Turkish police have arrested 32 people that they believe played a role in taking down government websites on Thursday.
A loosely affiliated group of hackers known as Anonymous attacked the websites in response to Internet filters that Turkey plans to implement in August, The Wall Street Journal reports. Government officials say the mandatory filters are intended to protect web users, but many consider the filters to be a censorship effort.
Websites claiming to represent Anonymous, which is known for launching coordinated cyberattacks on corporate and government websites, announced plans to “fight” the Turkish government in response to the filters.
The 32 arrests were made on Sunday, the day of Turkey’s national elections, in 12 different cities. Eight of the people arrested were minors and one was a lawyer, according to Turkish news outlet Anadolu Ajansi.
Turkey isn’t the only country cracking down on hackers.
On June 10, police in Spain arrested three people described as members of Anonymous after they found evidence suggesting that the suspects were involved in attacks on numerous government websites, as well as the cyberattack that shut down Sony’s PlayStation Network for more than a month.
Basketball match between Apoel and Karşıyaka ends in violence. DHA photo
NICOSIA – Agence France-Presse
Turkish computer hackers targeted around 20 Greek Cyprus websites over the weekend, apparently in retaliation for an attack on a Turkish basketball team by Greek Cypriot fans, a police spokesman said Monday.
“Acting on information from the office for combating cyber-crime, it was observed that around 20 company websites hosted within the Cyprus Republic [Greek Cyprus] were illegally accessed by Turkish hackers,” said Michalis Katsounotos.
On some website homepages, the hackers inserted the emblem of basketball team Pınar Karşıyaka, the crescent moon of the Turkish flag, or the words “No Terrorism in Sport.“ A FIBA basketball cup match on Dec. 21 between hosts Apoel Nicosia and Turkey’s Pınar Karşıyaka ended in violence as 500 local rock-throwing fans clashed with police preventing them from confronting the Karsiyaka players.
Tear gas was used to disperse the crowd, while police cars ferrying reinforcements to the sports stadium were pelted with stones. Five officers received hospital treatment for minor cuts and wounds and three 15-year-old youths have been charged with assault, affray and illegal possession of dangerous weapons. Investigators are trying to identify more suspects from CCTV footage taken from the scene.
Katsounotos said no Karşıyaka team members were hurt, but a large police escort was used to shepherd the Turkish team back to their hotel and later to the divided island’s Larnaca international airport.
Turkey’s ambassador to Turkish Cyprus, Kaya Türkmen, lodged a protest with United Nations peacekeepers on the island and President Demetris Christofias, the Greek Cypriot leader, slammed those involved in the attack as “brainless.”
A FIBA tribunal fined Apoel 40,000 euros and ordered them to play their next European home matches behind closed doors.
The Turkish basketball players returned home to the Aegean province of İzmir via Greece, because Greek Cypriot officials rejected Pınar Karşıyaka’s requests for security protection during the night.
They argued such a step would be tantamount to recognizing Turkish Cyprus, which is only recognized by Turkey. Greek and Turkish Cypriots have been divided since 1974, when Turkey sent troops into the north after a rebellion by Greek Cypriots who wanted to unify with Greece.
Two regional websites for Chancellor Angela Merkel‘s Christian Democrats (CDU) were hacked on Tuesday by unknown perpetrators claiming to be Turkish following controversial comments by her conservatives on immigration.
Police and domestic intelligence agencies are now investigating in both the city-state of Hamburg and the northern state of Mecklenburg-Western Pomerania after CDU officials said their party sites were paralysed overnight when hackers replaced their homepages with a black background featuring a Turkish crest and critical comments.
Hackers “GHoST61” and “Emre Y” had left their mark claiming responsibility for sabotaging the site, with the comment, “Hi Hamburg: We are from Turkey.”
In Hamburg the CDU took its website offline by mid-morning on Tuesday, spokesperson Anna Christina Hinze said.
The Mecklenburg-Western Pomeranian arm of the CDU had a similar experience, discovering that their website had been replaced with an Ottoman Empire crest and some pointed questions about the party’s immigration policies. Their site was repaired by afternoon.
The hackers left a message asking: “Where is the money for integration? Where is the money for mosques?” and “Where is the tolerance? Where is the freedom of religion?“
The cyber-attacks appear to have been sparked by anti-immigrant statements from conservatives such as Bavarian premier Horst Seehofer, who said last week that Germany should halt immigration from Turkey and Arabic countries. Over the weekend he also said that multiculturalism was dead in Germany. Chancellor Merkel agreed the concept had “completely failed” and demanded immigrants accept “Christian values” when they come to Germany.
At the end of the hacker missive they wrote, “Mrs. Merkel, we await you in Hamburg,” – a possible reference to Merkel’s plans to visit integration projects in the city in early November.
The chancellor’s parliamentary district is in the state of Mecklenburg-Western Pomerania.
In early 2008, hackers made a similar attack on the state of Schleswig-Holstein’s CDU website, putting Turkish flags and slogans on several local party chapter pages. The IP address was traced to Ankara, Turkey.
Exclusive: Defense Department investigators subpoena records from Google, Microsoft, and Yahoo in connection with ongoing probe.
Paul McDougall
InformationWeek
A known computer hacking clan with anti-American leanings has successfully broken into at least two sensitive Web servers maintained by the U.S. Army, InformationWeek has learned exclusively.
Department of Defense and other investigators are currently probing the breaches, which have not been publicly disclosed.
The hackers, who collectively go by the name “m0sted” and are based in Turkey, penetrated servers at the Army’s McAlester Ammunition Plant in McAlester, Okla., and at the U.S. Army Corps of Engineers’ Transatlantic Center in Winchester, Va.
The breach at the McAlester munitions plant occurred on Jan. 26, according to records of the investigation obtained by InformationWeek. On that date, Web users attempting to access the plant’s site were redirected to a Web page that featured a protest against climate change.
On Sept. 19, 2007, the same hackers electronically broke into Army Corps of Engineers’ servers. That hack sent Web users to www.m0sted.net. The page, at the time, contained anti-American and anti-Israeli rhetoric and images, records show. It currently appears to be an Internet landing spot that features airline reservation links.
Beyond the redirects, it’s not clear whether the group was able to obtain sensitive information from the Army’s servers.
The hacks are the subject of an ongoing criminal investigation by Defense Department officials and members of the U.S. Army’s Judge Advocate General’s Office and Computer Emergency Response Team. Investigators have executed records search warrants against Microsoft (NSDQ: MSFT), Yahoo (NSDQ: YHOO), Google (NSDQ: GOOG), and other Internet service and e-mail providers as part of their efforts to unmask the hackers’ true identities.
Investigators believe the hackers used a technique called SQL injection to exploit a security vulnerability in Microsoft’s SQL Server database to gain entry to the Web servers. “m0sted” is known to have carried out similar attacks on a number of other Web sites in the past — including against a site maintained by Internet security company Kaspersky Lab.
The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.
Equally troubling is the fact that the hacks appear to have originated outside the United States. Turkey is known to harbor significant elements of the al-Qaida network. (!) It was not clear if “m0sted” has links to the terrorist group.
Defense Department officials did not immediately return calls seeking comment on the case.
InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report [on the website] (registration required).
A loosely affiliated group of hackers known as Anonymous attacked the websites in response to Internet filters that Turkey plans to implement in August, The Wall Street Journal reports. Government officials say the mandatory filters are intended to protect web users, but many consider the filters to be a censorship effort.
