The Internet has become a playground for gangs looking to steal private data and influence business and political action. The two biggest gangs on the Internet are Anonymous and Lulz Security. Lulz is a play on laughing out loud or LOL, and refers to laughs at someone else’s expense. These groups are loosely formed with little or no central management and comprised of thousands of hackers. Often called cyber activists or hacktivists, these groups hack business and government systems supposedly for some righteous cause. Lulz Security often hacks systems to expose security flaws, but also steals private information which it posts to the public Web. Anonymous attacks the systems of businesses and governments that hold positions or take actions with which Anonymous disagrees.
This week Anonymous launched a distributed denial of service attack, or DDOS, against the website of Spain’s national police force, making the site inaccessible for over an hour. Anonymous says that the attack was an act of retaliation for the recent arrest of three Anonymous members on charges of cyber attacks against Sony, governments, businesses and banks. Meanwhile Turkish police have detained 32 members of Anonymous on suspicion of planned attacks against a number of Turkish websites. Anonymous has targeted Turkey in protest against what Anonymous says is government censorship of the Internet.
This week Lulz Security hacked websites belonging to the U.S. Senate and the CIA, along with a database belonging to video game company Bethesda Softworks. Private customer data from Bethesda was posted to the Web along with some internal data from Senate.gov. Lulz Security has hacked many sites in recent weeks including News Corp, PBS, Sony Pictures, and Nintendo. Lulz has opened a phone line for the public to use to request Web sites to be hacked.
Gaming company SEGA has shut down its gaming network after being hacked last week. SEGA says that private information belonging to 1.3 million users was compromised. The hacker group Lulz Security has unexpectedly vowed to track down and punish the hackers who broke into SEGA’s database.
While Anonymous and Lulz have been responsible for many of the recent cyber attacks, it’s still unclear as to who pulled off the recent major attacks against the International Monetary Fund and Citibank. This week Citibank upped its number of compromised accounts to 360,000. Some have speculated that these attacks originated outside the U.S.
Businesses and governments are scrambling to build defenses against hacker groups like Anonymous and Lulz, as well as hostile governments participating in cyber warfare. The Senate is considering legislation that would classify attacks against governments’ Web sites as an act of war against the U.S. The Obama administration has been pressing Congress to pass stronger cybersecurity measures, including a doubling of the maximum sentence for potentially endangering national security to 20 years in prison. Many companies are employing hackers to help protect their networks. Security experts say that companies need new tactics to fight the next wave of cyberattacks.
- Spanish police website hit by cyber attack: report [Reuters]
- Turkish police detain Anonymous members: Anatolian [Reuters]
- Sega says 1.3 million users affected by cyber attack [Reuters]
- Game Company Bethesda Is Latest Hacker Target [NewsFactor]
- LulzSec Posts Stolen E-Mail Addresses, Passwords [NewsFactor]
- CIA website goes down, hackers claim responsibility [Reuters]
- Sega attacked, hacker group offers to take revenge [Reuters]
- LulzSec Offers To Hack Web Sites by Request [NewsFactor]
- Hackers Claim to Breach Senate’s Web Site [NYTimes]
- Hackers might face stiffer sentences in U.S. [Reuters]
- Citi says 360,000 accounts hacked in May cyber attack [Reuters]
- Analysis: Banks seek cybershelter with “ethical hackers” [Reuters]
- Data Security Is a Risk-Management Problem [Tech Review]
- Prepare for the “Advanced Persistent Threat” [Tech Review]