I briefly mentioned in an earlier post that a band of computer hackers, known as “LulzSec” had been breaking into Sony. But as many people know by now, they also hacked Nintendo, Bethesda Game Studios, ZeniMax Media and pron.com, to name a few. By the way, this basically shows that they’re mostly a bunch of nerdy guys, breaking into video game websites and a porn site. It’s pretty clear they were up to mischief, but their odd mixed signals were baffling. For example, they hacked into the UK’s National Health Service (NHS), saying “We mean you no harm and only want to help you fix your tech issues.” This reminded me of the hackers who broke into the world’s largest experiment – the Large Hadron Collider (LHC) – in 2008. It caused a bit of panic in the beginning, but ended up being a harmless and important lesson: The LHC is not immune from hackers. And now we know, incidentally, neither are hackers themselves.
LulzSec also went after much more serious targets, such as the US Senate, FBI affiliates, and the CIA, releasing usernames and passwords from the websites (which is what they did for the pornography and video game websites as well). I was beginning to think that the hackers were going to get away with it, inspiring others to start their own hacking groups and earning the adoration of various “fans,” but they abruptly stopped their hacking spree on June 26, claiming to disband. I thought it was because they were afraid to be found out, but I was wrong, though. They had already been hacked.
As it turns out, the group appears to consist of 10 members, most of which are teens from the US and the UK, with one from Sweden and another from the Netherlands. Their goodbye message, after announcing that they would be disbanding, was this: “Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind — we hope — inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere.”
The message came days after a number of interesting events. A week prior to the disbanding, a 19-year old boy in the UK was arrested in an operation involving UK authorities and the FBI. Though he does not seem to be a major player in LulzSec, he is suspected to be a former member of the more widespread and overreaching hacking group “Anonymous,” from which LulzSec is believed to have been derived. Also a week prior, the group gave up the information of two of their own hackers, because the two had apparently snitched on them. Indeed, I never did believe in “honour amongst thieves.” In fact, a few days after they disbanded, on one of the two outed LulzSec members’ homes in Ohio was raided with a sealed warrant. It turns out that charges were not pressed, but at the very least, it’s clear that these hackers are not anonymous.
In fact, the anti-hacker-hackers known as the “A-Team” recently produced a lengthy post regarding the identity of all the members of LulzSec, in order for law enforcement agencies to find them. This coincided with their decision to disband. A number of hackers deserve credit for their work, and Adam Martin wrote an excellent article on just that for the Atlantic Wire a week ago. Here are some of the factions responsible for holding LulzSec accountable:
“The A-Team: This group of hackers made its debut this week when it published a large Pastebin post on Sunday, claiming to name members of LulzSec. So far, only one of those supposed LulzSec members has been raided, that we know of, and that raid happened before the A-Team’s post. Laurelai Bailey, a 29-year-old from Davenport, Iowa, told Gawker’s Adrian Chen this week that FBI members had raided her home last Thursday in a bid to get more information on LulzSec’s members.”
“The Jester: Known on Twitter as @th3J35t3r, he is a former military hacker who has been feuding with LulzSec on Twitter since the group first became active. Last week, the Jester claimed on Twitter to have outed the group in a pastebin posting. He also has a WordPress blog where he details evidence of the identities of its members. He works alone and LulzSec hates his guts. The group posted a screed against him on Pastebin before it ceased operation. The Jester usually targets higher-profile terrorists, and is suspected in yesterday’s takedown of al Qaeda’s Web site.”
“Web Ninjas: This group doesn’t want you to call them hackers. Per their blog, LulzSec Exposed, they’re “cyber vigilantes.” They’ve mostly focused on trying to make the case that Laurelai (who says on her own Twitter feed that she’s transgendered), is a man named Steven Lacey, who lives in Ireland.”
“M_nerva and hann: Former LulzSec associates, these two raised the group’s ire early on by leaking chat logs that eventually found their way to the pages of The Guardian. In response, LulzSec itself leaked their identities in a Pastebin post. M_nerva’s address is listed in Hamilton, Ohio, so it seems like a good bet that that’s where the FBI got the tip that led to this week’s raid.”
Another pseudonymous hacker called “Oneiroi” appears also to have contributed by crippling the LulzSec website.
The interesting thing about the computer-oriented world we are living in is that technology is developing much faster than the laws created for our protection. MSN, Skype, YouTube, Facebook, Twitter, etc., are all examples of technological advancements that allowed us to connect to one another. Courts are constantly struggling to keep everyone safe without impinging on people’s freedoms, but no one can presume to know what website will catch on. In fact, if you asked me five years ago, I would probably have said that Twitter is the dumbest-sounding website ever, and no one would want to go on a website to write 140-character “tweets…” but clearly I would have been wrong.
Cyber-attacks like the Stuxnet virus are being considered acts of war, and computer viruses are beginning to be seen as illegal activity; at least here in Japan, where it was recently criminalized. Hacking is another matter, but one that the legal system will have to address sooner or later. I’m guessing that in 20 years, there will be much more clear rules and regulations about illegal activity online, but then again, who knows what advances exist beyond the virtual horizon?
As for LulzSec, it looks like everyone is still free (at least for now). Also, it appears as though a new group known as “AntiSec” may be somewhat of a continuation, but this is just speculation. While groups like “ScriptKiddies” are busy breaking into news feeds – like the Fox News tweet that President Barack Obama was assassinated – others are pursuing them, trying to bring them to justice. So in this time of mystery, uncertainty, and anonymity, all we can say for sure is that the next time hackers think they are invincible, they just need to remember that there are also jesters and ninjas on the web.