Hackers based in the Middle East and North Africa are preparing
cyberattacks this week against the websites of high-profile U.S. government
agencies, banks and other companies, according to the Department of Homeland
Security.
The attacks, dubbed #OpUSA, for Operation USA, will begin Tuesday, the
department said in a warning bulletin circulated to the private sector last
week. The bulletin was first obtained and posted online by blogger and
cybercrime specialist Brian Krebs.
The attacks are called for in the name of Anonymous, the leaderless coalition of
hackers whose trademark Guy Fawkes mask has become a global symbol for their
anarchist spirit.
"OpUSA poses a limited threat of temporarily disrupting U.S. websites," the
Homeland Security bulletin states, saying the attackers will likely use
commercial hacking tools in a variety of "nuisance-level" strikes, defacing
websites or temporarily knocking them offline.
"Some of the participants possess only rudimentary hacking skills," the authors
add.
More worrying though, the attacks seems to presage a developing alliance between
criminal hackers and violent Islamic extremists.
The bulletin notes that the attacks are being promoted by the moderators of
websites and discussion forums that host al Qaeda and other Islamist material,
in addition to calls through more conventional hacker channels like the bulletin
board Pastebin.
This collaboration may "signal an emerging trend of Middle East- and North
Africa-based criminally motivated hackers collaborating with others regardless
of their motivation," like Islamic extremists, states the bulletin.
"Middle East- and North-Africa-based criminal hackers will continue issuing
public statements to announce cyber attack plans against high-profile targets,"
the bulletin predicts.
Homeland Security will monitor these statements for signs of an emerging
alliance between Anonymous and jihadists, the bulletin goes on. Future public
statements "may provide insight into whether these [hacker] groups are
radicalizing toward violence and whether they would potentially partner with or
conduct attacks on behalf of violent extremists."
If #OpUSA generates media coverage, its planners might attract other, more
skilled hackers, to their ranks, making future attacks more dangerous.
"Perceived success might lead other individuals -- including those with advanced
technical skills -- to undertake similar efforts and attempt more threatening
cyber attacks targeting U.S. government and commercial websites," it warns.
Since September 2012, U.S. banks have faced a wave of coordinated cyberattacks
from Islamic hacktivist groups believed by many observers to be linked to the
Iranian regime. To date, 46 U.S. financial institutions have been targeted in
more than 200 separate attacks, according to an FBI bulletin last month.
