The Anonymous hacker collective has declared resurgence of its attack scheme of 2011 it named Operation Icarus that launched an onslaught of assaults against the banks in Wall Street. Currently, it has targeted servers of the apex bank in Greece, which the bank lately substantiated. The attack forced the bank to withdraw its presence from the Web this Tuesday. The offline remained for some minutes.

An officer of the central bank in an interview to Reuters said the assault spanned some minutes; however, the security systems of the bank addressed it successfully. The denial-of-service (DoS) assault affected just the bank’s website.

During 2011, Anonymous’ Operation Icarus appeared as prime news when it attacked banks at Wall Street. In a YouTube video by the collective, Anonymous announces the approaching fall of Olympus. The collective tells about the resurgence of Icarus some days past, and that it has effectively shut down Bank of Greece’s website, adding the attack is a sign of a 30-day onslaught’s beginning on worldwide central bank websites.

The attack campaign targeted the Greek central bank first. Representatives of the bank said it wasn’t beyond some minutes and they were sure about it having remained watchful over their bank’s website too; however, the following day, there was a new development when one fresh series of assaults hit the bank disabling the website spanning a minimum of 6 hours.

Nonetheless, the collective plans to fry an even bigger fish as it states within the YouTube video, and also within one sequence of statements posted on the Internet. Softpedia.com posted this online dated May 4, 2016.

The Anonymous hacktivist group indicated that they felt it necessary to come down right in the banking empire’s heart via repeating their tactic of tugging into the system; however, at the present instance the group faced one far prominent target – the worldwide system of finance. That target was the Bank of England and the New York Stock Exchange, it stated.

Notably, the hacktivist collective is no longer as effective in disrupting targets as it was during its peak time in the Arab Spring of 2010.

Source:  http://www.spamfighter.com/News-20259-Anonymous-to-Strike-World-Banks-Targets-Bank-of-Greece-First.htm

 

After earlier this year declaring “total war” against U.S. Republican presidential candidate Donald Trump, the hacktivist group Anonymous is now threatening global banks with 30 days of distributed denial-of-service attack disruptions.

As a preview, on May 2, the group claimed to have disrupted the website of Greece’s central bank. “Olympus will fall. A few days ago we declared the revival of Operation Icarus. Today we have continuously taken down the website of the Bank of Greece,” the group said in the video posted on You Tube and delivered in the classic Anonymous style via a disembodied, computerized voice.

“This marks the start of a 30-day campaign against central bank sites across the world,” it adds. “Global banking cartel, you’ve probably expected us.”

Of course, banks have previously been targeted en masse by DDoS attackers. Beginning in 2012, for example, attacks waged by a group calling itself the “Izz ad-Din al-Qassam Cyber Fighters” continued to disrupt U.S. banks’ websites as part of what it called “Operation Ababil.” In March, the Justice Department unsealed indictments against seven Iranians – allegedly working on behalf of the Iranian government – accusing them of having waged those attacks. Regardless of who was involved, it’s unclear if Anonymous could bring similar DDoS capabilities to bear for its Operation Icarus.

A Central Bank of Greece official, who declined to be named, confirmed the May 2 DDoS disruption to Reuters, though said the effect was minimal. “The attack lasted for a few minutes and was successfully tackled by the bank’s security systems. The only thing that was affected by the denial-of-service attack was our website,” the official said. Greek banks have been previously targeted by DDoS extortionists, demanding bitcoins.

“It would have been better if no disruption occurred, but it is good that the attack – if that is what caused the disruption – was handled so quickly,” says information security expert Brian Honan, who’s a cybersecurity expert to the EU’s law enforcement intelligence agency, Europol.

A “World Banking Cartel Master Target List” published by Anonymous to text-sharing site Pastebin early this month lists the U.S. Federal Reserve, as well as Fed banks in Atlanta, Boston, Chicago, Dallas, Minneapolis, New York, Philadelphia, Richmond and St. Louis. Also on the target list are websites for the International Monetary Fund, the World Bank as well as 158 central banks’ websites. In a related video missive issued March 31, Anonymous urged its members to “take your weapons and aim them at the New York Stock Exchange and Bank of England,” promising that “this is the operation to end all others.”

The planned Anonymous operation follows elements of the collective earlier this year declaring “total war” against Trump, and on April 1 temporarily disrupting several of Trump’s websites, The Hill reports. Since then, of course, Trump has become the only Republican presidential candidate left standing after his massive win in this week’s Indiana primary.

Banks: Beware DDoS Threats

While the Anonymous bark doesn’t always equal its bite, in the wake of this alert, “banks in the United Kingdom, United States and Latin America should be very prepared” against potential attacks, says Carl Herberger, vice president of security for DDoS-mitigation and security firm Radware.

“In the same vein as someone yelling ‘bomb’ at an airport or fire at a movie theater, cyber-attack threats – whether idle or not – are not to be taken lightly,” he says, although he adds that the number of threatened DDoS attacks outweighs the quantity of actual attacks.

Herberger says in light of the new threat, all banks should review their DDoS defense plans, keeping in mind that DDoS attackers do continue to refine their tactics, as seen in the disruption of Geneva-based encrypted email service ProtonMail.

“As the attacks on ProtonMail in November 2015 have demonstrated … attackers change the profile of their attacks frequently and leverage a persistent and advanced tactic of revolving attacks geared to dumbfound detection algorithms,” he says, dubbing such tactics “advanced persistent DoS.”

Maintain a DDoS Defense Plan

Security experts have long recommended that all organizations have a DDoS defense plan in place. The U.K.’s national fraud and cybercrime reporting center, ActionFraud, for example, recently issued the following advice to all organizations:

  • Review: “Put appropriate threat reduction/mitigation measures in place,” tailored to the risk DDoS disruptions would pose to the organization.
  • Hire: If DDoS attacks are a threat, seek professional help. “If you consider that protection is necessary, speak to a DDoS prevention specialist.”
  • Prepare: All organizations should liaise with their ISP in advance of any attack. “Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.”

DDoS Extortions Spike

The guidance from ActionFraud, released April 29, also warned that the center has recently seen a spike in DDoS extortion threats from an unnamed “online hacking group” demanding the equivalent of $2,250 to call off their planned attack.

“The group has sent emails demanding payment of 5 bitcoins to be paid by a certain time and date. The email states that this demand will increase by 5 bitcoins for each day that it goes unpaid,” ActionFraud’s alert states. “If their demand is not met, they have threatened to launch a [DDoS] attack against the businesses’ websites and networks, taking them offline until payment is made.”

ActionFraud advises targeted organizations: “Do not pay the demand.” That echoes longstanding advice from law enforcement agencies globally. ActionFraud also urges organizations to keep all copies of DDoS extortion emails – including complete email headers – as well as a complete timeline for the threats and any attacks, and to immediately report threats or attacks to authorities.

Investigators say that keeping complete records – including packet-capture logs – is essential for helping to identify perpetrators. Or as ActionFraud advises: “Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports, etc.”

Masquerading as Armada Collective?

CloudFlare, a DDoS mitigation firm, reports that related attacks began in March and have been carried out under the banner of Armada Collective, as well as potentially Lizard Squad, although it’s not clear if those groups are actually involved.

It’s also unclear if the threatened DDoS disruptions have ever materialized. “We’ve been unable to find a single incident where the current incarnation of the Armada Collective has actually launched a DDoS attack,” CloudFlare CEO Matthew Prince says in a blog post. “In fact, because the extortion emails reuse bitcoin addresses, there’s no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundreds of thousands of dollars in extortion payments.”

Source: http://www.bankinfosecurity.com/anonymous-threatens-bank-ddos-disruptions-a-9085

Source:  http://www.ddosattacks.net/anonymous-threatens-bank-ddos-disruptions/

 

The first DDoS attacks part of #OpIcarus targeted the Central Bank of Greece, which were followed only after a few days by similar attacks against the Central Bank of Cyprus.

Shortly after that, the number of attacks seems to have exploded, now coming from all directions and from multiple Anonymous divisions such as Ghost Squad Hackers.

The operation’s official Twitter account, @Op_Icarus reported this weekend about DDoS attacks on the Central Bank of the Dominican Republic (the only site still down at the time of writing), the Guernsey Financial Services Commission, the Dutch Central Bank, and the Central Bank of Maldives.

A day later, hacking news magazine HackRead also reported about attacks on the Central Bank of Kenya and the National Bank of Panama.

Ghost Squad Hackers member s1ege tweeted about a DDoS attack on the Central Bank of Bosnia and Herzegovina, while Anonymous member BannedOffline also tweeted about similar attacks on the Central Bank Of Mexico.

Rounding up all casualties, in less than a week, Anonymous hackers have now DDoSed their way through ten of the 160 banks they’ve listed in an online manifesto, which also includes big names such as US Federal Reserve Bank, the World Bank, the IMF, the New York Stock Exchange, and Bank of England.

Source:

http://news.softpedia.com/news/anonymous-attacks-eight-more-banks-part-of-opicarus-503826.shtml

The Islamic State group’s cyber-war capabilities are unsophisticated, but they won’t be that way for long.

That was the conclusion of a 25-page report released last week by Flashpoint.

The report, “Hacking for ISIS: The Emergent Cyber Threat Landscape,” found that the Islamic State’s “overall capabilities are neither advanced nor do they demonstrate sophisticated targeting.”

However, the severity of the attacks by the groups supporters isn’t likely to remain unsophisticated, it added.

“Their capability of hacking military or NSA servers in the United States is far-fetched, but it’s not completely impossible,” said Laith Alkhouri, Flashpoint’s director of Middle East and North Africa research and one of the authors of the report.

“Concern is high, not because they have sophisticated hacking skills but because they’re utilizing multiple ways of bringing in new talent, utilizing all the freely available tools online, trying to utilize malware that’s already available and building their own malware,” he told TechNewsWorld.
Script Kiddie Assassins

ISIS lacks the organization and skills of other cyber adversaries of the United States, noted another author of the report, Flashpoint Director of Security Research Allison Nixon.

“Chinese and Russian hackers are organized criminal gangs or nation-state supported groups,” she told TechNewsWorld. “They’re highly educated, highly skilled. They use custom malware and custom tools.”

“On the other hand, ISIS supporters are more like script kiddies or hactivists. They have a low level of sophistication and engage in behavior patterns and use toolsets that we would see in any other attention-seeking group,” Nixon continued.

“They’re using open source tools and very old public exploits,” she said. “They’re only capable of hacking sites that aren’t very well maintained in the first place.”

Although ISIS hackers have some similarities to hactivists, they differ from them in at least one very important way. “Hacktivists don’t threaten physical violence,” Nixon said. “Physical violence is an important part of ISIS hackers.”

“They’re interested in translating these online threats into physical attacks,” she added.

Attacks of Opportunity

The hacking tools of ISIS cyberwarriors are almost invariably going to be taken from publicly available open source projects because of the ease of obtaining such tools along with the fact that they can often be used successfully, the report noted.

Developing proprietary tools would require significant effort and resources to create a completely private toolset that is on par, or better than, what is already available publicly, it said.

Of course, actors may modify this publicly available software or write simple scripts, but it is unlikely these groups are building software from the ground up for their supporters to use, the report said.

“As pro-ISIS cyber attacks and capabilities have gradually increased over time but remained relatively unsophisticated, it is likely that in the short run, these actors will continue launching attacks of opportunity,” it noted.

“Such attacks, include finding and exploiting vulnerabilities in websites owned by, for example, small businesses, and defacing these websites. Other attacks may include DDoS attacks,” the report continued.

Hacking Powerhouse

Pro-ISIS cyberactors are demonstrating an upward trajectory, indicating that they will continue to improve and amplify pre-existing skills and strategies, the report said.

Such a trend was exemplified by the recent merger of multiple pro-ISIS cybergroups under one umbrella: the United Cyber Caliphate.

“We’re starting to see these groups coalesce their brand. They’re increasing their ranks in number. They’re increasing their ranks in skill. They’re increasing their ranks in languages, which means they’re increasing the channels on which they operate and which they distribute their claims of responsibility,” Alkhouri noted.

“That means they have a much more powerful message and a more robust structure than before,” he continued. “They are coalescing their ranks to become a hacking a powerhouse.”

U.S. Responds

The United States isn’t ignoring the growing threat of ISIS in cyberspace. A new campaign was designed to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters, according to a news report published last week.

While the Pentagon hasn’t been shy about letting ISIS know U.S. cyberforces will be gunning for it, details have been in short supply.

“There doesn’t seem to be any specifics on what they intend to do or how they intend to carry it out,” said Lawrence Husick, co-chairman of the Foreign Policy Research Institute’s Center for the Study of Terrorism.

“It may be as something as simple as finding some servers and executing an automated attack on those servers,” he told TechNewsWorld, “or it may be something more complicated, like the use of directed malware or the disruption of encrypted channels used by ISIS on the dark Web.”

Given how the military likes to keep its cyber cards close to its BDUs, it’s a bit unusual that it’s saying anything at all about its plans for ISIS. “I’m not sure why they chose to talk about it,” said Richard Stiennon, author of There Will Be Cyberwar.

“It’s better to take advantage of your ability to intercept and spoof messages without telling your adversary about it,” he told TechNewsWorld.

Psych Op

However, there could be a domestic angle to the Pentagon’s bravado about its cyberwar efforts. “There’s a desire by the branches for more dollars from Congress for their cyber programs,” Stiennon said.

On the other hand, prying money from Congress for cyber initiatives doesn’t seem to be a problem. “For many years, Congress has pretty much given the military everything that it wants in the way of cyber,” Husick said. “That’s one area of the budget where they have really not had any problem at all.”

The Pentagon’s announcement of a cyber campaign could be an effective weapon against ISIS. “Deception and disruption are part of the game of warfare,” he said. “There are times when you say something and do nothing, and there are other times when you do something and say nothing.”

“They may be trying to get into the head of ISIS,” said retired Rear Adm. James Barnett, head of the cybersecurity practice at Venable.

Nevertheless, he doesn’t think the Pentagon is bluffing when it says it’s going to escalate the cyberwar with ISIS.

“We may not hear about the operations for months, but at some point we’ll hear about a coordinated strike, either in combination with conventional forces or something significant in cyberspace,” he told TechNewsWorld.

Source:  http://www.technewsworld.com/story/83468.html

 

OPICARUS HAS FOUND ANOTHER TARGET AND THIS TIME IT’S THE CENTRAL BANK OF CYPRUS.

A group of hacktivists shut down the official website of Central Bank of Cyprus earlier today for operation OpIcarus, an online operation aimed at targeting banking and financial institutes worldwide. Operation OpIcarus was launched in January 2016 and restarted in March 2016. The hacktivists behind the operation believe banks and financial giants are involved in corruption and to register their protest they had to take the war to a next level.

The DDoS attack was conducted earlier this morning when the bank’s website (centralbank.gov.cy) was forced to stay offline. It is unclear for how long the site remained down, however, the attackers shared a screenshot showing the site was down for 35minutes before saving the screenshot.

HackRead had a conversation with one of the attackers behind the attack who said that:

“The banks have been getting away with murder, fraud, conspiracy, war profiteering, money laundering for terrorists and drug cartels, have put millions of people out on the street without food or shelter and have successfully bought all our governments to help keep us silenced. We represent the voice of the voiceless. We are uniting to make a stand. The central banks which were attacked in recent days were attacked to remind people that the biggest threat we face to an open and free society is the banks. The bankers are the problem and OpIcarus is the solution.”

This is the second bank that came under fire since the relaunch of Oplcarus. On 3rd May 2016,the Bank of Greece had its website under series of DDoS attacks and stayed offline for several hours.

Source:

https://www.hackread.com/oplcarus-hacktivists-ddos-central-bank-of-cyprus/