A federal agency warned in January of Internet attacks by a radical group that eventually exposed confidential data on Akron’s computer system.
Another warning came May 6, but Richard Schmahl, Akron’s chief information officer, said he was not aware of it.
The United States Computer Emergency Readiness Team (US-CERT) issued an alert Jan. 29 that it had “received information from multiple sources about confidential distributed denial-of-service attacks with targets that included U.S. government agency and entertainment websites.” The alert said the threat came from the coalition called Anonymous that includes Operation USA (OpUSA) and the Turkish Ajan that took credit for the May 16 attack on Akron.
The attack on the city included taking files with names, addresses and Social Security numbers of Akron taxpayers and posting that information on a public Internet site.
The group also attacked the Akron-Canton Airport system Saturday but was able only to expose names and email addresses, considered less of a threat than the attack on city computers.
The second threat received even wider publicity May 6 when Huffington Post and ABC news reported OpUSA planned to attack the next day.
ABC quoted an unclassified Homeland Security memo that “the attacks will likely result in limited disruptions mostly consistent of nuisance-level attacks against publicly accessible web pages and possibly data exploitation.”
Tyler Hudak of Akron, senior security consultant for KoreLogic Security, said he believes those attacks were “mostly just to embarrass the U.S. government. The Operation USA is just to attack U.S. government websites and try to break in and release files in order to embarrass the government and get whatever message they have across.”
The May 7 attacks got little publicity, which might have represented a failure for the groups.
“It depends on who you ask, but I think most security professionals, yeah, they do consider them a failure,” Hudak said.
He said the attacks continued.
“They just had a whole bunch of websites that they wanted to hit, and Akron was just one of the ones they got into,” he said.
Hudak said attacks of this kind are everyday occurrences. He said alerts also are common, and operators of systems like the city’s constantly are required to patch vulnerabilities.
He said every time a new “application” is added, a new problem can arise.
Most operations need to be tested by outside operations to see if a system can be exploited at a cost of “a couple thousand dollars.”
“It’s hard to say because, obviously, I don’t have knowledge of what [Akron’s] security is, but in my opinion, they had holes in their software that they did not know about or had not gone and patched yet,” Hudak said.
The city’s attackers left a political message on the site, and Hudak said their behavior indicates their goal was publicity, not financial gain.
“If they were going to use that information for identity theft or anything like that, they probably wouldn’t be sharing it, or if they did they would be sharing it in private forums,” he said. “The fact that they put it in an open place and linked to it, in my opinion, it is more for political embarrassment of the people they hacked into.”
But he said the information could be valuable to anyone who downloaded it from the public site before the city had it blocked.
Schmahl agreed the threat remains.
“The scary part about it is that even though they posted that information saying, ‘Look what we got,’ we don’t know how many times during the 22 hours it was out there” that someone might have viewed the information, Schmahl said. “We don’t know how many times it was downloaded.”
The city has informed people whose information was compromised of how to take financial precautions to prevent identity theft.
A spokeswoman for the FBI declined to talk about OpUSA, the Turkish Ajan or the investigation it is conducting of the attacks on Akron and the airport.
Schmahl remains uncertain if anyone has become a victim of identity theft.
“We had a couple who said they had some attempted charges on their accounts, but I don’t think it was a result of this because, again, the credit cards were not complete information,” he said. “I think if anybody became a victim of this hack, it would be because somebody opened a line of credit.”
He also said the attack appears to be for publicity, not theft.
On Wednesday, city of Akron officials met with the FBI. Through a news release, the city said “the extent of recent cyber-attacks were more expansive than imagined.” The city said that Sony, Pepsi, Twitter, the U.S. Defense Department, and the cities of Lansing, Mich., and Mobile, Ala., were among entities whose sites recently were hacked.
“The FBI assured us that they have agents working nationwide to identify the person(s) responsible for this crime on our citizens, and citizens throughout the country over multiple hacked sites,” Plusquellic said.
Dave Scott can be reached at 330-996-3577 or email@example.com. Follow Scott on Twitter at Davescottofakro.