Four British hackers, members of the hacker collective known as LulzSec, were sentenced this week for a series of cyber attacks on corporate and government websites in 2011. The four men were Ryan Cleary, sentenced to 32 months, Jake Davis for 24 months, Ryan Ackroyd for 30 months, and Mustafa Al-Bassam for a 20-month suspended sentence (Al-Bassam was a minor when he committed the crimes).
Unlike Anonymous, another group of so-called "hacktivists," LulzSec had a clearly defined group of members motivated primarily by "anarchic self-amusement." The name is derived from "lulz," a distortion of the acronym "LOL," and security. Its self-proclaimed leader was arrested in Australia last month for hacking in to a government website and could face up to 10 years in prison. Their previous leader, Hector Monsegur, had been working with the FBI as part of a plea bargain after his arrest in 2011. LulzSec causes havoc primarily through DDoS attacks which flood websites with high traffic.
Now that most of their members are behind bars, it would be prudent to revisit their 7 biggest targets.
Their most infamous attack was the dumping of 37,500 customer records from Sony Pictures on to the online torrent website The Pirate Bay. Names, addresses, email addresses, dates of birth, and passwords were published. This attack reportedly cost Sony $100 million.
LulzSec also took down the CIA's public website, showing even the world's most famous spy agency was not safe from their criminal behavior.
In response to the Obama administration considering cyber attacks as acts of war, LulzSec went after InfraGard, an FBI-affiliated program that deals with cybersecurity. The group defaced the website and released usernames and passwords from government agencies including the FBI, the FAA, the USDA, and the Nuclear Regulatory Commission.
After PBS aired a Frontline Show called WikiSecrets which showed an unfavorable image of Wikileaks, LulzSec posted a news story that said dead rappers Tupac Shakur and Biggie Smalls were actually still alive in New Zealand. They further released thousands of PBS users' passwords.
The hacker group also targeted the Arizona Department of Public Safety, allegedly because of its "anti-immigrant policies" and the passage of the controversial SB1070. Released documents discussed border patrol and counterterrorism operations along with descriptions of informant activities.
LulzSec also targeted media mogul Rupert Murdoch by publishing a fake story on one of his news websites, the Sun, claiming he had died. This hacking was allegedly in response to journalists employed by Murdoch hacking in to mobile phones to listen to the voicemails of news subjects like soldiers killed in Iraq, members of the Britih royal family, and 9/11 victims.
Despite being fans of videogame maker Bethesda Softworks, LulzSec still posted database passwords and the source code for the company's website. The group purportedly had further data on users of Bethesda Softworks' game Brink but held back on releasing them because they "actually like this company."