In recent years news stories have highlighted the increasing rate of cybercriminal activity targeting both private organizations and government entities. Cases from mischievous amateur hackers managing to exploit basic vulnerabilities, to more advanced security breaches carried out by expert criminal hackers and cybercrime organizations overseas, have grabbed the attention of the media. The awareness of the seriousness of cybercrime has been raised among the general population and many individuals are becoming more concerned with the data housed about them online. Hackers who refer to themselves as \u2018hacktivists\u2019, are grouping together to break into systems for political reasons or other activist agendas. This category of hacker has become more common in recent years with more incidents reported in the media.<\/p>\n
In May 2012, the Bureau of Justice was targeted by a group known as \u2018AntiS3curityOPA\u2019, an affiliate of the more well-known \u2018Anonymous\u2019. The group managed to infiltrate and steal sensitive data from the bureau\u2019s systems. The data was then released as a 1.7Gb archive on the Piratebay torrent site, freely available for anyone to download. The reason the group gave for carrying out this attack was to \u201cspread information, to allow the people to be heard, and to know the corruption in their government\u201d. Schwartz (2012).
\nThis article focuses on this recent attack on the Bureau of Justice Statistics provides an in depth analysis of what went wrong, why the organization was targeted, and what people might want access to the released data. Understanding the motivations behind why the hackers carried out this attack will be analyzes along with gaining a clearer picture of who they are. Finally, this article looks at how the bureau might discourage or defend against future threats.<\/p>\n
The Bureau of Justice Statistics is a federal government agency, which falls under the United States Department of Justice. The Bureau of Justice Statistics was created in 1979 and its purpose is to collect, analyze and publish crime data. According to its website, its mission is \u201cTo collect, analyze, publish, and disseminate information on crime, criminal offenders, victims of crime, and the operation of justice systems at all levels of government.\u201d<\/p>\n
The Bureau of Justice also provides grants to criminal justice statistics programs for data collection and processing as well as statistical and methodological research. They provide support to state, local, and tribal governments through their National Criminal History Improvement Program (NCHIP), State Justice Statistics (SJS) Program for Statistical Analysis Centers, and the NICS Act Record Improvement Programs for States and State Court Systems (NARIP). The bureau\u2019s dissemination programs are summarized in the table below.<\/p>\n\n
| National Criminal Justice Reference Service (NCJRS)<\/td> | Provides justice statistical data and referrals to other sources of crime data. The website is available at: https:\/\/www.ncjrs.gov<\/td>\n<\/tr>\n |
| National Archive of Criminal Justice Data (NACJD)<\/td> | Data that has been collected and archived is then documented and made available through the NACJD service. The website is available at: http:\/\/www.icpsr.umich.edu\/NACJD\/index.html<\/td>\n<\/tr>\n |
| Federal Justice Statistics Resource Center (FJSRC)<\/td> | The FJSRC maintains the bureau\u2019s Federal Justice Statistics Program database containing data on defendants and suspects in the federal courts. The website is available at: http:\/\/fjsrc.urban.org\/<\/td>\n<\/tr>\n |
| Infobase of State Activities and Research (ISAR)<\/td> | This system is maintained by the Justice Research and Statistics Association (JRSA) and it houses information on research and publications. The website is available at: http:\/\/www.jrsainfo.org\/database\/index.html<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n More information on each of these programs can be found on the Bureau of Justice Statistics website. The information they primarily deal with are publically available data sets, statistics and reports, freely available to anyone who access these program websites. Furthermore, the bureau provides in depth publications available for direct download from their website in various common formats including PDF, ASCII, and comma-delimited format (CSV).<\/p>\n Overview of the Security Breach<\/h3>\nOn May 22nd 2012, the hacker group known as \u2018Anonymous\u2019 released a video titled \u201cMonday Mail Mayhem\u201d claiming to have successfully breached the Bureau of Justice Statistic\u2019s information systems. This same group, Anonymous, was also responsible other attacks, including the Department of Justice and the Federal Bureau of Investigation just two months earlier. Infosec Island (2012). The video they released contained a narrative in a computerized voice that stated, \u201cToday we are releasing 1.7GB of data that used to belong to the United States Bureau of Justice, until now.\u201d The message went on to reveal that internal emails as well as an entire database dump were made available. Anonymous (2012). The narrative went on to justify the actions of this hacker group by implying that their goal was to expose corruption within the federal government and claiming that the \u201ctruth will set us free in the end.\u201d<\/p>\n |