United States Senate has been hacked by Lulz Security

United States Senate has been hacked by Lulz Security

Summary: In the wake of 26,000 emails and passwords being leaked, Lulz Security has a new target: the United States Senate.

SHARE:

Just days after the public release of 26,000 email addresses and passwords, Lulz Security has raised the bar considerably by releasing internal data obtained from a U.S. Senate Web server. To quote their release notes:

Greetings friends,

We don't like the US government very much. Their boats are weak, their lulz are low, and their sites aren't very secure. In an attempt to help them fix their issues, we've decided to donate additional lulz in the form of owning them some more!

This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen? Problem?

An act of war? They should hope not with a target like this.

What follows the release notes is a considerable amount of data pertaining to the internal server structure of Senate.gov, the official website of the United States Senate. Also included amongst the pile of data is the email address of a server administrator, Chris Vontz. Talk about putting out fires; Vontz is sure to have a long night in response to the attack.

Internal US Senate Web Server Information

Internal U.S. Senate Web Server Information

While the full data set released by Lulz Security isn't particularly interesting to the average individual, the target of this attack, is. It puts an even larger target on the rogue group, and if they thought they were being pursued before, suffice it to say, the ante has been upped considerably. Not only would the U.S. Government likely prefer to keep private data (or what should be private data, at least) private, but the embarrassment of such an attack most likely has some people in high places beginning to marinate in a stew of vengeance.

The question now is how long it will take to catch the individuals involved with Lulz Security. It's not going to take much for them to potentially slip up now that they're targeting property of the U.S. Government. The worst of all fears here is if Lulz Security happens to pull off an exploit of epic proportions; something to the effect of Social Security numbers, names, addresses, phone numbers, etc. While it's highly unlikely they would ever obtain information like that from a U.S. Government site exploit, other targets of theirs may prove significantly easier to infiltrate and obtain any combination of the aforementioned sensitive data.

All-in-all, PBS, Sony, Nintendo, Fox, Bethesda Software (also targeted alongside the release of the U.S. Senate information) and now, the U.S. Senate have all been victims of Lulz Security's exploits. There is undoubtedly more to follow, what with all they have made available thus far, but when is enough going to be enough? The point has been made at this juncture that all entities, small and large, should invest in bettering their security -- be it through software, better password implementation, or otherwise.

And while we are on the topic of these rogue hacker groups, Spain and India have now hopped aboard the victim train thanks to entities other than Lulz Security. It seems the world of underground rogue hackers (who are actually more appropriately labeled as "crackers") has come alive, all influencing and driving one another. Perhaps even more senseless than having a point to prove is the notion that various groups are simply trying to one-up each other. Such affairs tend to leave many helpless individuals lying in the aftermath of pointless endeavors.

What are your thoughts? Do you agree with what Lulz Security and other similar groups are ultimately trying to bring to light with their exploits, or do you think it's just one big game to these people? Do you personally have any concerns over this wave of attacks? Please share your thoughts in the comments below.

-Stephen Chapman SEO Whistleblower

Related Stories

Topics: Servers, Hardware, Malware, Security, India

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

95 comments
Log in or register to join the discussion
  • RE: United States Senate has been hacked by Lulz Security

    Good excuse for the senate and the government to mandate and pass even more ridicolous surveillance, monitoring and "anti-terrorist" laws. Conspiracy theories anyone?
    ff2
    • RE: United States Senate has been hacked by Lulz Security

      @ff2

      Exactly. This will be the cyber equivalent of the Iraq war (the second Iraq war). We will lose our freedoms in the name of preserving justice and peace. LulzSec is being nothing but foolish because even if they don't get caught, they will certainly bring an incredible amount of damage to society. Anyone else read "Industrial Society and it's Future"? If not I suggest you go read the infamous manifesto. It is proving to be more and more prophetic as time goes on.
      josh92
      • RE: United States Senate has been hacked by Lulz Security

        @josh92 The failures in our failure of a government are already doing that.
        Jimster480
      • RE: United States Senate has been hacked by Lulz Security

        @josh92

        Certain entities in government creates problems so they can use their private company solutions. Example Halliburton. I would go as far as saying someone created this "luly security" company. A few million dollars will get you billions -ask Dick Cheney. Follow the money and you will get your answers.
        tsuzik
  • RE: United States Senate has been hacked by Lulz Security

    KILL LULZ !!! THEY BECOME TERRORIST NOW !!! Today they hacking senate communication, tomorrow they publish all communication and become second wikileaks.
    Voltus
    • RE: United States Senate has been hacked by Lulz Security

      @Voltus No.
      Jimster480
  • RE: United States Senate has been hacked by Lulz Security

    @DLSjp Sure, and maybe we can give some bank robbers, safecrackers jobs too. While we're at it, let's employ some rapists and murders too...that way we have the best defense against all those crimes. That ought to make society safer! Let's reward EVERYBODY for their skills...
    sia@...
    • RE: United States Senate has been hacked by Lulz Security

      @sia@...
      Hello? Frank Abagnale, anyone? Don't think it hasn't been done, and don't con yourself into believing the best of them aren't in penthouses, enjoying robust, five/six- figure government and private salaries. They do, contrary to popular myth (and in a few cases, according to it) exist, and some recieve something more like 'collateral' for either their services, protection, or faux-complacency.
      DJVyro
    • RE: United States Senate has been hacked by Lulz Security

      @sia@... we haven't given them jobs we have elected them.
      TGGR
    • In a complacent industry...

      @sia@...
      How else should they make their point? It's an industry where a good number are proactive, but there's also the lazy and reactive side, which often includes bureaucrats (government). Until you wave a gun in their face, they're going to sit on their hands and drool. It's illegal to hack, yes. However, it's what they do with this data that distinguishes them from dangerous cyber-criminals.
      They're doing this to tell people, "Hey, you have a big security leak, fix it!" They posted just enough data to make them wake up and hopefully do something.

      The thing about data is that if you steal it, it means nothing until you DO something with it, and THAT'S where the criminal part comes in. Unlike, say, stealing someone's radio as a hint to lock their car, the actual hacking does no damage, unless the hacker wants to.

      Now, if they cross that line to enabling others to steal identities, or commit fraud, then I say string them up by the family jewels and let people throw vegetables at them for a while.
      Zorched
    • RE: United States Senate has been hacked by Lulz Security

      @sia@... Murders and rapists do not have skills that matter. Like I said before, the internet is run by those with knowledge. Computer skills are the most powerful skills in this digital world. The quicker the fools at the top of governments and enterprises realize this, the faster things will change.
      Jimster480
  • RE: United States Senate has been hacked by Lulz Security

    @DLSjp
    Years ago it used to be that way. Kevin Mitnick is a perfect example. Companies used to hire convicted hackers for the fact that if they broke into your company then they know your real weaknesses and therefore can do a better job protecting that asset than those currently employed.
    Nate_K
    • RE: United States Senate has been hacked by Lulz Security

      @Nate_K
      How could you trust them? @Zorched: So, you have no problem with someone breaking into your house, as long as they don't do any damage to your house??? Maybe that is why no one take this criminal activity serious. If they try and enter my house, they need not ask for whom the bell tolls, special inscriptions will adorn their caskets!!!
      eargasm
    • Agreed with everybody that outside the box thinking is best.

      Their response will be to direct attention to "going after" and punishing somebody for exposing the vulnerabilities, and as we know, do no damage. That war is not winnable. For anybody they take down after massive effort, several more skilled groups will take their place. How about focusing efforts on massive antiquated flaws in the system that make it infinitely easier for criminals to use the data to commit crimes, like the "one number for life" social security number assignment system and other flaws. Send them a thank you note, hire them, better protect against groups or countries that want to do as much damage as possible -- not make a point.
      cswolfe
  • RE: United States Senate has been hacked by Lulz Security

    @DLSjp I couldn't agree more!! Look at Microsoft for instance - <a href="http://gizmodo.com/5810434/microsoft-hires-14+year+old-after-he-hacks-call-of-duty" target="_blank" rel="nofollow">http://gizmodo.com/5810434/microsoft-hires-14+year+old-after-he-hacks-call-of-duty</a> .... Also, if they can get in, they can teach the companies server admins a lesson or 2 on server security! If the server admins were doing their jobs right in the first place, everything would be ok
    runneals
    • Message has been deleted.

      Karthik_Malasani
    • RE: United States Senate has been hacked by Lulz Security

      @runneals Hoooo, I wish you could spend a day or so in their shoes; you have no idea of which you speak nor much knowledge of it and certainly no real experience.
      tom@...
  • Welcome to 1995...

    @DLSjp

    What rock have you been living under? That's literally how being a 'security analyst' has worked for more than a decade and a half. *suspects you are really steve jobs in disguise*
    Ternarybit
  • RE: United States Senate has been hacked by Lulz Security

    @DLSjp In the 80s I was friends with a 16 year old hacker named Captain Kirk. He did tens of thousands of dollars of credit card theft on Compuserve. He was arrested and then was their employee all in one week with all charges dropped. He was making over $50,000 a year at 16 :( I guess crime sometimes pays sadly.
    mtelesha
  • RE: United States Senate has been hacked by Lulz Security

    @DLSjp
    They are going to get a reward in due time. A cruise missile or Seal team busting down their doors, is not the reward they seek??
    eargasm