Lulzsec takes down the CIA website

Well I really don't know what to say to this: http://igl-security.blogspot.com/2011/06/lulzsec-takes-down-ciagov.html

First senate.gov and now cia.gov

 

Wow I don't know what to say either.

 

First, a point of clarification. The attack on senate.gov was a breach, involving intrusion and data theft (plus release of stolen data). The recent attack on the CIA webpage is a DDoS.

Yesterday Lulzsec decided to go on a DDoS rampage. They called it "Titanic Takedown Tuesday", and they hit websites for The Escapist Magazine, Minecraft, EVE Online, and League of Legends. They only DDoS'd these servers, not claiming any data theft or intrusion. They were also bragging that these attacks only consumed '0.4%' of their botnet resources.

Interestingly, they also traded barbs with 4chan's /b/ board - Notably synonymous with "Anonymous". They called Anonymous small time, basically, and then purported that 50% of Anonymous were unknowing members of the Lulzsec botnet.

In another spin, they were taking phonecall requests for hacks. Eventually their phone lines got flooded - so earlier today they redirected their phone calls to two places: Blizzard's World of Warcraft Customer Support line, and the FBI tip line. They called it a "Phone DDoS".

All of this information is according to their Twitter.

Lulzsec have made it clear that the only agenda they operate with is one of schadenfreude. They attacked gamer resources and servers yesterday, according to them, because the response and anger were what they desired. Attacking Federal Government websites seems a bit different, but they're clearly feeling rather selfsure and confident that they'll not be caught.

We'll see if their Hubris lasts in the long term.

Personally I'm a bit terrified of their actions and indiscriminate target selection.

 

You forgot to mention the magnet place. And someone on Twitter said that they spoke to the FBI office and they claim not to have received a phone flood.

I secretly love Lulzsec

 

Reminds me of this.

 

Wow, that's some striking news.

 

Pathetic. SQL Injections and DDoS... is that all they can throw at the government?

Can't wait till these script kiddies get their **** ruined by the government.

 

Don't you think it's rather pathetic that that's all it takes as well?. I find it hilarious they did that to Blizzard. WoW players are a terror themselves, block their ability to holler at some poor phone rep and Lulzsec might find themselves getting hit by thousands of 13 year olds

 

That would be an epic battle.

 

I've played WoW for the past 6 years, they'd take out Lulz and Anon. They wouldn't even have to have great hacking skills, they could just annoy the groups to literal death. Blizzard has to have an onsite psychiatric office, otherwise that company must be ran by robots.

 

Sure it's pathetic. But what the hell kind of self respecting hacker tries an SQL injection? And then resorts to DDoSing?

They're basically "hacking" by clicking a button and letting a program handle the rest.

edit: And the only pathetic thing is SQL injection. DDoSing just shows how pathetic the hackers are -- not the site being attacked.

 

Don't worry! ... when the internet kill switch comes we're all gonna be saved from the drama of these worrying hacking episodes

Seriously though, I don't believe even the geeks inside these so called hacking groups would be so dumb right now as to stir up the governments to create kill switches. I think the more dedicated dork is very aware the government is right now ramping up scare stories and looking to cash in by thought policing the internet.

Anyone with half a brain can see these are false flag operations designed to put fear into the internet user - 'wowee the internet is a big scary warzone' - this is enabling the justification to control how we use the web for the future. If you let them, these scummy stories about nerdy gangs and enemy governments constantly trying to bring down the American way of life will eventually destroy all the good thing's about the web. Screw the thought police.

LOL LMAO LMFAO LMAOROTF

 

To be fair, if you are pen testing, you go for the weak points. If SQL injection gets you what you need, then so be it.

 

Keyboard_Commando, that's what i'm referring to in my link.

 

Wow, everyday it gets worse

 

I can't see it getting better any time soon. When you have thousands of script kiddies armed with LOIC it is just too easy to do this.

 

1) SQL injections are a valid attack. (easy and skiddish yes, but still it's one of the main attacks tested for in web application pentesting).

2) I agree. The CIA or NSA should follow NATO and declare them terrorists already and hunt them all down. (when we discover they are all 13 year old kids or 40 year old men whom are unemployed we can laugh at them on tv). As much as I think governments misuses the terrorist excuse I think they should in this case. The basically are cyber terrorists. They even attack multiple countries.

 

Ah time to back door LOIC with another infamous NSA Trojan

 

Really though internet is unsafe Place Really unsafe

BTW The internet hasn't matured yet
we r in the black ages of internet

where Pirates and hacker Roaming the internet
like the middle ages when Kids used to steal in the street
remember those days ??

i think there is something need to be layed down

we need an internet Government we Need Some higher Force to control the internet this government

so no country can control it cut it on it citizen or do cyber crimes

I'm talking about real internet Police Or justice department


but this is all a sci-fi isn't it ?

 

You have no idea what you're asking for. That picture in your mind, you know, the one where an agency just goes after the bad guys, doesn't regulate anything else, doesn't try to pry where it isn't needed? That doesn't exist. Oh, don't worry, you will get your internet police, but you're not going to like it. There won't be a "good" internet police until we get rid of lawsuit happy entertainment entities and their lobbyists, and governments that hide behind wars on terror to get what they really want, more power and control. Pirates and hackers will always exist, no matter what happens, crime will go on. We're not in any "black ages", we're facing what happens when an entire planet gets connected, peoples' lives become digitized, and criminals have a playground in which they can romp around and cause havoc, knowing it will be a PITA to catch them, if law enforcement even tries. What were people expecting to happen?

 

Dude when i said we are in a dark ages i ment it
Dark ages of the internet Like the dark ages in real life

Robbers and criminals used to attack government Building More Often Police was weak
like what is happening today on the internet Gov sites getting attacked

in the dark ages there was pirates Real life pirates that steal your stuff
Like these day in the internet


I'm just saying Internet Task Force these days are weak we need Better stronger ones

We want justice system

I know hackers will always exist but in the future they will not be that powerful and there will be who to punish them track them


I think it's a Logical Way

the NATO Build their Task Forces a couple days ago " the Red team Task Force"

so what do you think


Thank God we Have Some Body Guards

 

Well let's get one thing out of the way first, the so called real "dark ages", was not called the dark ages because of crime, it was the supposed lack of education and spirituality (religion), which, of course further research showed that it really wasn't the case, but the term stuck. So no, the internet is not having a "dark age", because you can perhaps get better educated than ever before, and religion is everywhere on the internet.

In the future there will not be "less powerful" hackers and criminals. Since when did crime not keep up with crime fighting, or even surpass it? Newsflash, criminals use the same tech to evade detection/capture that law enforcement uses to catch them. We don't need more laws, we need them to enforce the ones already available. Read through the privacy forums here, and see what your "internet police" are really up to. You'll understand eventually, hopefully before you've lost everything for the sake of "protection" by your task force.

 

Also, HERE