As LulzSec sails into Anonymous seas - AntiSec lives on
by Steve Ragan - Jun 27 2011, 06:1650 days ago, a group of people dedicated themselves to causing chaos and embarrassment. They succeeded, and while at their height of their infamy, announced their departure from the public eye.
According to a final public note, LulzSec was only planned to be a 50 day exercise. With more than 250,000 followers on Twitter, and a hit list that includes large private firms, millions of exposed users, and government agencies, one could argue that it was a horrific, yet eventful exercise in Web security. No matter what side of the aisle you stand on.
“Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind - we hope - inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere,” the message stated.
Along with the note, LulzSec released one final cache of hijacked information.
Documents from NATO, AOL, and AT&T are mixed in with a SQL database taken from Hackforums.net, a list of email addresses and passwords from Priority Investigations, a list of public facing routers accessed with default authentication settings, and a list of usernames and hashed passwords from various game forums, including Battlefield Heroes Beta. EA has taken Battlefield offline while they work out their issues.
In addition, LulzSec released a list of IP block information. The list contains the IP ranges for various corporations including Sony, Viacom, Disney, EMI, Saga, QWEST, Liquid Web, and more. In all, more than a quarter million records were exposed in the largest of the leaked files alone.
According to the Associated Press, one of the main reasons that LulzSec walked away was boredom.
“We're not quitting because we're afraid of law enforcement,” one member of the group told the AP. “The press are getting bored of us, and we're getting bored of us.”
Only LulzSec and their AntiSec movement haven’t really left the Web. They’re still around. It’s just that they’ve moved a little further away from the public eye, and into a more Anonymous setting.
“We are working under the #antisec flag now gentlemen. LulzSec will live on forever as a successful operation. Much love to all,” said one known alleged LulzSec member, anonymouSabu, on Twitter.
Adding to that tweet, AnonymousIRC commented, “@LulzSec may fade away but all fellow lizards can rest assured that #AntiSec will not. LulzSec was our vanguard, now it's time to sail free!”
On Saturday, when the LulzSec ship was sailing away, those participating in the AntiSec movement were encouraged to continue, both by Anonymous and LulzSec themselves. As a result, AnonOps has opened their network to AntiSec discussions and participants.
“Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz,” LulzSec’s final remarks explained.
“We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we've gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don't stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.”
Given the goals of AntiSec, many security experts have weighed-in on a solution to the pending storm, and security vendors are working overtime to place their products in front of executives. However, the common mindset for many CIOs and CSOs is that nothing will help.
You can’t stop an insider from leaking, not if they truly wish to. Likewise, it’s near impossible to stop a targeted and persistent attack. The best, but far from perfect solution at this point, is to develop response plans and to strengthen existing layers of defense.
Once the plans and defenses are created and tightened, the second task is to test them. One way or another, network defenses and recovery plans will be tested. It’s just a question of who will be testing them. Security teams or attackers?
As LulzSec moves on, AntiSec will move forward. So sadly, CIOs and CSOs can’t really breathe a sigh of relief in this case.
Comment on this Story