Anonymous threatens Singapore’s financial systems … perhaps
By Paul Ducklin November 4, 2013
- Should the apparent threat by Anonymous against Singapore be taken seriously?
- Whether this is a genuine threat by hacktivists or not, security is always worth doing well
AN anonymous person, claiming to be from hacktivist group Anonymous, recently fired off a hacking threat against Singapore's financial systems.
The threat was detailed in a video posted on YouTube, apparently under a real user's name, and came with a full transcript – a wordy one, if the truth be told – detailing what was planned and why it should be taken seriously.
The video has now been removed, as you’d probably expect if a compromised account had been used.
As I didn't save the transcript when it was available (the Internet has a Murphy's Law way of retaining things you would rather remove, and vice versa, doesn't it just?), I shall have to go from memory here:
Of course, anyone can claim to be ‘Anonymous,’ and many have done so. And there's often some sort of action proposed under the Anonymous banner for 05 November.
We’ve already been asked, “Should this threat be taken seriously?”
Well, hackers under the guise of Anonymous have managed some admittedly fairly modest cyber-attacks in the past, including:
- The 12-year-old boy who had got swept up in the excitment of it all.
- DDoSes (distributed denial of service attacks) mounted against online payment companies.
- Defacement to post protest messages on the websites of the US Department of Justice and of MIT.
So, if you’re not secure against this sort of modest attack, you probably don’t stand much chance against more determined cybercriminals – attackers who don’t usually announce their attentions in advance with a YouTube video.
What that means is that if computer security is worth doing, it is worth doing well, with or without the posturings of unknown proponents of so-called hacktivism.
In short: I don’t see any need to do anything differently because of this latest, short-lived Anonymous video, unless you weren’t taking computer security seriously beforehand.
So perhaps Singaporeans should treat this video not as a threat, but simply as a handy reminder – coming as it does on the very last day of Cyber Security Awareness Month – that computer security matters.
If you haven't done them yet, why not do these three?
That’s our advice by which anyone, anywhere, can do their bit to help everyone, everywhere.
Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. He wrote this for the Sophos Naked Security blog here; the article is reprinted here with its kind permission.
Oi, Asean techies and hacktivists: What about the haze?
Interpol lays out response blueprint for global cybercrime war
Malaysia-Philippines cyber-war claims sites on both sides
Filipinos take to the streets to protest new cybercrime law