Anonymous Leaks Law Enforcement Forensic Secrets
Hacktivist group claims release of 38,000 emails related to the Feds' cybercrime investigations, in retaliation for stiff sentences for Anonymous members.
Members of the hacktivist collective Anonymous Friday released two swaths of data related to government groups, current and former law enforcement agency employees, as well as details of forensics methodologies used in prosecuting computer crimes.
Anonymous said the data release was in retaliation for the harsh penalties being meted out to members of its group for activities that it characterized not as crimes, but rather "electronic civil disobedience."
More Security Insights
- Combining Cloud-Based DDoS Protection and Managed DNS Services to Thwart Large Attacks.
- Why you're still at risk - and what you can do about it
"As part of our ongoing effort to expose and humiliate our white hat enemies, we targeted a Special Agent Supervisor of the CA Department of Justice in charge of computer crime investigations," according to an Anonymous statement released via Pastebin. "We are leaking over 38,000 private emails which contain detailed computer forensics techniques, investigation protocols, as well as highly embarrassing personal information." The stolen data was released via Tor and BitTorrent.
[ A former Anonymous hacker offers security tips. See 14 Enterprise Security Tips From Anonymous Hacker. ]
Based on a resume that's included in the trove of documents, Anonymous stole the data from Alfredo Baclagan, a former California highway patrol officer who retired in 2010 from his position as special agent supervisor for the California Department of Justice, where he was responsible for overseeing the agency's computer crime investigations.
Anonymous said the released data includes six years' worth of emails from an International Association of Computer Investigative Specialists (IACIS) email list of which Baclagan was a member, "which detail the methods and tactics cybercrime units use to gather electronic evidence, conduct investigations, and make arrests."
"The information in these emails will prove essential to those who want to protect themselves from the techniques and procedures cybercrime investigators use to build cases," according to Anonymous, which said that the emails contain details relating to how EnCase Forensic software gets used, recent attempts to crack TrueCrypt drives, as well as tips for preparing search warrants and subpoenas.
Anonymous said it also released the entire subscriber list for the IACIS email group, "causing the administrators to panic and shut their list and websites down." IACIS didn't immediately respond to a request for comment asking it to confirm whether its email or membership list had been breached by Anonymous.
The release of Baclagan's professional and personal information was meant to serve as a warning to anyone who worked for or with government agencies that prosecute Anonymous members, according to the group. "Let this be a warning to aspiring white hat 'hacker' sellouts and police collaborators: stay out the game or get owned and exposed. You want to keep mass arresting and brutalizing the 99%? We'll have to keep owning your boxes and torrenting your mail spools, plastering your personal information all over teh (sic) internets," it said.
Also on Friday, Anonymous released a Pastebin post detailing its claimed exploit of multiple law enforcement-related groups. For starters, it claims to have released full names and user-supplied passwords for 1,000 members of the Boston Police Patrolmen's Association, "in retaliation for the unprovoked mass arrests and brutality experienced by those at Occupy Boston."
It also claimed to have accessed the "intranet, clients, and employee wiki portals" for website development firm MatrixGroup.net, as well as about 100 of the government, military, and police websites that it hosts. In addition, Anonymous claimed to have released about 600 MB of data--"including internal documents, membership rosters, addresses, passwords, social security numbers, and other confidential data"--from the International Association of Chiefs of Police.
Sensitive customer and business data is scattered in hidden corners of your infrastructure. Find and protect it before it winds up in the wrong hands. Also in the new issue of Dark Reading: The practical side of data defense. Download the issue now. (Free registration required.)