Plan B Forum

Move over Anonymous - a new hacking group is on the block and in just a few weeks it has claimed several high-profile scalps including the CIA, US Senate, an FBI affiliate, Sony and several video games companies.

The CIA's website has been knocked offline today and the hacker group, which calls itself Lulzsec, has claimed responsibility. The group has amassed more than 150,000 followers on Twitter and yesterday even set up a US phone hotline for people to call and request targets.

Security journalist Patrick Gray, who runs the Risky.biz podcast, said the recent hack attacks proved that "there is no security".

The Lulzsec hacks come after Australian banks, government departments and other organisations were forced to upgrade their security rapidly following a breach at security provider RSA. The RSA breach resulted in a break-in at defence contractor Lockheed Martin.

Sony, following a major breach of its PlayStation Network that exposed millions of accounts and credit cards, has spent the last few weeks fending off dozens of successful attacks on its networks and websites around the world.

Lulzsec has claimed responsibility for some of these Sony attacks including against Sony Pictures, Sony Music Japan and others.

"The mainstream media are having fun criticising Sony for its poor security, but do we honestly think for a second that the XBox Live network can't be similarly [hacked]," Gray wrote.

"Is there any target out there that can't be 'gotten'?"

The group has also targeted the US Senate website, Nintendo, game developer Bethesda Software, FBI-affiliate Infraguard, US media company PBS and several online multiplayer games such as EVEOnline, League of Legends and Minecraft.

In many of the attacks, including on Bethesda, the US Senate and pornography website pron.com, Lulzsec also released sensitive data online such as the usernames and passwords of users. These lists even revealed that people with White House email addresses had signed up to watch porn.

"While some people think this is a fun game that can also help point out corporate security weaknesses, the truth is that companies and innocent customers are - in the worst cases - having their personal data exposed," said Graham Cluley of computer security firm Sophos.

"There are responsible ways to inform a business that its website is insecure, or it has not properly protected its data. You don't have to put innocent people at risk. What's disturbing is that so many internet users appear to support Lulzsec as it continues to recklessly break the law."

Lulzsec claims it is conducting the attacks "for the lulz", which is internet parlance for "for the laughs".

Other attacks to hit the news recently include a breach of Gmail accounts connected to activists in China and a hack on the International Monetary Fund.

Read more: http://www.smh.com.au/technology/securi ... z1POsWFiZe

dales wrote:Ahead of their time?



Steve Jobs' iCloud version NOT included.

Sean wrote:http://en.wikipedia.org/wiki/Cloud

The UK Serious Organised Crime agency has taken its website offline after it appeared to be a victim of an attack by hacking group Lulz Security.

Soca said it had taken its website offline to limit the impact attack on clients hosted by its service provider.

Soca.gov.uk had been unavailable for much of Monday afternoon, with an intermittent service restored later.

Lulz Security has said it was behind the denial of service attack which had taken the website offline.

Earlier on Monday, as the agency launched an investigation, LulzSec tweeted: "Tango down - in the name of #AntiSec".

The group has hit a number of high-profile websites in recent weeks, including the CIA and US Senate.

Soca appeared to be the victim of a distributed denial of service (DDoS) attack, where large numbers of computers, under malicious control, overload their target with web requests.




http://www.bbc.co.uk/news/technology-13848510