[Scan-DC] message from the folks in IT
Bruce Harper
brucebharper at gmail.com
Wed May 8 10:41:21 EDT 2013
On Wed, May 8, 2013 at 10:15 AM, Blair wrote:
Has the government ever lied to you?
>
No, never, I have full faith in our elected and appointed officials (but
only as far as I can throw Gov. Christy).
However, this was sent out via various channels by government officials in
Richmond -- it may be coincidence, it may be unrelated, it may be hooey,
but here it is for what it's worth.
Bruce in Blacksburg (small disclaimer -- I am a ward of the state, employed
at one of those liberal places of higher education)
*From:* Commonwealth Security
*Sent:* Monday, May 06, 2013 12:47 PM
*To:* Commonwealth Security
*Subject:* Situational Awareness - May 7th , OpUSA
Good Morning,
Commonwealth Security and Risk Management has been monitoring a threat made
by a group of cyber extremists regarding a scheduled cyber attack against
United States government and financial targets. The cyber extremists have
designated the effort OpUSA and indicate they plan on using denial of
service tools to disrupt government and financial institution business.
Overall capability of the participating actors will likely be low, however,
"low hanging fruit" and vulnerable websites are likely targets and are at
higher risk for impact.
Federal, state, and local government and law enforcement agencies, as well
as local and regional banks, are expected to be the targets of the attack.
Targets will likely include associated high profile organizations that can
provide the same media "win" for the hackers. The OpUSA actors are expected
to utilize common hacker techniques seen in other cyber attack campaigns,
including SQL injections (SQLi), cross-site scripting attacks (XSS), and
Distributed Denial of Service attacks (DDoS).
Commonwealth Security is currently monitoring systems for signs of these
attacks. Control mechanisms have been put in place that should mitigate
the effects of additional DDOS attacks. If additional disruptions occur
due to an increase in denial of service attacks we will update the advisory
as soon as information is available. If your entity notices any suspicious
cyber activity, please report it to Commonwealth Security.
References:
http://krebsonsecurity.com/2013/05/dhs-opusa-may-be-more-bark-than-bite/
http://www.bankinfosecurity.com/opusa-threatens-banks-government-a-5726
More information about the Scan-DC
mailing list