IOTW: Hactivist Group Anonymous Leaks Police Department Intel

June 26, 2020

After a decade of relative inactivity, self-described hactivist group Anonymous takes credit for a 269-gigabyte data dump of police department, fusion center, and law enforcement files. Dubbed BlueLeaks, the information collected comes from over 200 state, local, and federal agencies. It contains internal memos, reports, bulletins, guides, emails with attachments, and financial records.

National Fusion Center Association Verifies Hack

Fusion centers were created after 9/11 as a hub for threat and intelligence sharing across state, local, and territorial law enforcement entities. The National Fusion Center Association (NFCA) confirmed the validity and source the BlueLeaks breach. Part of their statement obtained by Krebs on Security reads, “Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centers, law enforcement, and other government agencies across the United States, was the source of the compromise.

“Additionally, the data dump contains emails and associated attachments. Our initial analysis revealed that some of these files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), and other financial data as well as personally identifiable information (PII) and images of suspects listed in Requests for Information (RFIs) and other law enforcement and government agency reports.

See Related: Address The New Threat Vectors On Your New Landscape

‘Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.” Netsential has yet to issue a public statement.

The Scope and Significance of the June 19th Data Dump

The death of George Floyd, a 46-year-old black man who was arrested, kneeled on, and consequentially killed by police on May 25th has reenergized the Black Lives Matter movement and protests against police brutality. Juneteenth, the day the BlueLeaks breach went public, is celebrated as the day of emancipation for the last remaining enslaved African American population.

The leak-focused activist group Distributed Denial of Secrets [DDoSecrets] published the million-plus documents on their website which is accessible to the public. The presumed intention of the breach is to enable the close examination of police intentions and narratives around BLM protests by activists and hacktivists. For example, the leaks reveal that the FBI monitored protesters’ social media accounts and tipped law enforcement off to posters of anti-police sentiments. Still, DDoSecrets admits that the leak is unlikely expose illegal activity amongst law enforcement.

The Immediate Risks Of The Leak

Despite DDoSecrets’ insistence that they screened and scrubbed the data for sensitive information about victims, children, and other information unrelated to the cause, BlueLeaks has the potential to do more than just embarrass and expose.

See Related: Address The New Threat Vectors On Your New Landscape

Krebs on Security also spoke to attorney Stewart Baker with Steptoe & Johnson LLP and former U.S. Department of Homeland Security assistant secretary of policy. Steward worries about the unintended consequences of the breach, saying, “With this volume of material, there are bound to be compromises of sensitive operations and maybe even human sources or undercover police, so I fear it will put lives at risk. Every organized crime operation in the country will likely have searched for their own names before law enforcement knows what’s in the files, so the damage could be done quickly. I’d also be surprised if the files produce much scandal or evidence of police misconduct. That’s not the kind of work the fusion centers do.”

People who were charged with crimes but later acquitted in a court of law could be ruined financially, reputationally, or even in danger physically. Further, it is likely that the 50 gigabytes of scrubbed data left traces and digital footprints that endangers other innocent lives.

Read More: Incident Of The Week

Read the original article and additional information at Cyber Security Hub