Anonymous‘ latest hack and part of the #antisec project, dubbed Military Meltdown Monday, has compromised some 90,000 accounts belonging to military personnel. The actual target of the attack, Booz Allen Hamilton, a security consulting firm, had the data as a result of the consulting they’d been doing, so while the leak involves military information, no government entity was hacked. Still, it can’t feel good for Booz Allen Hamilton, an established security firm, to lose so much private information to a faceless, unorganized hacker group that went so far as to throw a little salt in the wound, saying that Hamilton had “basically…no security measures in place.”
While this leak looks extremely serious at face value (it includes the words “military”, numbers that are over 9000 and seems like it could pertain to national security) it’s questionable as to whether or not this hack is anything more than embarrassing and inconvenient. Anonymous claims to have uncovered “treasure chests buried on the islands of government agencies” that will keep their ”blackhat friends busy for a while.” That being said, the real meat of this leak is login information and although I wasn’t able to dig up much information in the way of military security protocol (go figure), it seems to me that a significant part of any military security system that is not boneheadedly simplistic would involve a second form of identification, something physical, like a smart card or a retinal/fingerprint scanner. You know, the reasons you have to capture people alive in order to progress in Splinter Cell. We’ve yet to see what the blackhat friends might metaphorically dig up on those metaphorical islands, but for now the leak, while mortifying, is probably more of an inconvenience than a national security disaster.