LulzSec launches anti-government crusade, takes down U.K. police site
Attacks flourish because organizations haven't done security due diligence, says analyst
Computerworld - A day after a pair of hacker groups promised to step up their attacks against government Web sites, one of them claimed to have knocked the U.K.'s Serious Organised Crime Agency (SOCA) offline.
LulzSec today announced today that it had brought down SOCA.
"Tango down -- soca.gov.uk -- in the name of #AntiSec," the group said on its Twitter account Monday around noon ET.
"SOCA has chosen to take its Web site offline to limit the impact of the distributed-denial-of-service (DDoS) attack on other clients hosted by our service provider," the agency said in an emailed statement. "The SOCA Web site is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold."
LulzSec has claimed responsibility for a large number of recent database breaches and DDoS attacks, including against Sony and other gaming companies, the Central Intelligence Agency (CIA) and the U.S. Senate.
Although Computerworld was for a time unable to access the home page of SOCA, by 1:15 p.m. ET the site was online, although resolving slowly.
SOCA is a national police agency in the United Kingdom akin to the U.S. Drug Enforcement Agency (DEA) or Bureau of Alcohol, Tobacco and Firearms (ATF).
The attack followed the release of a manifesto Sunday by LulzSec that announced a new campaign against the world's governments.
"Welcome to Operation Anti-Security (#AntiSec)," the LulzSec statement read. "We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word 'AntiSec' on any government website defacement or physical graffiti art."
LulzSec also said it was joining forces with Anonymous, another hacking group that last December led attacks against companies that had withdrawn payment and hosting services from WikiLeaks.
LulzSec is believed to be an offshoot of Anonymous.
"Top priority is to steal and leak any classified government information, including email spools and documentation," LulzSec said in its statement. "Prime targets are banks and other high-ranking establishments."
One analyst wasn't surprised by the success of LulzSec's attacks.
"There's still a lot of low-hanging fruit out there, plenty to embarrass companies and organizations," said John Pescatore of Gartner. "Unfortunately, it's pretty easy to do."
Pescatore said the rash of hacks and DDoS attacks was a fad, akin to the one 10 years ago when worms were rampant, caused by a disconnect between vulnerabilities and enterprise security.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts