Some of you may have heard that over the summer I’ve got an Internship with Tayside Police as part of my degree, helping to improve their online presence not just on their website but through Social Networking sites such as Facebook and Twitter to better engage with the community. With that said, I’d like to point out that like always, my views expressed here may not necessarily reflect those of any group whether it be corporation, public sector body or educational institute or indeed anyone. These are my personal ramblings as an individual and a computer scientist.
In recent weeks, a small hacking group has come to light known as Lulz Security. They have gained fame in hacking major internet based companies and releasing information to the public with the aim to highlight, what Lulz Security see as, their flawed security systems.
With hacktivist group Anonymous making headlines on a daily basis, Lulz Security’s attacks are not a new phenomenon however, I do believe their motives should not be seen in the same light.
While I have struggled to agree with some of the hacks that Anonymous have performed, I do agree that they are performing attacks based on a moral objective and I have to say, I have found myself agreeing to some of their recent targets. Anonymous have made great attempts to fraught the work of state run operations to censor and remove the human rights of people around the world, like in Tunisia where the people are being oppressed and are calling for freedom.
“We will not forgive corruption, we will not forget injustice, we will not tollerate the denial of our freedoms and we will not be silenced.” Anonymous Press Release
While I may not agree with every single action that Anonymous take, I do very much agree with what they stand for. I can not say the same for Lulz Security.
There are many suggesting that Anonymous has joined hands with Lulz in what they are calling operation AntiSec however I do not believe this to be entirely true. What we must remember is that Anonymous doesn’t have a leader, really, Anonymous could be anybody and everybody so while many who consider themselves to be part of Anonymous may support AntiSec, it is not my belief that the majority of them do.
Lulz Security is not following a moral purpose, they are not fighting organisations that seek to oppress and while they may be seeking to expose companies with poor security, I believe their targets may be poorly chosen.
Yesterday, the website of the Serious Organised Crimes Agency in Britain had to be taken down after receiving a massive Distributed Denial of Service (DDoS) attack by Lulz Security and government organisation like our police forces have been left worrying about attacks on our own services.
However, while Lulz succeeded in attacking SOCA’s website, what did they really achieve? They achieved the feat of taking down a page that does not hold secure data but rather only offers information to us, the public. If anything, they succeeded in censoring information made available to all of us. Isn’t that the opposite of what Anonymous is aiming for?
Yes Lulz Security showed that this site was susceptible to being overloaded with requests but as someone working on a similar site, I’d be confident in assuming that most public websites of law enforcement agencies are just as susceptible as, in this economic climate in which tax payers money is to be spent sparingly, such protection is afforded only for mission critical systems.
Most websites run by police forces are not on expensive web servers like those of Facebook and Google but in fact, quite ordinary servers, not much different to those used by small businesses as they do not require major processing power to run and they do not hold secure data. They hold data that is online for the general public, to raise awareness of their missions to help the public.
I think Lulz Security, while they may believe what they’re doing is right, has become arrogant and have in recent weeks shifted away from aiming to be a force for good, but have instead moved to only work for fame through their ability to show off as they attack companies, showing “flaws” that are frankly, unimportant when greater issues exist else where in the world and online.