According to reports, the LulzSec hacking group has claimed responsibility for a denial of service hack attack on the cia.gov website resulting in it being inaccessible for a while late yesterday.


LulzSec appears to have taken up the baton of high profile hacking from the Anonymous group in recent weeks, with attacks being reported to have hit the Senate, News Corp, Sony and even the UK National Health Service. Yet all these hacks have one thing in common: they all seem to be aimed at getting media exposure as much as anything else.

It could also be argued that they are exposing serious security shortcomings in web-based operations that really should know better, and certainly the likes of the Senate and CIA sites fall into that category. However, the light-hearted approach to the serious matter of hacking, with 'humorous' Tweets announcing them and claiming responsibility, have led to some security analysts to ask if LulzSec are just in it for laughs?

Not that the FBI is laughing, LulzSec members are currently wanted by the Feds for their activities which, at the end of the day, are in breach of the law no matter how much the group may want to paint themseleves as hacktivist pranksters.

The general public, however, would appear to get the funny side of the hacking according to a new survey from security outfit Sophos. When asked if they found "LulzSec’s activities amusing" an astonishing 56.85 percent of those asked thought they were. Only 39.74 percent thought it was funny and deserved though, with 17.12 percent thinking it amusing but not approving of the hacks nonetheless. Only 43.14 percent thougth hacking into corporate sites and launching DDoS attacks were no laughing matter.

"While some people think this is a fun game that can also help point out corporate security weaknesses, the truth is that companies and innocent customers are - in the worst cases - having their personal data exposed," said Graham Cluley, senior technology consultant at Sophos. "There are responsible ways to inform a business that its website is insecure, or that it has not properly protected its data. What's disturbing is that so many internet users appear to support LulzSec. You have to ask yourself if LulzSec has finally bitten off more than it can chew. After all, they've just poked a very grizzly bear with a pointy stick. LulzSec's cockiness may be their undoing," added Cluley.

308 Views
About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Too bad our routers are not designed to capture the packets and return them to the sender

One of the hackers was arrested.