14 DAY TRIAL // The Department of Homeland Security has released a report on Anonymous, advising US federal, state and local government departments and agencies, as well as their private sector partners, to review their defences.
The unclassified report [pdf] put together by DHS' National Cybersecurity & Communications Integration Center (NCCIC), reviews the history, motives and tactics of notorious hacktivist collective and its associated groups.
"So far, Anonymous has not demonstrated any capability to inflict damage to critical infrastructure, instead choosing to harass and embarrass its targets," the report says.
However, the DHS does warn that the release of sensitive documents and personally identifiable information has the potential to result in serious harm, particularly to law enforcement and other government employees.
The report authors also agree that LulzSec is made up from more talented individuals, hacking-wise, than average Anonymous members and mention the group's declaration of war against the US Intelligence Community and other associated companies.
While DHS expects future attacks to remain fairly limited in scope, it does not exclude the possibility of "a higher-level actor" providing Anonymous or LulzSec with more advanced capabilities.
The NCCIC advises organizations to be ready to react as quickly as possible if they become a victim. "Should a cyber attack occur, ensure backup and recovery procedures are in place and enabled. Be prepared to execute a full spectrum defensive plan that includes contact information for external sources to draw on for assistance.
"Collect and centrally manage detailed aspects of the attack so you can provide accurate information to Operations, Security, and Law Enforcement personnel as necessary," the report's authors write.
It's clear that Anonymous has managed to capture the attention of law enforcement agencies and governments. Back in June the group was mentioned as a threat in a NATO report.