Anonymous Leaks Law Enforcement Forensic Secrets - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

Anonymous Leaks Law Enforcement Forensic Secrets

Hacktivist group claims release of 38,000 emails related to the Feds' cybercrime investigations, in retaliation for stiff sentences for Anonymous members.

Members of the hacktivist collective Anonymous Friday released two swaths of data related to government groups, current and former law enforcement agency employees, as well as details of forensics methodologies used in prosecuting computer crimes.

Anonymous said the data release was in retaliation for the harsh penalties being meted out to members of its group for activities that it characterized not as crimes, but rather "electronic civil disobedience."

"As part of our ongoing effort to expose and humiliate our white hat enemies, we targeted a Special Agent Supervisor of the CA Department of Justice in charge of computer crime investigations," according to an Anonymous statement released via Pastebin. "We are leaking over 38,000 private emails which contain detailed computer forensics techniques, investigation protocols, as well as highly embarrassing personal information." The stolen data was released via Tor and BitTorrent.

[ A former Anonymous hacker offers security tips. See 14 Enterprise Security Tips From Anonymous Hacker. ]

Based on a resume that's included in the trove of documents, Anonymous stole the data from Alfredo Baclagan, a former California highway patrol officer who retired in 2010 from his position as special agent supervisor for the California Department of Justice, where he was responsible for overseeing the agency's computer crime investigations.

Anonymous said the released data includes six years' worth of emails from an International Association of Computer Investigative Specialists (IACIS) email list of which Baclagan was a member, "which detail the methods and tactics cybercrime units use to gather electronic evidence, conduct investigations, and make arrests."

"The information in these emails will prove essential to those who want to protect themselves from the techniques and procedures cybercrime investigators use to build cases," according to Anonymous, which said that the emails contain details relating to how EnCase Forensic software gets used, recent attempts to crack TrueCrypt drives, as well as tips for preparing search warrants and subpoenas.

Anonymous said it also released the entire subscriber list for the IACIS email group, "causing the administrators to panic and shut their list and websites down." IACIS didn't immediately respond to a request for comment asking it to confirm whether its email or membership list had been breached by Anonymous.

The release of Baclagan's professional and personal information was meant to serve as a warning to anyone who worked for or with government agencies that prosecute Anonymous members, according to the group. "Let this be a warning to aspiring white hat 'hacker' sellouts and police collaborators: stay out the game or get owned and exposed. You want to keep mass arresting and brutalizing the 99%? We'll have to keep owning your boxes and torrenting your mail spools, plastering your personal information all over teh (sic) internets," it said.

Also on Friday, Anonymous released a Pastebin post detailing its claimed exploit of multiple law enforcement-related groups. For starters, it claims to have released full names and user-supplied passwords for 1,000 members of the Boston Police Patrolmen's Association, "in retaliation for the unprovoked mass arrests and brutality experienced by those at Occupy Boston."

It also claimed to have accessed the "intranet, clients, and employee wiki portals" for website development firm MatrixGroup.net, as well as about 100 of the government, military, and police websites that it hosts. In addition, Anonymous claimed to have released about 600 MB of data--"including internal documents, membership rosters, addresses, passwords, social security numbers, and other confidential data"--from the International Association of Chiefs of Police.

Sensitive customer and business data is scattered in hidden corners of your infrastructure. Find and protect it before it winds up in the wrong hands. Also in the new issue of Dark Reading: The practical side of data defense. Download the issue now. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
News
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Commentary
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Technology commentator and President of Transworld Data,  4/13/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll