LulzSec launches anti-government crusade, takes down U.K. police site

Attacks flourish because organizations haven't done security due diligence, says analyst

A day after a pair of hacker groups promised to step up their attacks against government Web sites, one of them claimed to have knocked the U.K.'s Serious Organised Crime Agency (SOCA) offline.

LulzSec today announced today that it had brought down SOCA.

"Tango down -- soca.gov.uk -- in the name of #AntiSec," the group said on its Twitter account Monday around noon ET.

"SOCA has chosen to take its Web site offline to limit the impact of the distributed-denial-of-service (DDoS) attack on other clients hosted by our service provider," the agency said in an emailed statement. "The SOCA Web site is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold."

LulzSec has claimed responsibility for a large number of recent database breaches and DDoS attacks, including against Sony and other gaming companies, the Central Intelligence Agency (CIA) and the U.S. Senate.

Although Computerworld was for a time unable to access the home page of SOCA, by 1:15 p.m. ET the site was online, although resolving slowly.

SOCA is a national police agency in the United Kingdom akin to the U.S. Drug Enforcement Agency (DEA) or Bureau of Alcohol, Tobacco and Firearms (ATF).

The attack followed the release of a manifesto Sunday by LulzSec that announced a new campaign against the world's governments.

"Welcome to Operation Anti-Security (#AntiSec)," the LulzSec statement read. "We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word 'AntiSec' on any government website defacement or physical graffiti art."

LulzSec also said it was joining forces with Anonymous, another hacking group that last December led attacks against companies that had withdrawn payment and hosting services from WikiLeaks.

LulzSec is believed to be an offshoot of Anonymous.

"Top priority is to steal and leak any classified government information, including email spools and documentation," LulzSec said in its statement. "Prime targets are banks and other high-ranking establishments."

One analyst wasn't surprised by the success of LulzSec's attacks.

"There's still a lot of low-hanging fruit out there, plenty to embarrass companies and organizations," said John Pescatore of Gartner. "Unfortunately, it's pretty easy to do."

Pescatore said the rash of hacks and DDoS attacks was a fad, akin to the one 10 years ago when worms were rampant, caused by a disconnect between vulnerabilities and enterprise security.

1 2 Page
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies