Cyber-intruders Target Arizona Department Of Public Safety, Gains Access To Classified Documents

By Author: eccuni
Total Articles: 211
Comment this article

Recently, cyber-attack group Lulz Sec released sensitive documents associated with Arizona Department of Public Safety. Experts are investigating the security breach incident and have disabled external access to mitigate vulnerabilities. The latest disclosure comes amidst arrests of a teenager for alleged association with Lulz Sec, and threats by a rival attack group to expose details of Lulz Sec members. Earlier, Lulz Sec had announced joint action with Anonymous group to target government websites and disclose confidential documents and information pertaining to government and military personnel. In the latest attack, the Lulz Sec has disclosed hundreds of documents such as private intelligence bulletins and training manuals. The cyber-attack group also disclosed names, passwords, contact numbers, addresses and personal e-mail messages related to Arizona law enforcement officials. The attack group reportedly targeted Arizona Department of Public Safety to protest against the enhanced powers to counter crime agencies to target illegal migrants under SB1070. Several other states in the United States (U.S) are also considering ...
... adopting the law, which is currently under review by the Supreme Court.

The group has reportedly placed the classified law enforcement documents on underground crime forums. Among other things, the documents allegedly contain information related to counter crime operations, and use of informants to infiltrate crime groups. Such data may reveal strategies of law enforcement and help anti-social elements to devise strategies to perpetrate crime and evade detection. The cyber-attack group publishes the collected information online, providing opportunity for other cybercriminals and attack groups to exploit data and perpetrate different types of fraud such as unauthorized access, propagating spam, stealing funds, illegal funds transfer and identity theft.

The attack group has been responsible for a wave of attacks on government, media, business and gaming sites over the last two months. The website of the U.S Senate, and Central Intelligence Agency (CIA) also suffered cyber-attacks perpetrated by Lulz Sec. More recently, the attack group targeted websites of Brazilian government, presidency, taxation authority and an oil company. Frequent attacks on government and private corporations, and disclosure of personal information may impact the confidence of Internet users. Timely evaluation of security threats, detection and remediation of security flaws is crucial to secure the IT infrastructure from security breaches, and disclosure of sensitive information. Professionals qualified in masters of security science may help organizations in improving IT security practices and fostering security conscious culture.

Attackers may misuse e-mail addresses for initiating sophisticated and target-based spear-phishing attacks to extract more sensitive government data. They may also use vishing to extract sensitive personal or business information over phone by impersonating as a client, peer or legitimate company. Some employees of the department are reportedly receiving phone calls from unknown sources after the data breach incident. Mandatory training programs, incentivizing cyber security practices may help in improving security awareness among government staff. Government employees may also benefit from online degree courses. The spate of threats makes it necessary for security professionals to improve their capabilities through online university degree courses, and security certifications.