So I must be pretty pissed off right now, right? Nope, not really.
For a start, the whole thing reeks of double standards. I was one of the people cheering on AnonOps when they were hacking websites in the wake of the arrest of Julian Assange, and applying pressure to those who would seek to deny Wikileaks funding. I even deleted my PayPal account in protest.
This attitude was evident on various gamer web forums where people were one minute gloating at Eve Online being taken offline, then later crying because they couldn’t play League of Legends. I felt like reaching through the interwebs and bashing some heads together.
Even then, that’s only when the media chooses to report accurately. Ars Technica had me under the impression that LulzSec were going to release the Brink user info if Bethesda didn’t give out more details on the upcoming Elder Scrolls: Skyrim and also add top hats to the game. When I actually got the chance to read the statement from the group, the tone was light-hearted, and not very threatening. The top hats suggestion was added almost as a funny afterthought. Not quite the blackmail that Ars Technica had implied.
There also appears to be general misunderstanding about what motivation LulzSec have. Reading some forum posts on the topic yesterday, it was clear that the poster were divided between those who thought LulzSec were terrorists (yes, terrorists) and those who thought of them as being some sort of collective freelance security operation.
They are neither, as best I can see.
The posters claiming they were terrorists reasoned that since they had the pron.com user database, they could use this info to sow fear and blackmail the individuals contained therein. I would suggest that, given the abundance of free pronography on the internet, it could be considered a bit foolish to wilfully add your details to a huge database of pron users. Especially if one was in a position whereby the revelation of such ‘hobbies’ would be harmful. But then I have a thing for individual responsibility.
Nor are they hugely interested in their target’s security. Sure they may have advised Bethesda to ‘fix their junk’, but, if we use the burglar analogy, that’s like a burglar kicking in your back door, drinking all the lemonade in your fridge, sniffing your dirty laundry, taking a dump on the kitchen table before leaving a note that says ‘Your back door is broken.’.
Really: It’s for the lulz.
It’s not that knocking down a particular website is entertaining in itself. But when the myriad users of that site then take to Twitter to castigate LulzSec, lulz are had. When it is revealed that Lulzsec have stolen user details and people take to newsgroups and web forums to register how angry or fearful they are, lulz are had. When the Senate website is hacked and the FBI are called in, lulz are had.
Taking pleasure in the misfortune of others is a timeless concept, and LulzSec represent schadenfreude in the digital age.
Their activities are arguably criminal and I wouldn’t be hugely surprised if some arrests came from it, but I’m also certain that LulzSec are doing their best to avoid this outcome and hide their tracks, with seven proxies and the like.
As for me, you and Joe Average, there’s not a hell of a lot we can do about it. Evidently general web security isn’t as sophisticated as it should be and these attacks will no doubt serve as part of a catalyst of change.
Until the proverbial hatches can be battened down, all we can do is keep an extensive list of alternative passwords. Think of it as background radiation or environmental change, something you just have to put up with.
Oh, and try and have some lulz along the way.