We have all seen the headlines in the Jersey Evening Post with regard to Anonymous; in fact the postings can be found here http://anonnews.org/forum/post/28120 and http://anonnews.org/forum/post/31561.
So what is the real threat?
If you look at the end of the first post someone posts the phrase ‘NYPA moralfaq’ , NVPA mean ’ not your personal army’ which you seem to indicate that the person posting that comments is unwilling to sympathise with the previous posts. This does not guarantee that Channel Island businesses would not be targeted.
So what happens if Anonymous target Jersey?
Anonymous are known to use a distributed denial of service or ddos tool called LOIC which standards for Low Orbit Ion Cannon. A ddos attack is where publicly facing websites receives a massive volume of connections from thousands of computers around the world knocking it off the internet.
Anonymous are also known to deface websites as part of their activities, recent defacement’s have included Anglo American.
Additionally, Anonymous are also known to use sites such as Pastebin to put up sensitive company information as proof that the targets were hacked, here is an current example of Anonymous hacking at http://pastebin.com/Mbc0r8rD
How would they get the information about local businesses?
Simply do Google search followed by a domain name system lookup to get the ip addresses of the businesses they wish to target and then compile them into a list.
Has anything similar occurred?
In #OpsIsrael, Anonymous targeted the Israeli Cyberspace with estimates of the scale of the compromised websites varying from 650 to 3000 websites in a 48 hour period. These websites belonged to all areas of business not just government affiliated sites with hackers around the world working in collaboration.
What can businesses do to protect themselves?
Ensure that your internet infrastructure is security tested from an offensive and defensive point of view and is security patched. Additionally, consider utilising ddos protection service such as CloudFlare.