Anonymous’ planned oil sector strike ‘insignificant’
Another fail for cyber hacktivists as DDoS campaign yields no major scalps
Cyber activist group Anonymous appears to have been unsuccessful in its promised widespread disruptions to the oil and gas industry, dubbed #OpPetrol.
Anonymous launched #OpPetrol with a Pastebin statement in May in retaliation for the practice of oil being traded in US dollars instead of the currency of the country it originated in. The hacktivist group said around 1,000 websites, 35,000 email accounts, and more than 100,000 Facebook accounts had been compromised as part of #OpPetrol.
But while 20 June was the day the operation was expected to launch, ITP.net was unable to confirm any significant disruptions resulting from Anonymous DDoS attacks.
TechWeekEurope quoted a source that "works with high-profile sources in the energy industry" as describing the impact as "nothing, tumbleweed".
Cyber security company Trend Micro Inc last week announced it had documented "anomalous malicious activity" that indicated the hacktivist group had launched its promised attacks. The company said in an emailed statement that it found compromised systems (botnets) were "already hitting websites of intended targets, possibly as part of a distributed denial-of-service (DDoS) attack".
According to Trend, Anonymous used a backdoor trojan known as CYCBOT, which allows attackers to take control of an infected computer and either disable security-related processes, retrieve data or connect to remote command and control (C&C) servers, to receive instructions. A network of many such compromised computers can then run DDoS attacks, where a Web server is hit with multiple requests for hosted resources, effectively making all its websites unavailable.
Trend Micro researchers said they found a significant number of government websites in Kuwait, Qatar, and Saudi Arabia - sites that were in the #OpPetrol target list - had already gone offline.
At the time of writing ITP.net found the websites of RasGas, Saudi-Aramco, Kuwait Oil Co and Sabic all to be up and running.
Later on Thursday Trend Micro told TechWeekEurope there had been "a number of defacements and some disclosures, but little impact".
"Attacker participation and the overall sophistication of the attacks leading into 20 June appears to be limited," said Trend threat researcher Darin Dutcher.