LulzSec and Anonymous Blur Lines Between "Hacktivism" and Criminality, According to PandaLabs

  • Jul 13, 2011

Panda Security's anti-malware laboratory, today published its Quarterly Report for Q2, analyzing the IT security events and incidents from April through June 2011. As the report outlines, this quarter has been one of the worst on record, with hacking groups Anonymous and LulzSec causing widespread mayhem and organizations such as RSA Security, the U.S. Defense Department, the International Monetary Fund, the European Space Agency, Sony, Citigroup and SEGA all falling victims to attacks.   While media obsesses over illegal stunts, malware creation shows no signs of slowing in the last quarter, malware of all kinds has spread substantially, with PandaLabs observing 42 new malware strains created every minute. Once again, Trojans accounted for most of the new threats, comprising nearly 70 percent of all new malware created, followed by viruses (16 percent) and worms (12 percent). A graph depicting the types of new malware samples received by PandaLabs is available at http://prensa.pandasecurity.com/wp-content/uploads/2011/06/NEW-SAMPLES.jpg.

As recorded by Panda Security's online scanner, Panda ActiveScan, Trojans were responsible for 69 percent of infections, followed once again by viruses (10 percent) and worms (8.53 percent). Adware, which only represents 1.37 percent of all malware, accounted for more than 9 percent of all the infections, indicating the substantial effort malware writers are taking to promote this type of malicious code. Fake anti-virus programs, which are included in the adware category, have also continued to grow.

A graph of malware infections by type is available at http://prensa.pandasecurity.com/wp-content/uploads/2011/06/DISTRIBUTION.jpg. Asian Countries Lead Infection Rankings In the ranking of the top 20 countries with the most infections, China, Thailand and Taiwan once again continue to occupy the top three spots. PandaLabs observed Sweden, Switzerland and Norway as being the least infected countries. A graph depicting the Top 20 countries with malware infections is available at http://prensa.pandasecurity.com/wp-content/uploads/2011/06/TOP20ENG.jpg, and the Top 10 countries least infected at http://prensa.pandasecurity.com/wp-content/uploads/2011/06/LOWTOPEN.jpg.

Top Security Incidents:

• LulzSec and Anonymous: A new hacker group LulzSec emerged this quarter, specializing in stealing and posting Personally Identifiable Information (PII) from companies with poor security as well as carrying out denial of service attacks (against the CIA website, for example). They also released a full list of PII data they had previously stolen such as email addresses and passwords, which has led to account hijacking and other forms of identity theft. At the end of June, LulzSec teamed up with Anonymous for "Operation: Anti-Security," encouraging supporters to hack into, steal and publish classified government information from any source. On June 26, LulzSec released a statement on Twitter announcing the end of their activities. Nevertheless, they urged hackers to carry on with operation Anti-Security (#Antisec) and join the Anonymous IRC channel.

• Corporate Breaches: RSA, the security division of EMC Corporation, announced in mid-March it had suffered a breach on its network systems that exposed proprietary information about its two-factor hardware-based authentication system, SecurID. In May, Lockheed Martin, the largest provider of IT services to the U.S. government and military, suffered a network intrusion stemming from data stolen pertaining to RSA. It seems that the cyber-thieves managed to compromise the algorithm used by RSA to generate security keys. RSA will have to replace the SecurID tokens of more than 40 million customers around the world, including some of the world's biggest companies.

• Sonygate: The most infamous attack that occurred this quarter was the one Sony suffered. Everything started with the theft of data from their PlayStation Network (PSN), affecting 77 million users worldwide. Not only was this the biggest data theft on record, but the situation was also poorly communicated to customers by the company, which hid the problem for days. When Sony finally made it public they simply said there was evidence that some user data could have been compromised, even though they knew the situation was far more serious.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3