With the spread of viruses, malware, data loss and hacking, every corporation should be heavily investing in their data security strategy. Bank of America is seemingly learning this lesson the hard way, as CNET reported that hacktivist collective Anonymous claims to have leaked sensitive information on company executives and said they want to expose the company's efforts to collect information and spy on citizens.
The subset of Anonymous that is carrying out this hactivism effort is Par:AnoIA, otherwise known as the Anonymous Intelligence Agency. The group claims to have released 14 gigabytes of data on hundreds of thousands of business executives from across the world, claiming that the records were procured from an unsecured server in Israel.
"The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs," Par:AnoIA said in a formal press release. "Looking at the data it becomes clear that Bank of America, TEKSystems, and others (see origins of reports) gathered information on Anonymous and other activists' movement on various social-media platforms and public Internet Relay Chat (IRC) channels."
With that said, it seems as though the financial institution has become an unfortunate case study on the hunter becoming the hunted. After catching wind of Bank of America's proactive surveillance plot, Par:AnoIA decided it was time to turn the tables. According to the group's statement, the data they found revealed that the bank's research methods were "sloppy, random and valueless," saying that a keyword list was used to match items of interest on social media websites like IRC and Twitter. There were over 10,000 entries, but just over 1,000 were genuine, the group claims.
Companies must step up security, as hacktivism seems to be on the rise. CNET said this data grab has come just three weeks after the U.S. Federal Reserve revealed one of his internal sites had been hacked. More than 4,000 U.S. bank executive accounts had their private information and login details published. According to CNET, Bank of America has had Anonymous' attention since it announced it would no longer process payments for the ever-controversial WikiLeaks.
InformationWeek said Anonymous is not the only group out there hacking companies and agencies in the financial sector, as one group named the Al Qassam Cyber Fighters are promising to resume attacks against financial institutions in the United States unless a video they've deemed religiously insensitive is eradicated from online platforms.
"On this basis and to warn and to show our seriousness for this, an attack string was carried out against some U.S. banks on Monday February 25, 2013 such as Bank of America, PNC, CapitalOne, Zions bank, 5/3, Unionbank, Comerica, Citizenbank, Peoples, UFCU, Patelco, and others," the group said in a YouTube video, promising to start more attacks on March 5 if their demands were not met, a scary thought for banks and financial institutions with weak data security.
Data Security News from SimplySecurity.com by Trend Micro