While Lulz Sec’s dissolution is still making news, cyber-attack group Anonymous has reportedly posted anti-cyber terrorism training documents related to United States (U.S) government online. According to ABC, the file appears to come from Federal Emergency Management Agency (FEMA), and relates to the Cyber Terrorism Defense Initiative Training program. The leaked documents contain various attack tools, anti-attack tools, Federal Bureau of Investigation (FBI) bureau addresses, letters requesting user information from Internet Service Providers (ISPs), security and attack resources. Other perpetrators of crime could misuse the disclosed information for launching more sophisticated attacks. The group has also reportedly claimed access to 40 terabytes of internal information regarding an undisclosed company. The group’s following base seems to have increased after the Lulz Sec’s exit, which urged continuance of the ‘Anti Sec’ campaign. Some reports suggest that Lulz Sec members have joined Anonymous. As such, it is apparent that cyber-attacks will continue to haunt government and corporate bodies. Rival cyber-attack groups allegedly threatened to exposed details of Lulz Sec, which attracted lot of attention through attacks on high profile targets. The arrest of a teenager alleged to be an associate of Lulz Sec in United Kingdom (U.K) did not help either.
While Anonymous had been in existence for some years, the group again came into prominence with distributed denial-of-service (DDoS) attacks on MasterCard, Visa and PayPal for their refusal to process payments of WikiLeaks last year. The group went on to attack security firm HBGary Federal, and targeted Egyptian, Tunisian, Zimbabwean government websites. Recently, the group targeted Turkish government websites, just days before scheduled elections in the country, in protest against planned introduction of Internet filter. The group also initiated attacks on over 90 Malaysian government and corporate websites. Anonymous launched DDoS attacks on Spanish Police Website in response to arrest of three members for alleged association with the group.
Regular security audit is crucial to determine the security lapses in the IT infrastructure. Professionals holding masters of security science, penetration testing and security certifications may enable timely mitigation of security threats and strengthening the IT apparatus.
Government departments and organizations face the threat of attacks from cyber-attackers, terrorist organizations, and rival intelligence agencies. Lack of employee awareness on security issues makes them more vulnerable to social engineering attacks. Workshops, mandatory training programs, online degree and learning programs may create cyber security awareness among employees. Government departments must also address the training needs of the IT professionals by encouraging them to undertake IT security certifications. Distance learning and online university degree programs may also bridge the gap between the required and existing technical skills and know-how.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.