Anonymous has lobbed many online attacks against high-profile websites, but so far the hacktivist group has never hacked into the world's largest social network, Facebook.

And, if you believe most Anonymous connected Twitter accounts, that won't be changing anytime soon -- despite ongoing rumors and a YouTube video stating an Anonymous-backed Facebook strike is planned for Saturday.

The question of whether Anonymous will attack Facebook got started with that YouTube video, published Monday. The video, which can be seen above, states that the group is targeting the social network as a part of an online war in reaction to two controversial online anti-piracy bills known as SOPA and PIPA that were abandoned by several Washington politicians last week.

"Hello. People of the world. We are Anonymous," a computer generated voice-over says in the video. "The time has come. An online war has begun between Anonymous, the people, and the government of the United States. While SOPA and PIPA may be postponed from Congress, this does not guarantee that our internet rights will be upheld."

Later, the video states that "while it is true that Facebook has at least 60,000 servers, it is still possible to bring it down. Anonymous needs the help of the people, the people who want to take a stand against the government. The people who want to make a difference. This is what we must do."

On Monday, just a few hours after the video was published on YouTube, the @AnonOps Twitter account -- which many believe to be an authentic Anonymous account -- said there were no plans to hit Facebook.

"Again we must say that we will not attack #Facebook! Again the mass media lie," one tweet said.

Another tweet repeated the denial of the YouTube video, stating "AGAIN: 'Anonymous Threatens Facebook Shutdown Jan' IS A FAKE. RT PLEASE."

But while the attack may not be a legitimate Anonymous operation, and while it may never even take place, the group's lack of hacks against Facebook isn't for a lack of threats.

Rogue members of the collective, which has no publicly clear leadership structure, and possibly even impostors have threatened attacks against Facebook multiple times in the past. Notably, one such threat last August planned for Guy Fawkes Day on Nov. 5 never panned out.

RELATED:

SOPA blackouts inspired protest around the world

Wikipedia: SOPA protest led 8 million to look up reps in Congress

Justice Department shuts down MegaUpload, Anonymous responds with Web attacks

-- Nathan Olivarez-Giles

Nathan Olivarez-Giles on Google+

Twitter.com/nateog

Image: A screenshot of a tweet from the @AnonOps account that denies the hacker group Anonymous will attack Facebook. Credit: Twitter

MegaUpload, one of the world's largest file-sharing websites, was shut down Thursday by the U.S. Department of Justice, which accused it of violating piracy and copyright laws.

  In an indictment, the Justice Department alleged that MegaUpload was a "mega conspiracy" and a global criminal organization "whose members engaged in criminal copyright infringement and money laundering on a massive scale."

The Justice Department said MegaUpload, which had about 150 million users, tallied up harm to copyright holders in excess of $500 million by allowing users to illegally share movies, music and other files. Prosecutors said in the indictment that the site's operators raked in an income from it that topped $175 million.

DOCUMENT: Read the indictment against MegaUpload

MegaUpload was just one of the many services that allow for the easy sharing of large files online. Others include sites such as Mediafire and Rapidshare and cloud storage services that allow for shared folders such as Box.net and Dropbox.

One way MegaUpload differentiated itself was with its online marketing campaign that featured celebrities such as rapper/producers Kanye West, Lil' Jon, Sean "Diddy" Combs and Swizz Beats stating in YouTube videos why they loved using the site. Other videos feature tennis star Serena Williams, boxer Floyd Mayweather Jr., Def Jam Records founder Russell Simmons and director Brett Ratner testifying to their use of MegaUpload.

The release of the Justice Department indictment came after dozens of websites, led by tech heavyweights Wikipedia, Craigslist, Mozilla and Google, altered their websites to protest two anti-piracy bills under consideration on Capitol Hill: the Stop Online Piracy Act (SOPA) and the Protect Intellectual Property Act (PIPA).

Critics of the bills say the proposed laws would give the Justice Department the ability to censor the Internet by giving the agency clearance to shut down a site without having to get court approval of an indictment, as it did with MegaUpload. Although the indictment was unsealed Thursday, it was issued by a federal court in the Eastern District of Virginia on Jan. 5, the agency said.

In a statement issued with the indictment,the Justice Department said "this action is among the largest criminal copyright cases ever brought by the United States and directly targets the misuse of a public content storage and distribution site to commit and facilitate intellectual property crime."

The Justice Department said that at its request, authorities arrested three MegaUpload executives -- officially employed by two companies, Megaupload Ltd. and Vestor Ltd. -- in New Zealand, including the site's founder, Kim Dotcom, who was born Kim Schmitz. The agency is also looking to arrest two additional executives.

The indictment charges the two companies with running a "racketeering conspiracy, conspiring to commit copyright infringement, conspiring to commit money laundering and two substantive counts of criminal copyright infringement."

According to the Associated Press, before the MegaUpload site was shut down Thursday, a statement was posted on the site saying the allegations made against it were "grotesquely overblown" and that "the vast majority of Mega's Internet traffic is legitimate, and we are here to stay. If the content industry would like to take advantage of our popularity, we are happy to enter into a dialogue. We have some good ideas. Please get in touch."

Visits to Megaupload.com on Thursday showed the website as unable to load. The Justice Department had ordered the seizure of 18 domain names it linked to the alleged wrongdoing.

[Updated at 3:42 p.m.: As noted by Times reporter Ben Fritz on our sister blog Company Town, the hacker group Anonymous has allegedly lobbed a denial-of-service attack that has temporarily taken down the websites for the Department of Justice and Universal Music as a move in retaliation for the shutdown of MegaUpload. Forbes is reporting that the same attack has struck the sites for the Recording Industry of America and the Motion Picture Assn. of America.]

[Updated at 3:50 p.m.: The Twitter accounts @YourAnonNews and @AnonOps are taking credit on behalf of Anonymous for the web attacks on the websites of the Justice Department, Recording Industry of America, Motion Picture Assn. of America and Universal Music.]

ALSO:

SOPA blackouts inspired protest around the world

Apple's iBooks 2, iBooks Author: Bids to own publishing's future

Wikipedia: SOPA protest led 8 million to look up reps in Congress

-- Nathan Olivarez-Giles

Nathan Olivarez-Giles on Google+

Twitter.com/nateog

Hackers based in China reportedly pulled off a massive Web attack against the U.S. Chamber of Commerce lobbying group, which resulted in access to a significant number of confidential emails and documents.

Unnamed sources told both Bloomberg and the Wall Street Journal that the security breach took place in 2010 and gave the hackers access to information belonging to the Chamber's 3-million members.

The chamber, the U.S.' largest business lobbying group, is still investigating the attack, both reports said.

The strike is believed to be one in a wave of Web attacks from hackers based in China, along with previous reported hackings against "U.S. companies, business associations, and lobbying groups involved in trade policy associated with China," Bloomberg said.

Officials at the Chamber of Commerce were unavailable for comment on Wednesday.

According to the Journal's report, the chamber hasn't yet determined how much of its data was viewed or taken by the hackers, though evidence has been found that "hackers had focused on four chamber employees who worked on Asia policy, and that six weeks of their email had been stolen."

It is also possible that the hackers, who investigators suspect may have ties to the Chinese government, "had access to the network for more than a year before the breach was uncovered, according to two people familiar with the chamber's internal investigation," the Journal said.

RELATED:

China cracks down on Internet rumors

Chinese hackers pose a growing threat to U.S. firms

China-based hackers targeted oil, energy companies in 'Night Dragon' cyber attacks, McAfee says

— Nathan Olivarez-Giles

Nathan Olivarez-Giles on Google+

Twitter.com/nateog

Image: A screenshot of www.uschamber.com, the website of the U.S. Chamber of Commerce lobbying group. Credit: U.S. Chamber of Commerce

Sony's hacking problems aren't over yet.

On Wednesday morning, Philip Reitinger, Sony's newly hired chief information security officer, said that about 93,000 PlayStation Network and Sony Online Entertainment user accounts have been breached in a Web attack.

The attack is merely the latest for Sony, which has been dealing with online assaults on its user accounts most of the year. So far, more than 90 million Sony user accounts across the company's online services have been breached, which led to online video gaming services being suspended for more than a month.

The security breaches haven't been limited to Sony's gaming business either. Sony's cloud-based Qriocity music service, Sony music websites and Sony Pictures websites have been hacked this year too.

Reitinger, whom Sony hired in September, is a veteran of the online security world and formerly was a top security official at the U.S. Department of Homeland Security and Microsoft Corp.'s chief trustworthy infrastructure strategist. He's also worked for the Department of Defense and the Department of Justice and holds a law degree from Yale.

Sony created an entirely new position for Reitinger in hiring him in a bid to show it was serious about changing what is becoming an image of having a weak security system for users of its online services.

In a statement on Sony's PlayStation blog, Reitinger said it is unsure how successful or widespread the most recent attacks have been, but it has "detected attempts" to crack into Sony's Entertainment Network, PlayStation Network and the Sony Online Entertainment services "to test a massive set of sign-in IDs and passwords against our network database."

"These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources," he said. "In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks."

Reitinger said that Sony has made moves to fend off the attacks.

"Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected," he said. "There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts' valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked."

The nearly 93,000 accounts that were hacked and then locked down are currently under review by Sony so the company can figure out if an outside party really did access those accounts or not, Reitinger said.

Despite what Sony believes is the likely hacking of the large number of accounts, credit card numbers were not at risk in the security breach, he said. However, Sony "will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet," Reitinger said.

"As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt," he said. "If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password."

"Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on."

RELATED:

Sony's new security exec is Homeland Security, Microsoft vet

Sony CEO says hackers pick on company because it protects it PlayStation IP

Sony partially blames hacktivist group Anonymous for PlayStation Network data breach

-- Nathan Olivarez-Giles

Twitter.com/nateog

Photo: A customer watches a video of a Sony PlayStation 3 video game console at a Tokyo electronics retailer on April 27. Credit: Yoshikazu Tsuno / AFP/Reuters

Starting today, each time you click an outbound link on Facebook, San Diego's Websense will visit that site first, checking to see if it poses a security threat before letting you leave the world's largest social network.

The move is one that seeks to improve security measures online for Facebook's more than 800 million users and makes use of technology that has taken more than a year to develop, said Charles Renert, a senior director of security research at Websense.

Once you select a link, Websense's security tools kick into action, visiting the outside website and running a series of scans and tests seeking out botnets, malware, phishing programs, trojans and other viruses.

If Websense identifies any such harmful material on the other side, Facebook then serves up a familiar-looking warning page that reads "Security Alert: This Link May Not Be Safe," which now also features a Websense logo.

The page gives users the option to either return to the previous page they visited or to ignore the warning and continue to the potentially dangerous website. The warning page also offers up a link to more information on why Websense identifies the link as a harmful one.

Websense's technology (which it calls ThreatSeeker Cloud) isn't a Facebook app in the traditional sense and won't have access to a user's name, date of birth, wall, networks, friends list or any other personal or public information shared on the site, Renert said.

"We get no user information from Facebook," he said. "The security transactions between Facebook and Websense are all anonymized and focused specifically on checking out the security of links shared on Facebook."

RELATED:

Privacy groups ask FTC for Facebook inquiry

Lawmakers urge FTC to investigate Facebook for cookies

Spotify unveils "private listening" after Facebook users complain

-- Nathan Olivarez-Giles
Twitter.com/nateog

An alleged member of the hacker group LulzSec was arrested by FBI agents in connection with a massive computer attack against Sony Pictures Entertainment earlier this summer.

Cody Kretsinger, 23, of Phoenix was arrested Thursday morning on charges of conspiracy and the unauthorized impairment of a protected computer, the FBI said in a statement.

Kretsinger, also known by the handle "recursion," is a current or former member of LulzSec, a group of "elite computer hackers" that has attacked various government agencies and businesses, including Sony Pictures in May and June, the FBI said.

Along with other hackers, Kretsinger attacked the Sony Pictures website, swiped confidential information, and later aired that stolen data on the LulzSec website and on other online channels, according to the FBI. While carrying out the Sony hack, Kretsinger tried to mask his digital identity through a proxy server and later permanently erased the hard drive of the computer he used, the FBI said.

LulzSec claimed responsibility for the Sony hack on its Twitter account.

The FBI said that LulzSec is affiliated with an "international group of hackers" known as Anonymous, responsible for cyber crimes on businesses and government entities including PayPal, News Corp. and NATO. In July, the FBI arrested 16 Anonymous and Lulzsec members around the country for cyber crimes.

RELATED:

Anonymous says it hacked NATO, blasts FBI arrests

Hacker group the A-Team publishes list of alleged LulzSec members

Anonymous-related probe leads FBI to search three New York homes [Updated]

-- Shan Li

Photo: Screen grab of the PBS website after LulzSec infiltrated it. Credit: Associated Press.

Sony Corp. has hired a former U.S. Department of Homeland Security official as its new top security executive.

Philip Reitinger, formerly the director of Homeland Security's National Cyber Security Center, will join Sony in the newly created position of chief information security officer and a senior vice president.

The hire is a move to strengthen Sony's defenses after more than 90 million Sony user accounts across the company's online services were breached earlier this year.

Among the services hacked into were Sony's PlayStation Network for online video games (which was out of service for more than a month), its cloud-based Qriocity music service, Sony music websites and Sony Pictures websites.

Before working at the federal government, Reitinger was Microsoft Corp.'s chief trustworthy infrastructure strategist "where he was responsible for improving IT protection and security while coordinating closely with government agencies and private partners in order to build trustworthy computing systems worldwide," according to a statement from the Department of Homeland Security.

Reitinger will take a similar role at Sony and be "responsible for assuring the security of Sony's information assets and services," the Japanese tech giant said in a statement. "He will oversee information security, privacy and internet safety across the company, coordinating closely with key headquarters groups and working in partnership with the information security community to bring the best ideas and approaches to Sony."

Nicole Seligman, a Sony executive vice president and the company's general counsel and corporate executive officer, will be Reitinger's boss.

Reitinger has also worked for the Department of Defense and the Department of Justice and holds a law degree from Yale, Sony said.

RELATED:

Sony Tablet S: starting at $499.99, arriving September

Sony CEO says hackers pick on company because it protects it PlayStation IP

Sony partially blames hacktivist group Anonymous for PlayStation Network data breach

-- Nathan Olivarez-Giles

Twitter.com/nateog

Photo: Visitors walk past a Sony logo at a showroom in Tokyo on July 28, 2011. Credit: Franck Robichon/EPA

Two alleged members of the hacking groups Anonymous and LulzSec, one believed to be a hacker going by the alias of "Kayla," have been arrested in England.

The two men, ages 20 and 24, were arrested separately on Thursday -- one in South Yorkshire county, and the other in Wiltshire county, for "conspiring to commit offenses under the Computer Misuse Act 1990," according to the Metropolitan Police Service, also known as Scotland Yard.

The arrests "are part of an ongoing investigation in collaboration with the FBI, South Yorkshire police and other law enforcement bodies in the UK and overseas, into the activities of the online 'hacktivist' groups Anonymous and LulzSec -- in particular in connection with suspected offenses conducted under the cover of the online identity 'Kayla,'" Scotland Yard said in a statement.

Police confiscated the computer of the man arrested in South Yorkshire for "forensic examination," Scotland Yard said.

"The arrests relate to our inquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multinational companies, public institutions and government and law enforcement agencies in Great Britain and the United States," said Mark Raymond, detective from the Metropolitan Police e-Crime Unit, in a statement. "We are working to detect and bring before the courts those responsible for these offenses, to disrupt such groups and to deter others thinking of participating in this type of criminal activity."

The Guardian newspaper of London was among the first to report on the arrests.

In July, Scotland Yard arrested 18-year-old Jake Davis, who they allege has acted as a spokesperson for LulzSec and Anonymous, going by the name "Topiary." Davis has been released on bail and has been forbidden from accessing the Internet while he faces charges for five criminal offenses, the police agency has said.

RELATED:

Scotland Yard says alleged hacker is in custody

Alleged Anonymous members arrested in hacker attacks

Alleged hacker 'Topiary' released on bail, prohibited from using Internet

-- Nathan Olivarez-Giles

Twitter.com/nateog

Image: Screenshot of images published by the hacking group LulzSec. Credit: LulzSec

Anonymous could be planning a Nov. 5 cyber attack agianst the world's largest social networking site, Facebook.

A single video was published to a YouTube account called FacebookOp, claiming to be from Anonymous that said the group would be hacking into Facebook and taking the site down.

"We wish to get your attention, hoping you heed the warnings as follows: Your medium of communication you all so dearly adore will be destroyed," reads a written statement posted in the YouTube description of the video. "If you are a willing hacktivist or a guy who just wants to protect the freedom of information then join the cause and kill facebook for the sake of your own privacy."

Whoever posted the video -- whether actually from members of Anonymous or someone claiming to be affiliated with the group -- said the reasoning behind the planned attack was allegations of Facebook selling its users' personal information to government agencies "so that they can spy on people from all around the world. Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria. "

Facebook officials were unavailable for comment on the video or the allegedly planned attack.

The video was shared on Twitter on July 16, the day the video first hit YouTube, by a user going by the name of Op_Facebook. The tweet to share the video has been the only message sent from that account so far and no other videos have been uploaded to YouTube.

"You cannot hide from the reality in which you, the people of the internet, live in," the statement paired with the video reads. "Facebook is the opposite of the Antisec cause. You are not safe from them nor from any government. One day you will look back on this and realise what we have done here is right, you will thank the rulers of the internet, we are not harming you but saving you.

"The riots are underway. It is not a battle over the future of privacy and publicity. It is a battle for choice and informed consent. It's unfolding because people are being raped, tickled, molested, and confused into doing things where they don't understand the consequences. Facebook keeps saying that it gives users choices, but that is completely false. It gives users the illusion of and hides the details away from them "for their own good" while they then make millions off of you. When a service is 'free,' it really means they're making money off of you and your information."

Anonymous has about a dozen Twitter and YouTube accounts and has a loose structure with no one leader or spokesperson representing the group, which has in the past claimed hacks into the Iranian government, PayPal, Visa and tech companies working for the FBI and other government agencies. The group also used its YouTube and Twitter pages to post video created by those in Tunisia who revolted against their government in January.

It's clear the group's philosophy is one that isn't big on governments or police agencies as they currently exist.

But given the largely undefined barriers as to what Anonymous is or isn't, it's difficult to gauge how much weight is or isn't behind this seemingly ignored threat made against Facebook.

One piece of the puzzle that is, however, easy to decipher is the Nov. 5 date on which the cyber attack could take place. Nov. 5 is Guy Fawkes Night, the night in 1605 in which Guy Fawkes was arrested while guarding explosives beneath London's House of Lords in an attempt to kill numerous politicians and King James I.

Members and supporters of Anonymous adopted the Guy Fawkes mask, as depicted in the comic book and film "V for Vendetta," as a symbol for the group.

Lately, however, Anonymous members have been more active as members of AntiSec, a mash-up of Anonymous and members of LulzSec, a hacking group that has said it hacked more for entertainment than over political philosophy. 

[Updated 10:31 a.m.: A spokeswoman for Facebook, Gwen Belomy, said the Palo Alto company is declining to comment.]

RELATED:

AntiSec claims to have hacked more than 70 police websites

Local and state agencies are more vulnerable to hacker attacks

ACLU digs into mobile location privacy with huge police records request

-- Nathan Olivarez-Giles

Twitter.com/nateog

Image: A screenshot of a video that claims Anonymous will launch a Nov. 5 cyber attack on Facebook. Credit: FacebookOp via YouTube

The hacking of more than 70 law enforcement agencies across the nation that resulted in the exposure of 10 gigabytes of information has placed a spotlight on the disadvantages local and state government agencies have when it comes to defending themselves from cyber criminals.

Hackers are increasingly going after high-profile organizations, such as the CIA and FBI, but that doesn't mean small government agencies are immune to intrusions. LulzSec, a hacktivist group, hacked into the email accounts of employees at the Arizona Department of Public Safety in a highly publicized attack in June, but less-known breaches have resulted in hackers obtaining hundreds of thousands of personal records from Alaska to Massachusetts, including one attack in Texas that exposed 3.5 million records.

Small government agencies have not been thought of as targets for hackers and therefore have not invested as much as larger federal agencies and major corporations in their security, said Heather Egen Sussman, the co-chair of McDermott, Will & Emery's global privacy and data protection affinity group.

"Up to this point, these agencies were not viewed as being in particular risk of being targeted by hackers," she said. "The focus has not been on IT security to the same degree that the more visible and the larger entities have paid to it."

Another problem small government organizations face is they often don't have the budget to attract top security experts with high salaries, said retired cyber-crime investigator Steve Edwards.

"It's real competitive out there for these people," he said. "They're very attractive to corporations and businesses that have these same issues."

And even when good security experts are in place, having the budget to give them the right technology to defend against sophisticated attacks can also be a problem, Sussman said.

Sussman said small government organizations can take several steps to make themselves more secure from hackers:

• Make lawmakers and organization leaders aware of cyber security's important so they receive an appropriate budget.
• Have or hire competent security experts who are up to date on the latest trends in cyber defense.
• Update all software and hardware regularly
• Train all employees with access to the organization's network

"You can have the best IT people in the world, but if you have one employee at work who double-clicks a link and inadvertently downloads malware, the hacker can be off and running," Sussman said.

And if hiring competent people is an issue, agencies should considering outsourcing their cyber security to a third party, Edwards said.

"That's a way they can be competitive in getting the best people to come in to do what has to be done," he said. 

RELATED:

AntiSec claims to have hacked more than 70 police websites

ACLU digs into mobile location privacy with huge police records request

Alleged hacker 'Topiary' released on bail, prohibited from using Internet

-- Salvador Rodriguez

twitter.com/sal19

Image: U.S. Department of Homeland Security analysts work at the National Cybersecurity and Communications Integration Center in Washington. Credit: Hyungwon Kang / Reuters