Friday, June 17, 2011

LulzSec claims CIA website hack

          The CIA's main public facing web site appears to have been taken down by hacking group LulzSec earlier today. The group, which has previously claimed responsibility for hacking into Sony Pictures , tweeted this afternoon about bringing down the CIA site.

          "Tango down - cia.gov - for the lulz," the loosely organized group said in the tweet. As of late this afternoon, the CIA's main website, at www.cia.gov, appeared to be resolving somewhat slowly or not at all in some cases.

          It is not immediately clear if the intrusion resulted in any information being compromised. The CIA hack adds to what has already been a very busy week for LulzSec. The group this week also claimed credit for breaking into servers belonging to the U.S. Senate and to game maker Bethesda Software. A spokesman from the Senate's sergeant at arms had noted that the group had managed to break into an account at a Senator's office and used that access to compromise the Senate server.

          LulzSec, which until recently was a relatively unknown group, also announced earlier this week that it would accept hacking requests from anyone who wanted specific websites targeted. "Call into 614-LULZSEC and pick a target and we'll obliterate it," the group announced on Tuesday. Tweets posted by the group Tuesday and Wednesday suggest that those who dialed the numbers were being automatically redirected to other numbers.

          "Our number literally has anywhere between 5-20 people ringing it every single second. We can forward it anywhere in the world. Suggestions?" LulzSec said in a tweet earlier today. The group dubbed yesterday as Titanic Takeover Tuesday and claimed credit for breaking into several gaming sites including Eve Online, Minecraft and League of Legends. "Welcome to #TitanicTakeoverTuesday where everyone is laughing at crybabies getting Lulz Cannoned!," the group said.

          The continuing string of attacks show "how just about everyone's perimeter defenses are vulnerable to attack," said Josh Shaul, CTO at Application Security Inc. "Security teams need to focus their efforts on securing data where it lives, in the database, instead of continuing in the failed strategy of protecting the borders of the network," he said.

           "Hopefully some good will come from this string of high profile hacks. For a long time organizations have vastly under invested in it security. This could be the inflection point where that all changes," he said.

0 comments:

Post a Comment