Lulzed Into A False Sense of Security

LulzSec, the grand jester

Do you follow Internet security news? If not, this story may not have grabbed you yet, but I think it’s a story that’s getting to be big and interesting.

First, a little bit on the name. I’m not cool enough to have already known, so I had to look it up.  The term lulz seems to mean amusement at the expense of others. It is not the plural of "lol."

Making news in the Internet Security community these days is Lulz Security, or LulzSec, a hacking group that seems to be dedicated to creating chaos by hacking into big targets. They’ve bagged some pretty big game lately, including some law enforcement and federal government sites. But more of their targets have been online gaming companies.  In some attacks they merely deface web sites, in others they break into servers and get the user database, sometimes gaining real control by getting account credentials for privileged administrative accounts. Recently, they seem to have branched out into distributed denial of service attacks against a range of targets. 

There is a certain Robin Hood vibe, though, as so far there is no evidence that LulzSec has done anything to profit financially from the attacks.  Still, I don’t think they can really be called "White Hats" or ethical hackers since they aren’t simply finding vulnerabilities and responsibily reporting.  They are exploiting and causing downtime or defacement, all seemingly in the name of amusement.  But whatever else you might say about LulzSec, I think we have to admit that they seem to be expert and organized.

Keep an eye on the tech news to hear what’s happening and coming next from LulzSec.  

Do you have thoughts or opinions on LulzSec and their activities?  Do you know more about their activities than I posted here and want to share? Please post your thoughts and opinions here in the comments.

Links:

• http://lulzsecurity.com/
• http://lulzsecurity.com/releases/
• http://arstechnica.com/tech-policy/news/2011/06/titanic-takeover-tuesday-lulzsecs-busy-day-of-hacking-escapades.ars
• http://www.informationweek.com/news/government/security/230600152
• http://www.pcworld.com/businesscenter/article/230319/lulzsec_attacks_gaming_sites_just_for_laughs.html
• 
  

 [If you enjoy this blog, please +1 it below, share it on Facebook or Twitter, or suggest it to your friends .  More readers will drive more discussion.]