LulzSec playing dangerous games with Nintendo, Sony hacks

Hacker group needs to "grow up", says Paul Ducklin of Sophos
Page:

The unpredictable motivation of hacking group LulzSec, who have claimed responsiblity for the recent attacks on Sony and Nintendo, means no one is safe, security experts have said.

LulzSec has even gone as far as releasing a statement in regards to the Sony attack.

"Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL [structured query language] injection, one of the most primitive and common vulnerabilities, as we should all know by now," the group wrote.

Sophos Asia Pacific head of technology, Paul Ducklin, told Computerworld Australia that LulzSec's motivation for was because the group did not agree with the views of Sony, but their attempt to hack a server of an affiliate of Nintendo Co's US unit was less clear.

"They claim to say they love Nintendo and they hack for them," Ducklin said.

"They've got a little bit up themselves with this hacking, so who can say who will be next?

"Cybercriminals generally don't care. They will go after anyone who is vulnerable and the weaker you are, the more likely they are to do something bad to you."

He added that although Nintendo reassured customers no data was stolen, when it comes to data breaches, determining the extent of the damage can be a difficult task.

"Sony found that out when it took them several days to find out what had occurred when the network went down," Ducklin said.

"The other problem is when data gets stolen, the original copy that remains, so it's not always obvious what has been duplicated.

"In this case with Nintendo, they seem pretty confident that no data was stolen.

"If you're an Australian customer, you have to decide for yourself if you believe them or not."

Ducklin has also warned that LulzSec now had a taste for hacking anyone they could get their hands on.

"These are just adults who need to grow up and stop acting like kids," he said.

"They better well hope that the cops don't get hold of them or they will be in deep water."

The security breaches was a wake-up call for anyone who deemed themselves not important enough to be a victim of cybercrime, Ducklin said.

"They [hackers] prefer a high profile scalp because they are more likely to get information which they can sell for money," he said.

"But if with no additional effort they manage to hack you, then that's all grist to the mill."

Page:
More about: etwork, M86, Microsoft, Nintendo, Sony, Sophos, Xbox
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: hackers, hackings, LulzSec, Lulz Security, M86, M86 Jeremy Hulse, security, sophos, Sophos Paul Ducklin
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/138/driverscanner-2010/

DriverScanner 2010

DriverScanner scans your computer and provides you with a list of drivers that need to be updated. All you have to do, then, is simply ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia