US Senate the latest victim in spree of cyber attacks

14 Jun 2011

The US Senate has become the latest high-profile casualty of a cyber attack. Just days after Citigroup and the IMF confirmed they had been attacked, hacker group LulzSec has boasted it has been behind the attack on the US Senate.

Fortunately, nothing particularly secret was lost in the latest data breach. Last night, LulzSec announced the Senate was its latest conquest and posted basic information on the file systems, user logins and the Apache web server configuration files.

“They also dumped a directory listing of what appears to be every single file on the server,” explained Chester Wisniewski of security firm Sophos.

“Under the Computer Fraud and Abuse Act, this hack could earn someone five to 20 years in prison, if convicted,” Wisniewski said.

At the end of its post, LulzSec appears to be taunting the American authorities:

“This is a small, just-for-kicks release of some internal data
from – is this an act of war, gentlemen? Problem?

– Lulz Security”

A portent of ‘Doom’

Wisniewski said LulzSec also attacked Bethesda Softworks, the makers of Quake, Fallout, Doom, Elder Scrolls and other big-name video games.

“It is unclear why LulzSec decided to attempt to embarrass yet another video-game company other than to show off.

“They made a statement on their website suggesting they needed to prove they were better hackers than the group who recently hacked the website of Bethesda’s new game, Brink.

“It is difficult to explain random acts of sabotage and defacement, so I am not going to attempt to get into the heads of those behind these attacks. About the only take-away is that it’s best to secure your web assets against these types of attacks before rather than after,” Wisniewski said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years