ANONYMOUS, a group of “hacktivist” computer-attackers, has already speared some big fish: credit-card companies, the church of Scientology and Monsanto, a biotechnology firm. Its latest victim is Booz Allen Hamilton, a big consulting firm that advises America’s government on cybersecurity. The group opposes Booz Allen’s work for the government in the fight against terrorism. This included an alleged plan to fill social-networking sites with “sock puppets”—fake commenters who would spread disinformation. The hackers responded by stealing from Booz Allen what they say are 90,000 military e-mail addresses and passwords.
Booz Allen does not seem to have done its homework—which is embarrassing for a security contractor working with classified materials. Critics say that it did not protect its servers sufficiently and used algorithms to encrypt data that can be easily cracked. The firm is also said to have left its databases open to “SQL injection”, a means of inserting malicious code. Anonymous says that the server it targeted “basically had no security measures in place”.
Excerpt, Cybersecurity, Hacked off, Economist, July 16, 2011, at 69