LulzSec launches anti-government crusade, takes down U.K. police site
Attacks flourish because organizations haven't done security due diligence, says analyst
Computerworld - A day after a pair of hacker groups promised to step up their attacks against government Web sites, one of them claimed to have knocked the U.K.'s Serious Organised Crime Agency (SOCA) offline.
LulzSec today announced today that it had brought down SOCA.
"Tango down -- soca.gov.uk -- in the name of #AntiSec," the group said on its Twitter account Monday around noon ET.
"SOCA has chosen to take its Web site offline to limit the impact of the distributed-denial-of-service (DDoS) attack on other clients hosted by our service provider," the agency said in an emailed statement. "The SOCA Web site is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold."
LulzSec has claimed responsibility for a large number of recent database breaches and DDoS attacks, including against Sony and other gaming companies, the Central Intelligence Agency (CIA) and the U.S. Senate.
Although Computerworld was for a time unable to access the home page of SOCA, by 1:15 p.m. ET the site was online, although resolving slowly.
SOCA is a national police agency in the United Kingdom akin to the U.S. Drug Enforcement Agency (DEA) or Bureau of Alcohol, Tobacco and Firearms (ATF).
The attack followed the release of a manifesto Sunday by LulzSec that announced a new campaign against the world's governments.
"Welcome to Operation Anti-Security (#AntiSec)," the LulzSec statement read. "We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word 'AntiSec' on any government website defacement or physical graffiti art."
LulzSec also said it was joining forces with Anonymous, another hacking group that last December led attacks against companies that had withdrawn payment and hosting services from WikiLeaks.
LulzSec is believed to be an offshoot of Anonymous.
"Top priority is to steal and leak any classified government information, including email spools and documentation," LulzSec said in its statement. "Prime targets are banks and other high-ranking establishments."
One analyst wasn't surprised by the success of LulzSec's attacks.
"There's still a lot of low-hanging fruit out there, plenty to embarrass companies and organizations," said John Pescatore of Gartner. "Unfortunately, it's pretty easy to do."
Pescatore said the rash of hacks and DDoS attacks was a fad, akin to the one 10 years ago when worms were rampant, caused by a disconnect between vulnerabilities and enterprise security.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts