IT Security & Network Security News & Reviews: Tracking LulzSec's Career of Hacking Mayhem
Cyber-prankster group LulzSec announced on June 25 via a letter to its followers that it will cease its campaign of Web attacks. The group employed SQL injection and DDOS (distributed denial-of-service) attacks to attack various targets during its 50-day spree. Some of the attacks highlighted the poor security practices prevalent among senior executives of prominent companies, such as a vice president of Fox Broadcasting reusing a very simple password across multiple services. "Don't use the same password twice. Your laziness will not end well," the group warned on its Twitter feed. Interspersed with trash-talking about the victimized sites and announcements of new targets, the Twitter account contained helpful "lesson of the moment" tips, such as using prepaid credit cards to make online purchases. The targeted organizations varied from giant conglomerates such as Sony to law enforcement and other government organizations to ATMs and TV networks. LulzSec's stated goal was to have fun, to entertain others as well as themselves, and to share "lulz," the group said repeatedly. From May 6 to June 26, the question was, "Who are they going to go after next?" Below are some of LulzSec's victims, in somewhat chronological order.