LulzSec: Is it too cocky for its own good?

With a 19-year-old behind bars following network intrusions and denial of service attacks against “a number of international business and intelligence agencies,” the fate of LulzSec remains an open question.

If the group is strong, the arrest of LulzSec’s alleged ringleader is a short-term win for law enforcement agencies, but nothing else. If LulzSec isn’t exactly ready for prime-time, the flameout is spectacular. For its part, LulzSec said it’s more than a one man band on its Twitter account.

London’s e-crime unit said in a statement:

Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation.

The arrest follows an investigation into network intrusions and Distributed Denial of Service (DDoS) attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.

The teenager was arrested on suspicion of Computer Misuse Act, and Fraud Act offences and was taken to a central London police station, where he currently remains in custody for questioning.

Searches at a residential address in Wickford, Essex, following the arrest last night have led to the examination of a significant amount of material. These forensic examinations remain ongoing.

Note that this man in custody may not be the LulzSec leader, notes ZDNet UK. Nevertheless, it took all of a few minutes for a Pastebin post to give this 19-year-old a name. Take that link for what it’s worth. There is no confirmation just yet. Scotland Yard’s release hints at a LulzSec connection, but that’s it.

As Sophos noted, all eyes will now be on the LulzSec Twitter account. If LulzSec was a one-man band then that Twitter feed will be stopped in its tracks. Obviously that’s not the case. LulzSec continues.

When you ponder LulzSec’s attacks and the showmanship of the site (Love Boat theme) and Twitter feed, which was entertaining at times, it’s not a stretch to see a 19-year-old running the operation. In fact, the cockiness of the whole LulzSec operation seems a bit juvenile. Why would a group broadcast “Operation Antisecurity?” That effort was designed to be more like Wikileaks and expose hacks. If that was the aim, why would you broadcast such an operation?

If Anonymous is the serious hactivism group, LulzSec is the court jester. Think the Joker in the Batman series. LulzSec is organizing attacks against governments and corporate entities largely for the glory. LulzSec seems to be in the game for fame—not money.

However, LulzSec may be overstepping. It’s one thing to hack Sony, the CIA, FBI and the Serious Organized Crime Agency (SOCA). It’s quite another to thump your chest wildly about those attacks. If LulzSec is beheaded with this arrest it’s clear that the group’s cockiness only wound up law enforcement. Even veteran hacker Kevin Mitnick said that LulzSec was way bold.

Mitnick starts talking about LulzSec at about the 4 minute mark in the following video via CBS News’ What’s Trending.

On the other hand, LulzSec may inspire other hackers. Future groups may leave the cockiness at home and quietly do a lot more damage. It’s not like LulzSec’s potential demise will do much to shore up security efforts in various companies.

Related:

• Operation Anti-Security: LulzSec and Anonymous target banks and governments
• Wikileaks: A brief history, pre-2010
• LulzSec leaks 62,000 emails and passwords, also targets CIA
• LulzSec, Anonymous and hacktivism: Crappy security has caught up with us
• Lulz Security hackers launch telephone request line
• United States Senate has been hacked by Lulz Security
• 26,000 email addresses and passwords leaked. Check this list to see if you’re included.
• LulzSec, Anonymous and hacktivism: Crappy security has caught up with us
• Nintendo becomes latest server hack victim of Lulz Security
• Sony hacked again, another 1m passwords exposed

Around the network: