OpAfrica Update - March 2016

Abstract

The hacktivist group Anonymous has upped the ante in its cyber-assault against corporations and government that "enable and perpetuate corruption on the African continent." Since Radware's previous ERT alert on February 16, 2016, the OpAfrica operation has grown and the need for further DDoS prevention will be needed with the assistance of DDoS attacks from a collection of Anonymous-affiliated groups, including the hacktivist group, New World Hackers (see Figure 1), Team Hack Argentino, and others.

Background

OpAfrica is an Anonymous operation that is focused on fighting corruption, child abuse and internet censorship across the continent. Since the launch of the operation in February, Anonymous has targeted the governments of Rwanda, Uganda, South Africa, Tanzania, Zimbabwe and Sudan with defacements, data dumps and massive DDoS attacks. As predicted in the previous ERT Alert, DDoS prevention is needed as Anonymous has issued an expanded target list for the second phase of the operation, claiming they will not stop anytime soon.

 
Figure 1: New World Hackers claim support for OpAfrica

Upon joining, New World Hackers attacked the DNS server portals for a number of government sites in South Africa (see Figure 2), resulting in outages for the following:

 
Figure 2: New World Hackers down gov.za

Operation Information

Attackers

 

Communication

Chat

Channels

Video

Twitter

Original Target List

 

Updated Target List

Recently Targeted ii

 

 
Figure 3: Deface of meteo.go.ke by Hanom1960

 
Figure 4: Image used on defaced sites for OpAfrica

Reasons for Concern

Many sites suffered SQL injections, data dumps and service outages caused by network crippling DDoS attacks. OpAfrica is expected to continue as it enters the second phase of operations, moving on to their next targets. These targets can expect to experience similar attacks to those used during the first phase. Radware also expects to see a new target list in the future and the continued support from the greater Anonymous collective.

Effective DDoS Prevention Considerations

Enterprises and government agencies should consider a comprehensive DDoS prevention system to detect and mitigate multi-vector, volumetric denial of service, and Web application attacks. Enterprises should monitor security alerts and examine triggers carefully. Tune existing policies and DDoS prevention techniques to prevent false positives and allow identification of real threats if and when they occur.

Here are several considerations for a seamless security solution:

Additional important DDoS prevention considerations when choosing a solution to defend from web-based attacks:

Need Expert Emergency Assistance?

Radware offers a full range of DDoS prevention solutions to help networks properly mitigate attacks similar to these. Our attack mitigation solutions provide a set of patented and integrated technologies designed to detect, mitigate and report todays most advanced DDoS attacks and cyber threats. With dedicated hardware, fully managed services and cloud solutions that offer the best DDoS protection against DDoS attacks, Radware can help ensure service availability. To understand how Radware's attack mitigation and DDoS prevention solutions can better protect your network contact us today.