LulzSec playing dangerous games with Nintendo, Sony hacks

Hacker group needs to "grow up", says Paul Ducklin of Sophos

The unpredictable motivation of hacking group LulzSec, who have claimed responsiblity for the recent attacks on Sony and Nintendo, means no one is safe, security experts have said.

LulzSec has even gone as far as releasing a statement in regards to the Sony attack.

"Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL [structured query language] injection, one of the most primitive and common vulnerabilities, as we should all know by now," the group wrote.

Sophos Asia Pacific head of technology, Paul Ducklin, told Computerworld Australia that LulzSec's motivation for was because the group did not agree with the views of Sony, but their attempt to hack a server of an affiliate of Nintendo Co's US unit was less clear.

"They claim to say they love Nintendo and they hack for them," Ducklin said.

"They've got a little bit up themselves with this hacking, so who can say who will be next?

"Cybercriminals generally don't care. They will go after anyone who is vulnerable and the weaker you are, the more likely they are to do something bad to you."

He added that although Nintendo reassured customers no data was stolen, when it comes to data breaches, determining the extent of the damage can be a difficult task.

"Sony found that out when it took them several days to find out what had occurred when the network went down," Ducklin said.

"The other problem is when data gets stolen, the original copy that remains, so it's not always obvious what has been duplicated.

"In this case with Nintendo, they seem pretty confident that no data was stolen.

"If you're an Australian customer, you have to decide for yourself if you believe them or not."

Ducklin has also warned that LulzSec now had a taste for hacking anyone they could get their hands on.

"These are just adults who need to grow up and stop acting like kids," he said.

"They better well hope that the cops don't get hold of them or they will be in deep water."

The security breaches was a wake-up call for anyone who deemed themselves not important enough to be a victim of cybercrime, Ducklin said.

"They [hackers] prefer a high profile scalp because they are more likely to get information which they can sell for money," he said.

"But if with no additional effort they manage to hack you, then that's all grist to the mill."

Tags hackersM86 Jeremy HulsesecurityhackingsSophos Paul DucklinLulzsecLulz SecurityM86sophos

More about etworkM86MicrosoftNintendo AustraliaSonySophosXbox

Comments

Comments are now closed

Mobile payments in Australia: state of the banks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]