Categories: SecurityWorkspace

Thank You LulzSec, You Gave As Much As You Took

Lulz Security has docked into a safe harbour and ended its 50 days of hacking mayhem. In a posting the group of six say goodbye to its “battlefleet” but the LulzSec members will probably be back in other guises.

“While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently,” they wrote. “Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you.”

Thanks For All The Fizz

It may seem odd but I think they deserve a big thank you for shaking the security professionals out of their smug self-confidence. In a world where there is a rising threat from much more sophisticated and heavily-financed hackers working for mafia-style gangs and nation states, the inconvenience and embarrassment caused by LulzSec has started a reassessment of security and emphasised the weaknesses of username/password access and storing unencrypted customer data on Web-facing databases.

Hopefully, the trickle of solutions now appearing will turn into a flood. It’s just a pity that the publishing of the booty grabbed during the raids caused so much collateral damage for the trusting customers that logged their details with the unsecure organisations.

During the seven weeks of the Lulz Ship’s voyage, it attracted attention from other hacking groups. Some joined the “battlefleet” with LulzSec’s blessing while others shifted the blame onto them for hacks from which the six “fun-loving” shipmates would probably like to be dissociated.

There was also a spat with Team Poison, a rival group that threatened to “out” the LulzSec crew. Team Poison member Hex0010 told Fox News, “We’re here to show the world that they’re nothing but a bunch of script kiddies.”

However, Poison’s latest exploit is a hack an address book of ex prime minister Tony Blair. Apart from revealing Blair’s National Insurance number (assuming it’s real), the rest of the file is pretty dull – a collection of addresses and phone numbers for family members and business and political associates.

Tell Us Something We Don’t Know

Much of the material is freely available on the Web, including the 10 Downing Street phone number which turns out to be the press office – a number known to hundreds of journalists and one that can be found elsewhere on the Web.

The fact that Blair’s address book – wherever it was found – is hackable is hardly surprising, especially as we are all probably just as vulnerable. Ironically enough, I would suspect the average script kiddie could have hacked this one.

Publishing the details is irresponsible because it could put lives at risk, given Blair’s role in the Afghan and Iraqi wars. But even saying that gives it an importance it actually lacks as I managed to find most of the information elsewhere on the Internet. The publishing alongside this of the curriculum vitae of Katie Kay, his special advisor, just adds to the pointlessness.

Whether they realised it or not, the fun-loving LulzSec team (discounting the hangers-on) performed a public service by pointing out failings in the system but the Blair “revelation” is just a malevolent hack.

The database was actually downloaded last December but Team Poison only felt it necessary to publish it now – so who are the real attention seekers?

Eric Doyle, ChannelBiz

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

View Comments

  • Finally some true journalism where facts are checked, I for one applaud you sir. Thank you for pointing how just how two faced Team Poison are in their elitist hunt on Lulzsec, I also did not realise they had sat on Blairs bland information since December, who are the media seekers now ...

  • So it was irresponsible of team poison to post what you consider bland details which you could mostly find on the internet.

    Lulzsec however posting the addresses etc of law enforcement officers and their families, well that was a pity, but we should all thank them for that apparantly.

Recent Posts

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

17 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

19 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

21 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

21 hours ago