Anonymous hacks NATO servers
In a post on Twitter, the Anonymous hacker group said that it has managed to steal a number of secret documents from one of NATO's servers. As proof, Anonymous published two PDF documents from 2007 and 2008 that are allegedly from NATO. The classification "NATO Restricted" suggests that the documents are intended only for circulation within the organisation – if they are genuine. The hacktivists say they copied a gigabyte of data in total, but added that it would be "irresponsible" to publish most of the material.
Another published document is from 2002 and is entitled "Security within the North Atlantic Treaty Organisation (NATO)"; it is apparently not classified. "Seems nobody ever read them," said Anonymous in its tweet. A simple SQL injection was apparently all it took to break into the server. Anonymous says that it will be putting more "interesting data" online over the next few days.
NATO has yet to confirm the authenticity of the documents; however its security experts immediately began looking into the case, as a NATO spokesperson told the German press agency dpa. "The publication of classified documents is condemnable as it potentially compromises the safety of NATO allies, our armed forces, and citizens," said the spokesperson.
Meanwhile, the hacktivists have reacted to the arrest of 21 suspected members of Anonymous in the US, the UK and the Netherlands. Along with their allies at LulzSec, they published a reply to a statement made by Steven Chabinsky, deputy assistant director of the FBI's Cyber Division. The two hacker groups write that "while we understand that you and your colleagues may find breaking into websites unacceptable, let us tell you what WE find unacceptable: Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece." The hacktivists say these governments and the corporations that work with them are their enemy, adding: "And we will continue to fight them, with all methods we have at our disposal."
Most of the suspects arrested on Tuesday are accused of having supported the Wikileaks whistle-blowing platform by conducting denial-of-service (DoS) attacks on financial institutions including PayPal, MasterCard, and Visa.