An­ar­chis­tic hack­ers keep­ing the pres­sure on in cy­berspace

The Washington Times Weekly - - Geopolitics - BY SHAUN WATER­MAN

The an­ar­chis­tic hacker group LulzSec formed, at­tacked web­sites around the world and an­nounced its breakup all within two months, demon­strat­ing the speed with which cy­ber­se­cu­rity threats de­velop in the In­ter­net age.

Since emerg­ing LulzSec has:

De­crypted and pub­lished the lo­gin names, pass­words and other per­sonal in­for­ma­tion of mem­bers of the FBI’s pri­vate sec­tor part­ner­ship or­ga­ni­za­tion In­fra­guard.

Bro­ken into NATO’s on­line elec­tronic book­store.

Posted con­fi­den­tial doc­u­ments from a half-dozen for­eign gov­ern­ments.

Briefly taken off­line the web­sites of the CIA and Bri­tain’s Se­ri­ous Or­ga­nized Crime Agency.

Two weeks ago, the group, ap­par­ently less than a dozen strong, posted hun­dreds of in­ter­nal doc­u­ments stolen from the Ari­zona State Po­lice com­puter net­work, in­clud­ing the home ad­dresses of sev­eral of­fi­cers and

in

May, their fam­i­lies.

Cy­ber­se­cu­rity ex­perts tell The Wash­ing­ton Times that copy­cat groups al­ready are emerg­ing all over the world, that the hacker tools they use are widely avail­able and that LulzSec’s ni­hilis­tic mind­set will con­tinue spread­ing.

“It’s the idea be­hind it that will be picked up,” said David Mar­cus, di­rec­tor of se­cu­rity re­search for McAfee Labs, not­ing that LulzSec looka­likes al­ready have been founded in Brazil and Spain. “It’s hard to fight an idea.”

The group has used the slo- gan, “Laugh­ing at your se­cu­rity since 2011,” and de­rives its name from “se­cu­rity” and the In­ter­net term “lulz,” which means “loads of laughs.” LulzSec also has 280,000 fol­low­ers on Twit­ter.

The group’s ob­jec­tive has been “ba­si­cally to laugh at you and em­bar­rass you about your poor se­cu­rity,” Mr. Mar­cus said. “They’re very hard to cat­e­go­rize.”

“We like crush­ing things; we like in­side info,” wrote a mem­ber us­ing the name Es­peon about the group’s phi­los­o­phy dur­ing an in­ter­net chat with a se­cu­rity ex­ec­u­tive whose firm LulzSec had hacked. The group later pub­lished a pur­ported tran­script of the ex­change.

LulzSec two weeks ago is­sued a state­ment say­ing it was dis­band­ing out of “bore­dom.”

Mr. Mar­cus said the group

The group has used the slo­gan, “Laugh­ing at your se­cu­rity since 2011,” and de­rives its name from “se­cu­rity” and the In­ter­net term “lulz,” which means “loads of laughs.” LulzSec also has 280,000 fol­low­ers on Twit­ter. The group’s ob­jec­tive has been “ba­si­cally to laugh at you and em­bar­rass you about your poor se­cu­rity,” said David Mar­cus, di­rec­tor of se­cu­rity re­search for McAfee Labs. “They’re very hard to cat­e­go­rize.”

“crossed a line” in post­ing the home ad­dresses and phone num­bers of Ari­zona Depart­ment of Pub­lic Safety of­fi­cers and their fam­i­lies. “That’s not funny, that’s not ‘lulzy,’ “ he said. “If you want to protest, protest. But that is putting peo­ple in dan­ger.”

Many of the group’s at­tacks have used rel­a­tively sim­ple meth­ods, in­clud­ing SQL in­jec­tion, in which hack­ers ex­ploit very wide­spread and eas­ily dis­cov­er­able soft­ware se­cu­rity flaws to take con­trol of web­sites’ data­bases.

Ri­val hack­ers have “ac­cused them of us­ing lame hacks, but that’s miss­ing the point,” Mr. Mar­cus said. “ ‘Hac­tivism’ is about the mes­sage, not the method.”

LulzSec’s suc­cess, he said, has stemmed partly from its “agility at find­ing which sites have which vul­ner­a­bil­i­ties they can ex­ploit.” It also has been “very adept at me­dia ma­nip­u­la­tion” and has picked head­line-grab­bing tar­gets such as the CIA’s pub­lic web­site, which was taken off­line for three or four hours in early June, he added.

The FBI de­clined to com­ment on any in­ves­ti­ga­tion of LulzSec, but one 19-year-old man has been ar­rested in Bri­tain, and Mr. Mar­cus pre­dicted more ar­rests in the com­ing weeks or months.

“You can’t thumb your noses at this num­ber of in­tel­li­gence and law en­force­ment agen­cies all over the world and ex­pect to get away with it,” he said.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.