sjvn01

LulzSec Disbands, Bad Security Remains

by sjvn01 ‎27-06-2011 07:21 AM - edited ‎27-06-2011 07:21 AM

For almost two months, an anonymous band of hackers called LulzSec made a reputation for itself by revealing internal data from organizations ranging from the Arizona police to the US Senate to the CIA. Now, the group is closing its tents. With a final release of such "valuable" data as game accounts and some internal AT&T documents, LulzSec is done.

In its final message, LulzSec rambles on:

"Again, behind the mask, behind the insanity and mayhem, we truly believe in the AntiSec movement. We believe in it so strongly that we brought it back, much to the dismay of those looking for more anarchic lulz. We hope, wish, even beg, that the movement manifests itself into a revolution that can continue on without us. The support we’ve gathered for it in such a short space of time is truly overwhelming, and not to mention humbling. Please don’t stop. Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.”

Yeah. Right. What really happened, after boasting that "We might be brought to justice, but we just don't care,” it turns out they do care when their leaders are revealed and at least one of its members has been arrested. In the end, LulzSec revealed a lot of mostly worthless information. LulzSec was no WikiLeaks.

That said, the real story here isn't that LulzSec was some elite team of crackers — devoted to a real cause — that has now retired. They were just a small group of computer-savvy young men who found out just how easy it is to break into governments and companies.

Despite years, decades, of IT experts and writers preaching the gospel of basic security, even the biggest organizations just aren't paying attention. I honestly begin to wonder if anyone even takes security seriously anymore.

Are we so used to the LulzSecs of the world, or of the far more dangerous criminal enterprises breaking into bank and credit-card companies, that we just shrug and accept security failures as the price of doing business on the Internet? Are we so blind that when it becomes clear that there was a real Mac OS malware threat for several days Apple told its customer support people to deny its existence?

Yes. Yes, we are.

LulzSec made be gone, but the moronic security problems it revealed remain. We—all of us from just ordinary Joe User to the CEO of the biggest companies—have to take security seriously. If we don't, well don't blame me if you find your credit-card numbers on sale for the highest bidder or your corporate books available as a BitTorrent download.

Article Options
Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
 

The HP Input Output site is sponsored by HP and features articles and content from HP and third-party contributors. Third-party articles and content, while paid for by HP, do not necessarily represent the views and opinions of HP. HP does not endorse this content and is not responsible for its accuracy, availability and quality.

Follow Us
Spotlight
"It's Not My Job" - Handling the Vendor Finger-Pointing Trap Is Teamwork Dead? A Post-Agile Prognosis Improving Your Personal Brand with Social Networking 5 Types of Meetings Every Business Must Explore
┼ Based on energy, paper and toner savings from regular printer usage. Results may vary.