This evening I was putting together my slide deck for an upcoming presentation at the next IISF meeting on my information security predictions for 2012. One of the topics I am going to discuss is the rise of hacktivism and the impact that can have on an organisation. Ironically, as I was writing my slides Anonymous announced operation OpIreland in which they are targeting Irish government websites. OpIreland is in protest against a law the Irish government is planning to introduce to allow copyright holders get access to websites blocked that they claim are hosting pirated material.
According to The Journal.ie, the websites of the Department of Justice and Finance have been impacted by the attack. From watching various updates on Twitter other government websites seem to be also impacted, but as yet it is not clear whether or not this is a direct result of the OpIreland attack or if these sites share or are hosted on the same infrastructure as the targeted sites.
It also appears the the mobile phone numbers and email addresses of all the TDs have been published, information that was publicly available in the first place anyway.
While these attacks appear to have happened at an unusual time, midnight on a Tuesday night, and have had minimal impact on the general population, they could simply be a “warning shot” from Anonymous highlighting the campaign has started. Over the coming days we may see these attacks intensify, especially as more people are recruited into the operation. Typically these attacks will eventually fade away as those taking part in the attack lose interest and move onto other items.
Many will see this as a way to draw government’s attention to the concerns many have with the proposed new law. However, I believe that this action will simply divert the attention of the media and elected officials away from the core issue at heart and focus instead on Ireland been subjected to these attacks. TJ McIntyre argues this case more eloquently that I can on his blog post Anonymous attacks on Ireland will hurt, not help the case against blocking.
If you want to register your protest against the proposed changes in the law then you should consider taking what I believe to be the more constructive and democratic option of signing the StopSOPAIreland petition rather than taking part in the OpIreland attacks.
If you are a system adminsitrator based in Ireland and responsible for managing your organisation’s websites and systems, then you should do a risk profile of your organisation to determine will it be a potential target of OpIreland. If so then you should take some proactive measures to ensure the security of your systems;
- Ensure your systems are fully patched, this includes your firewalls, your operating systems, web server software and the web application software on your site.
- Review all your firewall rules and ensure they are up to date and correct.
- Ensure your log files are turned on, that they are recording key events and that you are actively monitoring them for suspicious activity
- Look at deploying DDOS mitigation tools
- Ensure all your passwords are secure passwords and are not re-used across multiple systems.
- If you have Intrusion Detection Systems (IDS) in place, ensure they are configured and working properly and are being monitored.
- Have your incident response plan close by in the event that you are impacted.