ERT ALERT: Cyber-attack Against U.S. Based Websites on May 7th – 4 Attack Methods to Expect


AnonGhost – A hacking group affiliated with Anonymous announced a new cyber-attack campaign against US websites named #OPUSA. The attack is scheduled for May 7th, 2013.

This attack campaign follows a recent and similar attack campaign organized by AnonGhost that took place exactly one month earlier – on Apr 7th, 2013 and was launched against Israeli web sites (aka OPISRAEL).

Similar to the Israeli web site attacks, numerous Anonymous and several other cyber hacking groups have announced their participation in the upcoming attack campaign. The most noteworthy, although not yet confirmed, is the Izz ad-Din al-Qassam cyber fighters which are believed to be responsible for the recent attacks on American banks and financial institutions.

Several U.S. based web sites have already been defaced. The content injected into the hacked sites is used to promote the upcoming attack campaign.

ert-alert-may7

What to expect?

At this time, no public announcements have been made regarding specific attack methods or attack tools that would be used during #OPUSA. However, we assume similar attack patterns deployed during #OPSISRAEL may be used again in this upcoming cyber attack due to the close relationship of both attack campaigns.

These methods include:

  • Using common vulnerabilities to perform web site defacement and private information leakage from backend data sources.
  • Bandwidth saturation attacks using common Distributed Denial-Of-Service attack tools such as Mobile LOIC, LOIC and HOIC.
  • Consumption of web server resources using “Low and Slow” attack tools such as Slowloris, Pyloris, R.U.D.Y – note that these attacks were shown to be using HTTPS as well as HTTP protocols.
  • If groups similar to Izz ad-Din al-Qassam cyber fighters join the attack campaign, we may also expect distributed attacks originating from dedicated attacking servers. These attacks could cause huge traffic peaks and will be harvesting the power of server based botnets such as Brobot (aka Itsoknoproblembro).

Radware’s ERT will continue to monitor information around the May 7th #OpUSA attack and will provide updates as frequently as possible in order to keep you informed and prepared.

Yaniv Balmas

Yaniv Balmas is a Security Researcher at Radware with over 8 years of experience in the cyber security field. In his current role, Mr. Balmas is responsible for analyzing cyber-attack tools and techniques, as well as searching for more effective methods to help protect against them.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center