According to reports, the LulzSec hacking group has claimed responsibility for a denial of service hack attack on the cia.gov website resulting in it being inaccessible for a while late yesterday.
LulzSec appears to have taken up the baton of high profile hacking from the Anonymous group in recent weeks, with attacks being reported to have hit the Senate, News Corp, Sony and even the UK National Health Service. Yet all these hacks have one thing in common: they all seem to be aimed at getting media exposure as much as anything else.
It could also be argued that they are exposing serious security shortcomings in web-based operations that really should know better, and certainly the likes of the Senate and CIA sites fall into that category. However, the light-hearted approach to the serious matter of hacking, with 'humorous' Tweets announcing them and claiming responsibility, have led to some security analysts to ask if LulzSec are just in it for laughs?
Not that the FBI is laughing, LulzSec members are currently wanted by the Feds for their activities which, at the end of the day, are in breach of the law no matter how much the group may want to paint themseleves as hacktivist pranksters.
The general public, however, would appear to get the funny side of the hacking according to a new survey from security outfit Sophos. When asked if they found "LulzSec’s activities amusing" an astonishing 56.85 percent of those asked thought they were. Only 39.74 percent thought it was funny and deserved though, with 17.12 percent thinking it amusing but not approving of the hacks nonetheless. Only 43.14 percent thougth hacking into corporate sites and launching DDoS attacks were no laughing matter.
"While some people think this is a fun game that can also help point out corporate security weaknesses, the truth is that companies and innocent customers are - in the worst cases - having their personal data exposed," said Graham Cluley, senior technology consultant at Sophos. "There are responsible ways to inform a business that its website is insecure, or that it has not properly protected its data. What's disturbing is that so many internet users appear to support LulzSec. You have to ask yourself if LulzSec has finally bitten off more than it can chew. After all, they've just poked a very grizzly bear with a pointy stick. LulzSec's cockiness may be their undoing," added Cluley.