Did UK police really arrest key LulzSec figure?

31 Jul 2011

The arrest of one of the alleged key figures in the LulzSec and Anonymous hacktivist collectives on Wednesday has been thrown into doubt after claims emerged online that the suspect is a decoy.

UK police arrested an 18-year-old male in the Shetland Islands as part of an ongoing investigation by the Metropolitan Police Service and the unnamed male was transferred to London. In a statement, the police said this was “a pre-planned intelligence-led operation”.

“He is believed to be linked to a continuing international investigation into the criminal activity of the so-called ‘hacktivist’ groups Anonymous and LulzSec, and allegedly uses the online nickname ‘Topiary’ which is presented as the spokesperson for the groups,” the Met statement said.

However, a post on the LulzSec Exposed blog said the Scotsman brought into custody is believed to be “the wrong guy” and had been set up to divert attention from the real Topiary. The post, attributed to a group called the Web Ninjas, claims the person who genuinely goes by that name online is not a teenage Scot. “We have collected enough evidence on Topiary and everything points to 23 year old Swedish,” the post states, going on to give the person’s name.

The post posits the theory that the hacktivist groups are deliberately trying to throw investigators off the scent. “We believe MET Police got the wrong guy and it happens because of lot of disinformation floating on the web (sic). LulzSec and Anonymous members are Master trolls and they are good at this.”

What’s not in dispute is the difficulty in proving attribution where computers are concerned. As security guru Bruce Schneier said during a visit to Ireland last year: “You never know when your trace ends. I can trace attacks back to computers, but the link from computer to chair is very difficult.”

Gordon Smith was a contributor to Silicon Republic