Two more individuals have been arrested for taking part in the attack against Sony and California county government Websites.
Bureau of Investigation
disclosed on Sept. 22 that it made arrests in San
Francisco and Phoenix of two alleged members of Anonymous and LulzSec.
The LulzSec suspect, Cody
"recursion" Kretsinger, of Tempe, Ariz., was charged with conspiracy
and the unauthorized impairment of a protected computer, according to an unsealed
. Kretsinger is
accused of taking part in a SQL injection attack against Sony earlier this
summer. If convicted, he faces up to 15 years in prison, according to a
statement from the FBI.
The Anonymous suspect, who the
FBI has not yet named, lives in San Francisco and has been charged with
attacking Santa Cruz County government Websites, FBI officials told Fox News.
The suspected member is apparently homeless, according to the report. It's
likely that the suspect relied on cheap or free Internet services at coffee
houses, cafes and libraries, Graham Cluley, senior technology consultant at
Sophos, wrote on the Naked Security blog
that the 8th
@LulzSec member was arrested. Finally reached count of
-1. Now, how do you arrest negative numbers?" Anonymous posted on the
AnonymousIRC's Twitter account. It's been long believed that LulzSec consisted
of seven members.
More warrants are currently
being executed in New Jersey, Minnesota and Montana, according to Fox News.
LulzSec is often considered
a splinter group from the collective Anonymous, a loose collection of
cyber-savvy individuals who band together claiming to fight for Internet
freedoms. Anonymous has defaced and shut down Websites belonging to the music
industry, companies that severed ties with WikiLeaks and various government
agencies. LulzSec burst onto the scene in May and attacked a wide range of
sites for "lulz" or for laughs and entertainment. While the group
officially disbanded in June, many of them remained active in later Anonymous
The FBI and international
law-enforcement agencies have been investigating the attacks and making arrests
for the past few months. In July, 16 alleged Anonymous members were arrested in
the United States and the United Kingdom. Since then, two other individuals
have been arrested, who are thought to have shared the online name "Kayla"
and were among the founders of LulzSec.
"They brought too much
attention to themselves and you could expect law enforcement to find
them," Rob Rachwald, directory of strategy at Imperva
wrote on the company blog. They were "extremely unfocused" and
bragged a little too much, disclosing a lot of information about their
activities, which "left an electronic trail with enough footprints,"
Attackers often used SQL
injection in their attacks. Imperva said in a recent report that SQL injection
has been responsible for 83 percent of data breaches that were the result of
hacking. On average, Web applications suffered 71 SQL injection attempts an
hour since July, the Imperva report found. Attackers increasingly bypass simple
defenses with new attack variants and often use automated tools to launch their
attacks, Imperva found.
LulzSec, made SQL injection
"a key part of their arsenal," the report's authors wrote.
According to the indictment,
Kretsinger allegedly used a proxy server to mask his IP address and erased the
hard drives used to carry out the Sony attack to avoid getting caught.
Approximately 150,000 confidential records were stolen and posted on the
LulzSec Website before being publicized on Twitter in that attack, which was
launched to criticize the Japanese entertainment giant's weak security.
As for the San Francisco
suspect, using Internet systems in public places may have made it harder for
authorities to track down who was launching the attack because the device is
shared, Cluley said. However, many of these places also have cameras that
authorities can use to gather evidence on who was using the computer at the
time of the attack, he noted.