After a series of high-profile attacks on targets potentially worth attacking — ISIS, the KKK, and Donald Trump — Anonymous, the online hacking collective, reaffirmed its commitment to chaos this weekend when it broke into the database of the European Space Agency and released names, emails, and passwords of officials online. There’s no particular reason to think the hack put anyone at risk, but it represents an inconvenience for an agency that has better things to do than field calls from hacker aspirants (think: TK).
What could have possessed them to go after a target so seemingly undeserving compared to their other recent marks? According to HackRead, a ‘representative’ of Anonymous declared:
BECAUSE XMAS IS COMING AND WE HAD TO DO SOMETHING FOR FUN SO WE DID IT FOR THE LULZ.
In other words, the group hacked into the international space association that is currently preparing to send the first Briton ever to the ISS for a variety of shits and giggles. In a sense, the hack still represents a sort of punishment: The group apparently took no time breaking into the agency’s poorly protected database. Using a blind SQL vulnerability on the group’s website, the hackers were able to get access to just about everything. One imagines they could have done worse than release some contacts.
The simplicity of the attack certainly exposed the weakness of the ESA’s cyber security, but it’s also very easy to alert an organization to a possible vulnerability without leaking all their stuff online. Given how easy it was for Anonymous to break into the ESA, it seems likely that it wasn’t so much a coordinated effort but just a couple of their members who pretty much try to hack anything they can.
At this point, it seems that all international organizations, or at least any group that will earn Anonymous publicity, are fair game. Hackers associated with Anonymous recently leaked the emails of officials negotiating at the United Nations Climate Conference (Cop21), after 208 peaceful protesters were arrested.
Here’s the problem: Anonymous promised to take down ISIS just a few weeks ago but after taking down a handful of affiliated social media accounts and ordering pizza to a few members, they’re back beating up government agencies with lousy IT departments. Again, hacking ESA doesn’t represent a crime of any particular magnitude — and may well have been a favor to the agency — but it also doesn’t seem to show an organization with anything resembling accountability or priorities. Sharpening one’s skills on a space agency is one thing if those skills then become the point of the spear in a battle against evil and another if not.
So far, the world has only seen not.