- Review: Hulu with Live TV ensures you always have something to watch 5 Years Ago
- How to live stream UFC on ESPN 4: Rafael dos Anjos vs. Leon Edwards 5 Years Ago
- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
- Facebook and Google could be tracking you on porn sites Friday 1:42 PM
- 7 best sites for psychic love readings Friday 1:20 PM
- Driver demonstrates why you always need to read road signs Friday 12:58 PM
- Area 51 remix video proves it’s the summer of Lil Nas X Friday 12:26 PM
- ‘ICE will come’: Convenience store clerk threatens customers speaking Spanish Friday 12:11 PM
- Rand Paul dodges questions about 9/11 Victims Fund, says ‘watch Fox News’ Friday 11:51 AM
- Report: ‘Stranger Things’ season 4 to begin shooting in October Friday 11:03 AM
- AT&T paid Michael Cohen to consult on net neutrality, FBI documents show Friday 9:10 AM
- Mysterio’s ruse changes on a second viewing of ‘Far From Home’ Friday 9:06 AM
With #OpPhDPound, Anonymous plans to target universities receiving research funding from the Ministry of Defence.
When the British newspaper the Guardian reported Jan. 7 that the Ministry of Defence (MoD) was funding university research into Anonymous, hacktivism, and surveillance (and had been for at least a year), it was only a matter of time before someone, somewhere in the hacker collective took retaliatory action.
Within about four hours of the article’s publication, #OpPhDPounds was on. It’s an Anonymous action that targets U.K. universities studying cyberwar, even at arm’s length. It’s been in stealth mode for almost two weeks as the Anons attempted to gather intel.
The hackivists have zeroed in on Queen Mary University of London and one of the institution’s researchers, a specialist in nanotechnology, in particular, releasing a couple of potentially embarrassing lists and internal communications.
But there’s a larger, more threatening action in the works.
“[We] plan on stirring things up over the universities taking MoD cash for invasive research,” one of the team members, with whom I was already familiar from previous hacks, told me via encrypted chat. “I am going to release basically their own map of their network, with all of the IPs and Mac addresses of every computer on their network.”
— Anonymous (@blackplans) January 20, 2014
On Jan. 19, they did exactly that, in a combination press release/dox that went live over the weekend at ZeroBin, a sort of self-destructing document delivery system. In one year, the document will be erased. They allegedly mapped the entire university computer network, identifying each computer and each Internet connection. It’s analogous to having the blueprints to a bank.
That information could be used in a distributed denial of service (DDoS) attack to target the specific university machines. In such a case, the website would likely remain up, but the individual computers on the university system—the ones used by the staff and students—could become inoperable. No damage would be done to their contents, but they could be frozen as long as they remained connected to the Internet and the subject of attacks.
DDoS is the most likely form of attack, as it is easy, cheap, and standard operating procedure for Anonymous, but other, more malicious or longer-lasting hacks are also certainly possible given.
The hackers claim they also have data from the human resources department, grades, evaluations, and personal details, of which I have been shown only a small selection. The hacker told me, “Bear in mind we do not plan on releasing much that will identify individual students, but we could if we wanted to.”
As for the motivation, Anonymous aims to draw attention to data insecurity in the institutions entrusted with MoD grants for security projects and research. “It’s obvious,” said our source, careful to note that this was an international effort, not specific to the U.K. “The institution is woefully underprepared for the kind of attention working with the Ministry of Defense can cause. If we are on their systems, anyone else could be as well.”
The hacker also claimed that they still have access to Queen Mary’s systems on an ongoing basis.
“They want to analyze data on the net, while their own data is woefully unsecured.”
Update: A spokesperson for Queen Mary University told the Daily Dot, “We are investigating the claims. We have informed the police.”
Photo via Hayes MKII/Flickr
Lorraine Murphy is an Ottawa-based cybersecurity journalist and founding editor of the Cryptosphere. She has a keen interest in WikiLeaks and web culture, and her bylines have appeared in Salon, Vanity Fair, Serious Eats, and elsewhere.