LulzSec, Anonymous Hacker Arrests Won't Solve Security Attacks

By Wayne Rash  |  Posted 2011-07-27 Print this article Print

News Analysis: Even if law enforcement organizations arrested everyone in Anonymous and LulzSec tomorrow, it really won't solve the problem of network intrusions, botnets and attacks.

The FBI and Scotland Yard should be praised in their ability to track down, identify and arrest members of the related hacking organizations Anonymous and LulzSec. The cyber-sleuthing they did is not easy. When you have to do it well enough for the arrest to hold up in court, it's harder still. Unfortunately, it's not going to solve the problem.

While the arrest of 12 members of the Anonymous hacking group, as well as two of the reputed six-member LulzSec team, may have taken these specific people off the street, the fact remains there is a limitless supply of people who want to break into computer networks, the higher the profile the better. Anonymous has already threatened a retaliatory attack on the FBI for the arrests. Whether they go through with the threats and whether the attacks, if attempted, are successful remains a mystery until it happens.

But it's a virtual certainty there will be further attacks on the FBI. Likewise, there will be more attacks on Scotland Yard and on any number of other law enforcement and intelligence organizations. These targets are just so tempting that even a mediocre hacker wants the bragging rights.

And that's one of the problems with the collection of hackers these days. Some are just in it for the bragging rights. It doesn't really matter if your important data is encrypted, hidden away and unable to be copied. Some of these people aren't after that. They just want to be able to prove they visited your company, breached your security and then left a message behind that they did it.

Problem is, if they can break into your battle-hardened network, so can someone who has all of the money they need, all of the best talent, and a strong motivation to steal information from you. That someone could be a state-sponsored hacker, a terrorist, a freelance cyber-thief in it for the money, or even a competitor. One way or another, someone is trying to get into your secrets and steal them.

However, it's important to note that a successful attack from Anonymous or some other organization should be a warning. At the very least your security is inadequate. You need to find out how the attack took place and you need to fix it.

Wayne Rash Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazine's Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.

He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel