Search

Thursday, 16 June 2011

LulzSec hackers claim CIA website shutdown

The hacker group Lulz Security has claimed it has brought down the public-facing website of the US Central Intelligence Agency.
The alleged attack on CIA.gov occurred on the same day the group opened a telephone request line so its fans could suggest potential targets.
On its Twitter feed, the group wrote: "Tango down - cia.gov - for the lulz".
The CIA website was inaccessible at times on Wednesday but appeared to be back up on Thursday.
It was unclear if the outage was due to the group's efforts or to the large number of internet users trying to check the site.
The CIA would not confirm if it had been the victim of an attack. In a statement, a spokesperson told BBC News: "The CIA's public web site experienced technical issues that caused it to respond slowly for a short time yesterday evening. Those issues are now resolved."
'Denial of service'
LulzSec has risen to prominence in recent months by attacking Sony, Nintendo, several US broadcasters, and the public-facing site of the US Senate.
On Wednesday it claimed to have launched denial of service attacks on several websites as a result of opening its "request line", although it gave no details.

Lulz Security attacks

  • May 7: US X Factor contestant database
  • May 10: Fox.com user passwords
  • May 15: Database listing locations of UK cash machines
  • May 23: Sonymusic Japan website
  • May 30: US broadcaster PBS. Staff logon information
  • June 2: Sonypictures.com user information
  • June 3: Infragard website (FBI affiliated organisation)
  • June 3: Nintendo.com
  • June 10: Pron.com pornographic website
  • June 13: Senate.gov - website of US Senate
  • June 13: Bethesda software website
  • June 14: EVE Online, League of Legends, The Escapist and others
The claim regarding the CIA.gov website emerged a few hours later. A CIA spokesman told the Associated Press the agency was "looking into" the report.
LulzSec publicised the details of its telephone hotline on its Twitter feed.
Callers to the US number are met with a recorded message, in a heavy French accent, by an individual calling himself Pierre Dubois.
While the 614 area code appears to relate to the state of Ohio, it is unlikely that this is its real location.
Lulz Security said it had used distributed denial-of-service attacks (DDoS) against eight sites suggested by callers.
It also claimed to have hit the websites of gaming magazine The Escapist, and multiplayer games EVE Online and League of Legends.
DDoS attacks typically involve crashing a website by inundating it with requests from computers under the attacker's control.
Lulz Security's fictional figurehead Pierre Dubois answer phone message
Little is known about Lulz Security, other than their apparent "hacktivist" motivation.
The organisations and companies that it targets are often portrayed as having acted against the interests of citizens or consumers.
Its high-profile attack on SonyPictures.com exposed the company's ongoing inability to secure users' personal data, LulzSec claimed.
Along with Anonymous, LulzSec has raised the profile of hacker groups as a potential threat to online services.
Hacktivists see their role as staging valid protests in the most high profile way possible, according to Peter Wood, founder of security consultancy First Base.
"The things they are exploiting at the moment are the sort of mistakes that organisations seem to have been making ever since they connected to the internet.
"Finally there are some players out there who are using them as a means to protest. Whether everyone agrees with them is a different question."

No comments: