LulzSec launches anti-government crusade, takes down U.K. police site
Attacks flourish because organizations haven't done security due diligence, says analyst
Computerworld - A day after a pair of hacker groups promised to step up their attacks against government Web sites, one of them claimed to have knocked the U.K.'s Serious Organised Crime Agency (SOCA) offline.
LulzSec today announced today that it had brought down SOCA.
"Tango down -- soca.gov.uk -- in the name of #AntiSec," the group said on its Twitter account Monday around noon ET.
"SOCA has chosen to take its Web site offline to limit the impact of the distributed-denial-of-service (DDoS) attack on other clients hosted by our service provider," the agency said in an emailed statement. "The SOCA Web site is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold."
LulzSec has claimed responsibility for a large number of recent database breaches and DDoS attacks, including against Sony and other gaming companies, the Central Intelligence Agency (CIA) and the U.S. Senate.
Although Computerworld was for a time unable to access the home page of SOCA, by 1:15 p.m. ET the site was online, although resolving slowly.
SOCA is a national police agency in the United Kingdom akin to the U.S. Drug Enforcement Agency (DEA) or Bureau of Alcohol, Tobacco and Firearms (ATF).
The attack followed the release of a manifesto Sunday by LulzSec that announced a new campaign against the world's governments.
"Welcome to Operation Anti-Security (#AntiSec)," the LulzSec statement read. "We encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word 'AntiSec' on any government website defacement or physical graffiti art."
LulzSec also said it was joining forces with Anonymous, another hacking group that last December led attacks against companies that had withdrawn payment and hosting services from WikiLeaks.
LulzSec is believed to be an offshoot of Anonymous.
"Top priority is to steal and leak any classified government information, including email spools and documentation," LulzSec said in its statement. "Prime targets are banks and other high-ranking establishments."
One analyst wasn't surprised by the success of LulzSec's attacks.
"There's still a lot of low-hanging fruit out there, plenty to embarrass companies and organizations," said John Pescatore of Gartner. "Unfortunately, it's pretty easy to do."
Pescatore said the rash of hacks and DDoS attacks was a fad, akin to the one 10 years ago when worms were rampant, caused by a disconnect between vulnerabilities and enterprise security.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!