Threat Watch

Anonymous Begins Targeting Minnesota Government Websites

Anonymous: Over the weekend members of the hacktivist collective Anonymous claimed responsibility for an attack against the website of the Minneapolis Police Department (MPD).  The site went down on Saturday and continued to experience issues on Sunday. In order to mitigate the attack, users of the website had to complete a captcha to access the site. According to a video posted by members of Anonymous the group intends to “expose the many crimes” of the MPD. Minnesota state government computers came under attack over the weekend as well but according to a statement from state officials, the attacks were stopped before any damage could be done. There are some claims circulating that the MPD website attack successfully stole hundreds of usernames and passwords to police user accounts, but the list of “leaked” usernames and passwords contains almost entirely accounts that were included in several other prior publicly-exposed data breaches.

ANALYST NOTES

These attacks are anything but surprising given the current sentiment towards government officials, Minneapolis, and the state of Minnesota following the death of George Floyd. Anonymous took similar actions following the shooting of Michael Brown in Ferguson, Missouri. There have been a number of people on social media who have been misrepresenting this attack by claiming that Anonymous has been silent for three years and that this is possibly the start of something larger. The account which originally posted the video threatening MPD had not posted for three years but many members of Anonymous have been active around the world over the past three years. Major events like this have a tendency to increase the activity from the hacktivist collective. It is likely that over the coming weeks, continued attempts at attacking government agencies, especially those involved with law enforcement, will be seen from the group and its supporters. The majority of the attacks are likely to be Distributed Denial of Service attacks (DDoS), while other attacks may result in website defacements. It is also not uncommon for government officials and members of law enforcement to be doxed, have their information published online, or for local and state government databases to be breached and dumped publicly online. More information on the attacks on MPD can be found at: https://www.forbes.com/sites/zakdoffman/2020/05/31/anonymous-hackers-threaten-to-expose-the-many-crimes-of-minneapolis-police/#394d85753069
More details of the targeting of Minnesota state agencies can be found at: https://www.twincities.com/2020/05/31/george-floyd-theyre-attacking-minnesotas-state-computers-too/
Insight about the relevancy of the leaked usernames and passwords can be found here: https://www.troyhunt.com/analysing-the-alleged-minneapolis-police-department-hack/