Despite the reputation of being “hackers on steroids,” Anonymous’ first tool of choice is not always a crack, hack, or exploit. In response to legislation concerning SOPA and ACTA, much of their protest has come in the form of DDoS (denial of service) attacks. These attacks are executed by simply requesting access to a website an infinite amount of times to the point that it fails to load. According to Symantec however, Anonymous is utilizing the most devastating weapon in their arsenal, and have obtained the source code for certain Norton security products such as pcAnywhere. The software in question allows remote access to the user’s PC. By having the source code within their hands, Anonymous possesses, “an increased ability to identify vulnerabilities and build new exploits,” states Symantec. What’s the most concerning part about all this? Anonymous made away with the booty of information back in 2006 – that’s right 2006!
Symantec has scrambled to inform customers to disable pcAnywhere and to download patches that aim to close up the exposed loopholes. It is hard to say whether findings unearthed by Symantec, or implied threats by the group claiming to have obtained the code, motivated them to elevate their response to the hacking. Originally, Symantec’s attitude regarding the breach was much more confident and did not seem to indicate the level of concern about the repercussions that are now coming to light.
Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time. – Statement for Infosecisland.com
They can try, but the attack itself will look like it’s from 2006. If customers are using updated versions of their current software – whether it is consumer or enterprise software — they’ll be protected. They don’t need to upgrade or change software. Just make sure it’s updated, which it will be particularly if the auto-update function is turned on. – Email to The Arora Report
It is clear from Anonymous’ long list of targets that the mantra of “hire better security experts” isn’t the only answer. We have to take it upon ourselves to follow smart PC security practices. One can try and place a white hat or black hat upon Anonymous’ actions but it is pretty clear how futile it is to do so. If we should try to apply a name in regards to Anonymous’ role in this matter, it would be the Murphy’s Law of the Internet.
The principle of Murphy’s Law is simple. Anything that can go wrong will go wrong. Anonymous is merely reflecting the chaos of the internet – the risk we take in opening our cyber front door so to speak. We won’t always have a policeman conveniently nearby if an assailant tries to break in. Therefore we need to know a move or two of self-defense otherwise we’re all in for a nasty surprise.
Readers, how secure is your PC and do you feel you are doing enough to protect it from vulnerabilities?
[easyazon_block asin=”B0056CZC2S” align=”left”]