Development Bank Of Kenya Attacked Under OpIcarus
Target: Development Bank Of Kenya
Attack Vector: Hack & Data Leak
Threat Actor: @UnitedSecTeam
Summary: The @anonymous affiliated group @unitedsecteam have claimed responsibility for a hack and data leak against the Development Bank of Kenya (devbank[.]com) on 11th March 2018. The claim was accompanied by the hashtag #OpIcarus and is consistent with previous attacks against banks during 2018 by the actors.
Risk assessment summary: It is currently assessed that #OpIcarus presents a 3e MODERATE threat to the finance sector, however the operation has been directly linked to the energy sector and the Syrian civil war. Anonymous accused Genie Oil and Gas of precipitating the Syrian conflict in order to exploit Golan Heights oil reserves. They also accuse the business of having an interest in a pipeline planned from Qatar to Europe and indicated that telecom, energy and government sector companies would be targeted.
Although @unitedsecteam have not released large amounts of data, it is likely that other hacktivists will also support #OpIcarus when not engaged on Catalonia and Yemen centric activity, presenting a greater threat to targeted sectors. Although activity will remain at a relatively low level into the medium term, the release of small amounts of data could still prove damaging to targeted organizations and cause a disproportionate effect on reputation. Monitoring of the threat environment will continue in order to identify further actionable intelligence.