with the rogue hacker group Anonymous releasing a considerable amount of informationfrom IRC Federal, a government contractor with FBI, Army, and DOJ partnerships, to name a few. To quote Anonymous's release notes:

Today we release the ownage of another government-contracted IT company, IRC Federal. They brag about their multi-million dollar partnership with the FBI, Army, Navy, NASA, and the Department of Justice, selling out their "skills" to the US empire. So we laid nuclear waste to their systems, owning their pathetic windows box, dropping their databases and private emails, and defaced their professional looking website.

In their emails we found various contracts, development schematics, and internal documents for various government institutions including a proposal for the FBI to develop a "Special Identities Modernization (SIM) Project" to "reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies". We also found fingerprinting contracts for the DOJ, biometrics development for the military, and strategy contracts for the "National Nuclear Security Administration Nuclear Weapons Complex".

Additionally we found login info to various VPNs and several Department of Energy login access panels that we are dumping *live* complete with some URLs to live ASP file browser and upload backdoors - let's see how long it takes for them to remove it (don't worry we'll keep putting it back up until they pull the box ;D)

This is an embarrassing situation for a company dealing with such sensitive information and yet another lesson learned through exploitation that security needs to be much more than what it currently is for many such high-profile/significant sites. And though the information leaked sounds important at first-glance, the coming days will reveal whether or not this is just another forgetful "hacktivist" release that merely reiterates the flaws of current security measures, or if something significant will come of it all.

Rest assured that either way, the continued hammering of governments and government contractors is sure to yield significant changes in approaches to security. But that's only in the short term. The larger concern of many is how these actions might provoke new legislation that seeks to prohibit certain facets of Internet access/usage. Never mind if these "hacktivists" manage to get a hold of something truly significant that gives some sort of disastrous advantage/insight to feared terrorist/criminal/anti-government organizations.

What are your thoughts? Are you tired of seeing these releases or do you think this whole "hacktivist" movement should continue as long as it can? Weigh in your thoughts in the comments below!

Related Stories

Topics: Security, Banking, Browser, Collaboration, Government, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

15 comments
Log in or register to join the discussion
  • Probally a whole lot of nothing

    You're right, lets wait and see.
    William Pharaoh
  • What kind of world do you want to live in?

    One where the strong (whatever their strength is) destroy the weak, or one where the strong defend the weak?

    All these people that are getting hacked are idiots because they don't have proper security right? Well, I think *you're* an idiot because you don't have bars on your windows and doors. To prove it, I'm going to break into your house. Think you're safe because you have a gun? I'll just come in at night while you're asleep, and you won't have time to react before I shoot you first. Why? Because people that sleep at night are idiots.

    If that's the kind of world you want to live in, you can have it.
    bmorgan357
    • RE: Anonymous releases private emails, government contracts, VPN credentials, and more

      @bmorgan357
      Zackly
      MoeFugger
    • Too simplistic

      @bmorgan357<br><br>Who do you fear more: Hackers or secretive governments and their cohorts? Especially governments that keep detention centers outside the reach of the civil courts and secret ones in foreign countries?<br><br>Not a trivial question.

      Edit: Not to mention governments that can start proceedings against you and you are not allowed to talk about it at all, not even that there IS a proceeding against you. That is not too far removed from a police state.
      Economister
      • Which do you fear the most in refernce to directly impacting your life?

        @Economister
        governments that keep detention centers outside the reach of the civil courts and secret ones in foreign countries that you'll never see as they use them to hold and detain people trying to blow you up, or hackers who steal your identity and ruin your life finacially?

        Since I won't be killing or blowing up any people anytime in my life, I'm far more worried that some group posts my life history on line for anyone to steal, as I don't want to buy a new house or car only to find I can't because my credit's destroyed, my life "stolen".
        William Pharaoh
      • RE: Anonymous releases private emails, government contracts, VPN credentials, and more

        @Economister [i]Who do you fear more: Hackers or secretive governments and their cohorts?[/i]

        Both Equally actually. This is not a "lesser of two evils" thing.
        Badgered
    • RE: Anonymous releases private emails, government contracts, VPN credentials, and more

      @bmorgan357

      That's one thing, but if these companies are saying "We need your information. We're going to be collecting it, sometimes secretly, but it will always be safe. In fact, we'll spend millions of dollars of tax dollars on it because it's so important."

      The next day, someone slips past the guard at this digital Fort Knox, and takes your information. He doesn't do anything with it himeself, just throws it in the air and says "Look! I walked right in and took this stuff you love so much. They're lying to you!"

      Who do you get angry at? It's not an idle question. Some people will still say the criminal, but others would be angry at the government for making these promises and telling the lies.

      As companies get excited about social networks and cloud-based computing, these things will only become more important. If in 30 years, we have a more secure infrastructure and a better user-base, we'll be better off.

      The alternative would be to have this information continue to build up, become more sensitive and less secure. Thank these people for doing this now, when it doesn't matter as much. Get angry at people who don't take this seriously, and think that more rules will solve problems.
      spaceisupthere
  • Note reference to &quot;pathetic Windows box&quot;

    Presumably it's possible to secure Windows. Why aren't US government agencies and contractors required by law to do so? Some heads need to roll.

    And I'd like to add that I'm amazed that Microsoft, or any other software provider, is able to skate on liability for security holes in the crap they sell. Microsoft in particular acts like it has little incentive to thoroughly test its software for adequate security against hacking before releasing it. How many billions has the carelessness of Microsoft coders cost their customers??
    FeralUrchin
    • RE: Anonymous releases private emails, government contracts, VPN credentials, and more

      @FeralUrchin
      Where were you when Lulz blasted *ix systems few weeks back? By default no system is secured, it is "IT Admins" job to make it secured. And once it is on the net, there is no guarantee that any system can be made 100% hard enough to secure the entire network of systems behind it. Please show your hatred on Microsoft somewhere-else.
      Ram U
  • I shop

    http://www.aliexpress.com/fm-store/800405
    shenyongyuan
    • spam

      @shenyongyuan Has been flagged but still spammer after edit
      spdrcrtob
  • It's the Company's Responsibility

    There will always be hackers in the form of profiteers, idealists, and what ever else motivate these people to hack. As a company, if you collect information it is your responsibility protect it.
    Auna
  • Is it just me or...

    ...do VPN credentials include login name and password? If that's the case then *WHY THE HELL* is a sensitive company that does work for the government storing passwords *in the clear*?

    Come on, folks. As much as the scare-mongers want to sell newspapers (er, click rates) the truth of the matter is passwords in the clear is about as stupid as it's possible to get.

    NOBODY but the user should ever know the password. Period, end of story. Having the ability to list passwords is downright dangerous.

    *Especially* for a company that does security work for the government!

    Jeez.
    wolf_z
    • Incomplete Information

      We are dealing with spin on both sides here. Just haven't heard the government's spin on the situation. As for Anonymous, who knows if the VPN passwords are legit? If so, are the users forced to change them? For that matter, maybe some sort of token is required along with the password.
      TBone2k
  • to many secrets

    well it would all just go away..if there was no secrets. let's face it everything that we find out, is just bad news of secrets that they don't want us to know about. To me that's the whole problem.
    Everything and anything can be hacked or copied, I mean we as humans made it. besides it's like the car radar stuff ..they make new radar, then new radar detector comes out.
    and if firewall and virus scanners are to be so good that they work all the time would that alone put the company out of work? but yet virus's come and go all the time. so to me this will go on forever, as there are to many secrets.
    graychong