Salted Hash — IT security news
About this Blog:
IT security news analysis, over easy!
Whatever, LulzSec
LulzSec has called it quits after 50 days. But this stupid saga is far from over.
My colleague James Niccolai from The IDG News Service broke the news this way:
The computer hacking group LulzSec said it had ended its campaign of cyberassaults on government and corporate websites and that it was time for it to "sail into the distance."
Its announcement came three days after LulzSec released its latest trove of internal documents, stolen from the Arizona Department of Public Safety computer network, and four days after U.K. police said they had made the first arrest of a man allegedly affiliated with the group.
"Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind -- we hope -- inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love," the group said in a post on the Pastebin website. "If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere."
LulzSec spent much of May and June attacking websites and computer networks of the U.S. Central Intelligence Agency, the U.S. Senate, the U.K.'s Serious Organised Crime Agency, the Brazilian government and the energy giant Petrobras, among others.
Some folks found this group amusing. I was not one of them.
In a couple earlier posts I suggested that LulzSec's brand of fun falls short of the grown-up approach we need to improve security.
Call me humorless. Call me a moaner. I don't care.
Companies that are lax on security need to be exposed, for sure. But the LulzSec approach wasn't the way to do it.
When you attack someone for fun, all you do is contribute to the picture some execs have of security pros as young punks who care more about notoriety than about helping them secure their infrastructure.
When you attack someone to make a point, the results aren't much better.
LulzSec may have folded, but don't doubt for a second that the members are done with their games. They'll be back in some other form, under some other name, with some other agenda.
We're already seeing stories about LulzSec members joining forces with Anonymous.
This is the new normal, unfortunately.
--Bill Brenner
My colleague James Niccolai from The IDG News Service broke the news this way:
The computer hacking group LulzSec said it had ended its campaign of cyberassaults on government and corporate websites and that it was time for it to "sail into the distance."
Its announcement came three days after LulzSec released its latest trove of internal documents, stolen from the Arizona Department of Public Safety computer network, and four days after U.K. police said they had made the first arrest of a man allegedly affiliated with the group.
Get your morning news fix with the daily Salted Hash e-newsletter! Sign up today.
"Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind -- we hope -- inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love," the group said in a post on the Pastebin website. "If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere."
LulzSec spent much of May and June attacking websites and computer networks of the U.S. Central Intelligence Agency, the U.S. Senate, the U.K.'s Serious Organised Crime Agency, the Brazilian government and the energy giant Petrobras, among others.
Some folks found this group amusing. I was not one of them.
In a couple earlier posts I suggested that LulzSec's brand of fun falls short of the grown-up approach we need to improve security.
Call me humorless. Call me a moaner. I don't care.
Companies that are lax on security need to be exposed, for sure. But the LulzSec approach wasn't the way to do it.
When you attack someone for fun, all you do is contribute to the picture some execs have of security pros as young punks who care more about notoriety than about helping them secure their infrastructure.
When you attack someone to make a point, the results aren't much better.
LulzSec may have folded, but don't doubt for a second that the members are done with their games. They'll be back in some other form, under some other name, with some other agenda.
We're already seeing stories about LulzSec members joining forces with Anonymous.
This is the new normal, unfortunately.
--Bill Brenner
CSO's Daily Dashboard gives you a one-stop view of latest business threats. We created it for you! Bookmark it! Use it!
Previous Post: Follow Friday: Security pros to find on Twitter, June 24Next Post: Federalizing cybersecurity: Necessary or nitwitted? (a sequel)
WEBCAST
Transition Confidently to the Cloud
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
WHITE PAPER
Magic Quadrant for Enterprise Information Archiving
Gartner evaluates vendors offering products and services that provide archiving for email, files and other content types.
Recent Comments
Webcasts
White Papers
