Anonymous takes credit for hack that exposes 2.4 million Syrian e-mails

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://arstechnica.com/security/2012/07/anonymous-takes-credit-for-syrian-emails-hack/

By Dan Goodin
Ars Technica
July 9, 2012

Members of the Anonymous hacking collective are taking credit for the 
theft of more than 2.4 million e-mails from Syrian governmental officials 
and contractors that were later published by WikiLeaks.

The whistle-blower website announced the massive document dump on 
Thursday. The cache includes communications from 680 Syria-related 
entities or domain names, including the Ministries of Presidential 
Affairs, Foreign Affairs, Finance, Information, Transport, and Culture, 
WikiLeaks officials said. In all, the leak includes 2.4 million e-mails 
sent from 678,752 different addresses to more than 1 million recipients. 
It comes amid a government crackdown on dissidents that has killed as many 
as 15,000 Syrians in the past 18 months, according to some estimates.

"The material is embarrassing to Syria, but it is also embarrassing to 
Syria's opponents," WikiLeaks founder Julian Assange said in Thursday's 
press release. "It helps us not merely to criticise one group or another, 
but to understand their interests, actions and thoughts. It is only 
through understanding this conflict that we can hope to resolve it."

According to a separate communication released over the weekend, people 
affiliated with Anonymous pulled off the "massive breach of multiple 
domains and dozens of servers inside Syria" that made the WikiLeaks dump 
possible. The hack took place on February 5 and was so involved that teams 
worked in shifts around the clock for weeks to pull it off. The 
downloading of such a large data set required several additional weeks. 
The announcement provided no evidence to prove the claims were real.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.