Countries are perpetrating cyber espionage while pretending the cyber attacks come from the Anonymous and LulzSec hacking groups, according to an Akamai security executive.
Nations are launching distributed denial of service (DDoS), and data-stealing attacks against other states for espionage purposes, and claiming to be Anonymous or LulzSec, Akamai director of security intelligence Joshua Corman told a press event on Thursday.
"A couple of [Anonymous events] have actually been state-sponsored espionage," Corman said. "They would do a DDoS, and make it look like it was LulzSec or Anonymous." Corman called the events "false flag operations", and said that organised crime had also used the tactic.
"Now that Anonymous exists, whether you're a criminal organisation, organised e-crime, or state-sponsored espionage, you can now hide your tracks, or throw off law enforcement," Corman told ZDNet UK. "They can leverage a false flag operation, looking like Anonymous or LulzSec, do a DDoS attack, and say 'We are Legion', which allows you to either completely hide your tracks, or it pulls in different parts of incident response within an organisation and within law enforcement."
Corman said that an attack that looks like it is state-sponsored will get a very different reaction from law enforcement to an attack that looks like it's coming from Anonymous.
Corman declined to give any details about when the attacks occurred, or which country was attacking which.