Will NYSE be Attacked Oct. 10?

Experts: Anonymous Threats Likely Hype, But Cannot be Ignored

By , October 7, 2011.
Will NYSE be Attacked Oct. 10?


See Also: The Enterprise at Risk: The 2015 State of Mobility Security

ecurity experts aren't sure how seriously we should take threats allegedly made by hacktivist group Anonymous against the New York Stock Exchange. But they all agree no threat can be ignored.

Hacktivists claiming to be part of Anonymous, which over the summer attacked PBS, vowed last weekend to "erase" the New York Stock Exchange from the Internet on Oct. 10. The attack, the group claimed, was being waged in support of the Occupy Wall Street protests.

Some members of Anonymous, however, have disputed the claims made on YouTube about a denial-of-service attack. Anonymous' Twitter handle, AnonOps, posted a tweet this week saying it had no plans to hack Wall Street. But it's hard to know what to believe.

"They're not very organized," says Gartner analyst Avivah Litan. "I don't know how credible it is. We should not dismiss their threats, because they have gotten close to sensitive systems in other organizations in the past. But it's hard to know what, if anything, will happen."

Neither the NYSE nor the Secret Service could be reached for comment about this threat.

Is a Take-Down Possible?

Security experts say they're confident, given the amount of warning Anonymous has given, that the NYSE should be well prepared to ward off a cyber attack. "I have to think that the New York Stock Exchange is one of those systems that has a lot of fail-over sites," Litan says. "I don't think Anonymous can take them down."

The problem, however, is that no one really knows what type of attack the group might wage. The assumption has been an attempted DDoS attack, but the attack could come from another angle entirely.

Wendy Nather, research director of the enterprise security practice at The 451 Group, says much can be gleaned from the way Anonymous positioned its threat.

"It's interesting that they used the word 'erase,'" she says. "That sort of implies that they plan to make the stock exchange invisible on the Internet, rather than taking it down."

And making the NYSE invisible points to a specific kind of attack, one that targets the NYSE's domain name system registration. "It's kind of like taking over their phone number," she says. "If someone tried to call, they would not get through. It works the same way online. You just wouldn't be able to find the site."

Unlike a certificate attack, such as the one that hit DigiNotar, a DNS attack would likely involve some level of social engineering, tricking humans into letting it happen, Nather says.

"They might do something with the registrar that keeps the registration for the NYSE, convincing people who work for the registrar to change the registration," she says. "But there are different avenues they could pursue to change it or hijack it for a period of time. It's basically just redirecting the DNS listing."

Changing Cyberthreat Landscape

How organizations react to threats like these is tricky.

"What is interesting to me, based on the past track record of Anonymous, is that these kinds of threats induce high levels of panic," says IT security and privacy attorney David Navetta. "They don't even need to do an actual hack in order to cause an impact or send a message."

Even if the so-called hacktivists do nothing, organizations still have to prepare. That means examining all of the possible avenues of attack. "Given what the NYSE knows about the goals of Anonymous and their own network, they will probably be keeping a very close eye on their own domain name registration," Nather says. "And they probably have other steps in place to react to a denial of service attack. Those are the two immediate."

Mike Smith, an online security expert with Akamai Technologies, says the message is likely the most damaging part of the NYSE threat, given that parts of Anonymous have denied the claims.

"There is a certain amount of hyperbole that Anonymous uses to get supporters to its cause," Smith says. "The type of protestors that they are recruiting absolutely love comments like 'We'll erase this organization off the Internet.'" Organizations have to be mindful of threats, while also being careful not to overreact.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Questions Over Plane Hacking Report

Did information security expert Chris Roberts exploit vulnerabilities in airplanes' onboard...

Latest Tweets and Mentions

ARTICLE Questions Over Plane Hacking Report

Did information security expert Chris Roberts exploit vulnerabilities in airplanes' onboard...

The ISMG Network