UPDATED 12:47 EDT / JUNE 16 2011

Hacker Group LulzSec Downs CIA.gov Website, IT Security Community Rolls Their Eyes

sophos-disses-lulzsec Yesterday, the malicious Internet prankster group LulzSec directed a heavy salvo of distributed denial of service attacks at cia.gov—the public facing front for the United States Central Intelligence Bureau. As DDoS attacks are somewhat unsophisticated brute-force attempts to shut down a website, nobody was that impressed by their technical ability in causing cia.gov to go offline; but many watching this drama unfold have noted that Lulz Security is continuing to bait the US government.

Starting with their #TitanicTakedownTuesday, Lulz Security moved from cracking and exposing sensitive database information (break ins) to denial of service attacks (more akin to mob protesting outside of a building so nobody can get in.) Most of those DDoS attacks came from requests made on their elusive telephone switchboard and targeted gaming industry sites such as EVE Online, Minecraft, and League of Legends.

Then they moved from gaming websites, back to poking governments.

“Tango down – cia.gov,” the hackers tweeted over @LulzSec after the deed had been done. The website is back up and running fine now.

Certainly some bulk of their 177k Twitter followers might be impressed by this, but the IT Security community had some choice words about the hacker group’s ultimately juvenile activity, according to Fox News,

…over at Sophos, Ducklin said what Lulz was doing was “about as intellectually interesting and important as a bunch of schoolboys boasting in the playground about who’s got the hottest imaginary girlfriend.”

He said most of the break-ins had been “languorously orchestrated, using nothing more sophisticated than entry-level automatic web database bug-finding tools, available for free online.”

He admitted Lulz’s behavior was a “timely wake-up call,” but insisted that didn’t justify LulzSec’s behavior.

“Time spent throwing bricks through other people’s digital windows doesn’t actually teach anyone anything about glassmaking, glazing or civil engineering,” Ducklin said. “If you consider yourself a hacker and you have time to spare, grow some moral spine and use your skills for active benefit.”

“Follow the lead of a guy like Johnny Long and hackersforcharity.org,” he added. “I dare you to look at his site and decide that LulzSec is a more worthwhile cause.”

Nobody is surprised that a childish group of apparently teenage hackers lack moral backing for their activity. What is surprising a lot of the Internet community is how they’ve managed to rampantly diss a multitude of heavy hitters and still sail unscathed across the choppy waters of the Internet. No doubt, though, the different clandestine groups investigating them are biding their time as they develop evidence against the group and discover the group’s members. Their most recent exploits do not include actual hacking or cyber-burglary. Mostly just noisemaking and saber rattling.

After the message from Sophos mocking their behavior, LulzSec had some choice words of their own:

“Sophos are all butthurt as usual. Perhaps jelly… perhaps. “Fun, fun, fun” and “lulz”, very hard concepts for people to grasp it seems…” says the @LulzSec Twitter mouthpiece. “Sophos are the type of people who would judge throwing bricks through windows pedantically, deciding who threw the brick with more style. Guess what Sophos, every brick throw doesn’t have to involve a double-backflip and secret handshake; the window is fucked either way.”

And finally they add, “Security Expert is jealous that schoolboys get more attention than Sophos without doing anything but tweet batshit things.”

It seems like soon we’ll be writing about LulzSec’s “Catch Me If You Can” antics when the various agencies they’ve prodded close in on them; meanwhile, I hope everyone can learn something about personal to industry security and the culture that spawned them.

Tango out.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU