The anonymous group of hackers LulzSec has done it again. After hacking the Senate website, the intrepid group targeted the CIA with a denial of service attack. LulzSec later tweeted, “Tango down – cia.gov – for the lulz.” An hour later they tweeted, “Lulz Security, where the entertainment is always at your expense, whether you realize it or not. Wrecking your infrastructures since 2011.”
Two hours after that, Wikileaks tweeted that LulzSec were among their supporters. While this is possible, a quick review of the sites targeted by LulzSec seems to indicate that it focuses on a wide range of groups in the U.S. and U.K., and that the Senate and CIA hacks represent a new foray into politicized hacking. Earlier attacks include everything from PBS and Sony to a list of contestants for the X-Factor reality show.
The list has not been updated to include the CIA, leading some to believe that they did not take or even access any sensitive information. The attack focused on the CIA’s public page, which is accessible to anyone.
Still, the CIA does not look good if even that page can be hacked. Security expert Graham Cluley told the Huffington Post, “I think the guys at LulzSec may have just made the biggest mistake of their lives. The CIA aren’t going to like having their nose bloodied like this.”
On the other hand, LulzSec could be commended for pointing out security flaws in federal websites, whether it is the Senate or the CIA. They have shown that these sites can be accessed by talented hackers, operating independently. This raises questions as to how vulnerable government sites are to concerted efforts by hostile governments to infiltrate them.
Other governments are not taking it well, with Time Magazine reporting that authorities in the U.K., Turkey, and Spain have arrested as many as 32 people believed to be associated with Anonymous, another loose group of hackers, best known for their Guy Fawkes mask logo, derived from the film “V for Vendetta.” The article goes on to speculate that LulzSec is an Anonymous splinter group.
Yet even the sweep fails to address the crucial problem that government websites are vulnerable. In effect, the arrests are attacking the messengers, not that important message.
On the other hand, the CIA and other government groups may already be preparing to retaliate with some hacks of its own. Forbes reports that a hacker known as th3j35t3r who has recently assisted the military in penetrating the sites of extremist groups, has issued a challenge to LulzSec on Wednesday night, saying, “Your last hit. Gloves off. Expect me.” A LulzSec tweet, since removed, asked, “U mad, bro?”
Seems like some officials certainly are.