Operation AntiSec


Operation Anti-Security, also referred to as Operation AntiSec or #AntiSec, is a series of hacking attacks performed by members of the hacking group LulzSec and Anonymous, and others inspired by the announcement of the operation. LulzSec performed the earliest attacks of the operation, with the first against the Serious Organised Crime Agency on 20 June 2011. Soon after, the group released information taken from the servers of the Arizona Department of Public Safety; Anonymous would later release information from the same agency two more times. An offshoot of the group calling themselves LulzSecBrazil launched attacks on numerous websites belonging to the Government of Brazil and the energy company Petrobras. LulzSec claimed to retire as a group, but on 18 July, they reconvened to hack into the websites of British newspapers The Sun and The Times, posting a fake news story of the death of the publication's owner Rupert Murdoch.
Anonymous released their first cache of the operation on 27 June 2011, taken from an anti-cyberterrorism program run by the United States Department of Homeland Security and Federal Emergency Management Agency. They continued attacks on the Arizona government. They also launched attacks against the governments of Brazil, Zimbabwe, and Tunisia. Their most recent attacks have been against large corporations, NATO, and various United States law enforcement websites. Anonymous has used the stolen credit card numbers of police officers to make unauthorized donations to various causes. Others have also committed hacks in the name of the operation, including a hack into the Fox News Twitter account to post a false news story about the assassination of President of the United States Barack Obama and attacks on the websites of government entities in various countries. The groups involved have published sensitive government and corporate information, as well as the email addresses, names, and social security numbers, and credit card numbers of website users.
Law enforcement has launched investigations into many of the attacks committed as part of Operation AntiSec. At least seven arrests have been made in connection to activities related to the operation, including the arrests of two purported LulzSec members, a man who provided LulzSec with security vulnerability information, and four alleged members of AntiSec NL, a group inspired by the operation.

Background

The LulzSec hacking group formed in May 2011 and came to international prominence after hacking the websites of the Public Broadcasting Service, Sony, and the United States Senate. Initially, the group claimed to hack "for the lulz" and to enjoy the chaos that follows their intrusions. However, on 20 June 2011, the group announced that they were teaming up with hacking collective Anonymous for a series of attacks they dubbed Operation Anti-Security or Operation AntiSec. The press release accompanying the beginning of the operation called for supporters to steal and publish classified government documents under the name AntiSec. Major banks and corporations were also mentioned as potential targets. Though LulzSec disbanded as a group on 26 June 2011, members have been reported to be continuing the operation from within Anonymous.
The groups involved claim that the operation aims to protest government censorship and monitoring of the internet. LulzSec members also mention ending what they believe are corrupt racial profiling and copyright laws as a goal of the operation. The war on drugs has also been given as a reason for particular hacks. In contrast, USA Today described the operation as cyberwarfare targeting governments and large corporations.

LulzSec activities

June 2011
LulzSec launched the first attacks of the operation against the Serious Organised Crime Agency, the national law enforcement agency of the United Kingdom that handles cybercrime. The group launched a distributed denial-of-service attack against the agency's website on 20 June, taking it offline for only a few minutes. On the same day, they knocked the website of the Jianhua District in Qiqihar, China, offline.
On 23 June, the group released a large cache of documents taken from the servers of the Arizona Department of Public Safety. The release, titled "chinga la migra", roughly translating to "fuck the border patrol", including email addresses and passwords and hundreds of documents marked "sensitive" or "for official use only". The group claimed that they did so in retaliation for the passage of Arizona SB 1070, a law they saw as leading to unjust racial profiling. Arizona complained that the release of officer identities and the personal information of their families could put them and their families in danger and gave those exposed security protection. In response, they mobilized the Arizona Counter Terrorism Information Center and locked remote access of Department of Public Safety email accounts.
On 25 June 2011, the group released what they described as their last dump of the operation. The release contained a large amount of information from varied sources. Included was information from numerous companies, including half a gigabyte of data from telecommunications company AT&T and IP addresses from Sony, Viacom, Disney, EMI, and NBC Universal. The AT&T portion included information pertaining to the release of the 4G LTE, 90,000 personal phones used by IBM, and the development of the iPad 3. It also contained over 750,000 usernames and password combinations, including 200,000 from hackforums.net, 12,000 from the NATO online bookstore, 500,000 from the online video game Battlefield Heroes, 50,000 from various video game forums, and 29 from Irish private investigation company Priority Investigations. Finally, an internal manual for AOL engineers and a screencapture of the United States Navy website navy.mil after being vandalized.
On 22 June, an offshoot of the group calling themselves LulzSecBrazil took down the website of the Government of Brazil, brasil.gov.br, and the President of Brazil, presidencia.gov.br. They also targeted the website of Brazilian energy company Petrobras. On 24 June, they claimed to publish access codes and passwords to the Petrobras website along with personnel profiles. However, the company denied that any information had been stolen, and the group removed the claim from their Twitter feed a few hours later. The group also published the personal information of President of Brazil Dilma Rousseff and Mayor of São Paulo Gilberto Kassab.
July 2011
Despite claiming to have retired, on 18 July LulzSec hacked into the website of British newspaper The Sun. The group redirected the newspaper's website to an also-hacked redesign website of another newspaper The Times, altering the site to resemble The Sun and posting a fake story claiming that Rupert Murdoch had died after ingesting a fatal dose of palladium. They objected to the involvement of News Corporation, the Murdoch-owned company that publishes The Sun and The Times, in a large phone hacking scandal. The hacked website also contained a webcomic depicting LulzSec deciding on and carrying out the attack. The group later redirected The Sun website to their Twitter feed. News International released a statement regarding the attacks before having the page the statement appeared on also redirected to the LulzSec Twitter page and eventually taken offline. The group also released the names and phone numbers of a reporter for The Sun and two others associated with the newspaper and encouraged their supporters to call them. The group further included an old email address and password of former News International executive Rebekah Brooks. News Corporation took the websites offline as a precaution later in the day.

Anonymous activities

June 2011

On 27 June 2011, Anonymous published information relating to the Cyberterrorism Defense Initiative's Security and Network Training Initiative and National Education Laboratory program, or Sentinel program, an operation run by the United States Department of Homeland Security and Federal Emergency Management Agency. The hack included information that the agency distributed in 2009 and contained resources on publicly available hacking software, a list of Federal Bureau of Investigation bureau locations, details on counter-hacking tools, and form letters that law enforcement agencies used to obtain user details from internet service providers.
On 28 June, the group released the second collection of documents stolen from the Arizona Department of Public Safety during Operation Anti-Security. Dubbed "Chinga la Migra Communique Dos", or "Fuck the Border Patrol Message Two", the data file contained the names, addresses, phone numbers, internet passwords, and social security numbers of a dozen Arizona police officers. It also contained the emails, voicemails, chat logs of some of them; in at least one instance it included sexually explicit photographs from one of the officer's girlfriends. Anonymous also claimed that the documents included officers forwarding racist chain emails, evidence of K-9 unit officers using percocet, and a Fraternal Order of Police member who is also a convicted sex offender. Anonymous noted that their motivation stemmed from a desire to make police officers "experience just a taste of the same kind of violence and terror they dish out on an every day basis."
On the same day, the group released information obtained from various government sources. Government data from Anguilla, passwords from servers belonging to the Government of Brazil, the users of Zimbabwe government websites, and data from the Municipality of Mosman council were included. The Mosman council dump included mainly publicly available information from the website as well as a not-publicly-available prototype version of the website that had not yet been launched. They claimed to also have access to all Zimbabwean government websites ending in gov.zw. Most of the information and control were given through SQL injection. Anonymous claimed they targeted Brazil for what they saw as data manipulation and Zimbabwe for the controversial 2008 Zimbabwean presidential election. They also gained control of a website belonging to the Government of Tunisia. They replaced the webpage with a graphic representing Anonymous with text reading "The Internet is the last frontier and we will not let corrupt governments spoil it. We are Anonymous, We are LulzSec, We are People from around the world who are stepping in the name of freedom". The release also included a file containing internal mapping of Viacom servers as well as passwords and data from umusic.com, a website of Universal Music Group. They also released the names of 2,800 members of the Black Eagles paramilitary group.