Lulzsec Hackers Take Down CIA Site And Hit Senate

The Lulz Security (Lulzsec) group of hackers claims to have taken the CIA’s public website offline with a denial of service attack on Wednesday.

The group, best known for its attack on Sony, which is expected to cost the company more than $150 million (£93m) hit the CIA site on Wednesday, having attacked the United States Senate over the weekend. Politically motivated cyber attacks seem to be on the rise in the US, with the Anonymous group calling for attacks on the Federal Reserve earlier this week.

No sensitive CIA data taken

Lulzsec announced that a DDOS (distributed denial of service) attack had overloaded the CIA site in a Tweet yesterday: “Tango Down–cia.gov–for the lulz,” it wrote on Twitter.

However, CIA authorities quickly reassured the public that this was only an attack on the public-facing site, and no sensitive data from behind the firewall had been accessed. The site was apparently unavailable for up to a few hours on Wednesday, but some have suggested that the site may have in fact been overloaded by gawpers wanting to check on Lulzsec’s claims.

During the weekend, however, it did access a server belonging to the US Senate, but again without causing damage or gaining sensitive data.  “We don’t like the US government very much,” Lulzsec boasted online. “Their boats are weak, their lulz are low, and their sites aren’t very secure,” adding that the hack was “an attempt to help them fix their issues.”

For “additional lulz”, the group posted file directory and configuration details of the server they had accessed.

Hacks and protests increase in strength

Lulzsec and Anonymous are politically motivated “hacktivists” who have increasingly turned their attention from protests over copyright protection to attacks on government sites in places including Algeria, Chile, Colombia, Egypt, Iran, Libya and New Zealand

Governments are starting to round up alleged hacktivists: three suspected members of Anonymous were arrested last week in Spain, and thirty-two suspects were detained in Turkey. In January the five Anonymous suspects were arrested in Britain, and the FBI has issued at least forty arrest warrants.

Meanwhile, hacktivists’ efforts are increasingly causing real economic damage. Anoymous famously supports WikiLeaks’ Julian Assange, and attacked financial sites such as Mastercard for withdrawing banking services from WikiLeaks. Lulzsec’s attack has cost Sony dearly.

“The attack on Sony will have cost £175 million,” said Simon Leech, EMEA director of HP’s TippingPoint security division. “Last year, the largest attack reported cost £35 million.”  Faced with more efficient attacks, organisations “need to change how they deal with security,” he said at an HP security briefing in London.