We (Netragard) have been meaning to say Thank You to Anonymous for a long time now. With that said, Netragard does not condone the actions of Anonymous, nor the damage they have caused. What Anonymous has demonstrated, and continues to demonstrate, is just how poorly most network infrastructures are managed from a security perspective (globally, not just within the USA). People need to wake up.
If you take the time to look at most of the hacks done by Anonymous, you’ll find that their primary points of entry are really quite basic. They often involve the exploitation of simple SQL Injection vulnerabilities, poorly configured servers, or even basic Social Engineering. We’re not convinced that Anonymous is talentless; we just think that they haven’t had to use their talent because the targets are so soft.
What Anonymous has really exposed here are issues with the security industry as a whole and with the customers that are being serviced. Many of Anonymous’s victims use third party Penetration Testing vendors and nightly Vulnerability Scanning services. Many of them even use “best of breed” Intrusion Prevention Systems and “state of the art” firewalls. Despite this, […]