Lulzsec scalps CIA

Screen shot 2011-06-15 at 5.52.12 PM.PNG

Srsly.

More at Boing Boing

The technology that links taxonomy and Star Trek

Hackers prepare for first "national holiday" in their honor

rtresco

“They’ve definitely got the internet paying attention.”

The internets are as vast and varied as the real world. I wouldn’t call a bunch of hacking armchair quarterbacks “the internet”.
- Anonymous
  
  I think this kind of highlights the difference between people who see THE INTERNET, OUR MAGICAL COMPUTER SAVIOUR FROM WHICH ALL CREATIVITY SPRINGS AND WHICH IS AS IMPORTANT AS OUR VERY BLOOD OH HOW WE SHALL REVEL IN THESE GLORIOUS LULZ and people it as just another tool (most of the world) who are mostly just going to get pissed when you stop them getting to Amazon or whatever.
  
  Just for fun, let’s turn this into a conversation about sheeple
- Ugly Canuck
  
  We are all the internet, and the internet is what we make it.
  
  We are all human, and humanity is what we make it.
  
  But nevertheless the internet is not humanity, nor is humanity the internet.
  
  The internet is in some sense a reflection of humanity, there is no doubt of that.
  
  But is there any evidence that such is, or can be said to be, a true reflection?
  
  Gee, maybe “embodiment” would be a better word than “reflection”, in this context, as the internet has its own structures, which deeply effects its “reflective” abilities. I don’t know…
Anonymous

try the so-called ‘fed’eral ‘reserve’ next time – not that cia.gov wasn’t worth the time, but…just sayin’
Anonymous

…and it’s down.
Anonymous

And I remember thinking Tor was safe, LOL. But then again – it was called “phreaking” when I started. Sorry, no 1337 speak, it just never took with me.
Anonymous

THis will not end well.
- Intense
  
  LulzSec = False Flag Op?
  - Anonymous
    
    Honestly, why not? It’s a decentish set-up for a crack-down. Corporations call en masse to be protected from scary internet bogie man. It’d hardly be the first time the govt protected incompetent corporations from competition or threat.
MrJM

Q: Why were our civil liberties on the internet restricted in a dramatic overreaction?

A: For the lulz.
- grimc
  
  Too true.
- Bubba
  
  Which civil liberties would those be?
  - MrJM
    
    Silly Bubba — Any specifics regarding the restriction of your civil liberties is strictly classified.
  - angusm
    
    Bubba wrote “Which civil liberties would those be?”
    
    Depends. Which ones did we miss on the first pass?
Anonymous

@Quadrapodacone has been attacking them on twitter. This is most likely a response to this exchange:

@LulzSec:
Everyone please keep looking at @Quadrapodacone for he, being high and mighty, can no doubt take down any website in existence. Waiting.

@Quadrapodacone:
@LulzSec I have no want or need…Here’s a challange… fbi.gov or cia.gov try changing some text or something :P

The challenge was to change the site, not to take it down.
voiceinthedistance

Those kids are starting to really take it up a notch or two, now that high school is out for the summer and they have more time on their hands.
Jackasimov

Yeah, I can’t verify. Having a heck of a time connecting.
Urthen

Not responding as of this comment. That gives me an idea, though… If a target is too big, but has inadequate infrastructure, just announce an attack has been made… everyone hammering it to see will take the site down itself!
- triscuit
  
  Yep- too much traffic. Idiot that I am, I went to check it out. I got on the site, but it was slow, and seemed that the graphics were missing.
  - Jack
    
    Iâ€™m starting to think this was all a social engineering ploy to get the entire world to slam the CIAâ€™s website.
    
    Why hack when you can just say, â€œGo here!â€ and create a human invoked DDoS condition.
- Tuff Luke
  
  if that were the case, then, in a roundabout way, they kinda DID take it down…
- relawson
  
  I came to reply to say exactly that!
  
  as I went to cia.gov to see if it was up… OMG AM I CONTRIBUTING TO THIS??!!!!
  
  haha!
ultranaut

Some people get their lulz being asphyxiated too…
- emmdeeaych
  
  and others by sucking the air from the room.
Anonymous

Script Kiddie’s ATTACK!!!!
Anonymous

Not an exploit, just a [D?]DOS, but amusing nonetheless.
Diodeus

OMG! They’re still using TABLES! Only the brightest and the best.
- Modern Jess
  
  You know, tables get a bad rap. One can spend days tweaking css to get a nice liquid layout. Or they can just use a table and move on with their life. I’m not anti-CSS, either. I just believe in using the right tool for the job, instead of knee-jerk snootiness.
  - Diodeus
    
    Correct, DIVs are the right tool. Tables are for data. My knee remains flaccid.
Pip_R_Lagenta

It is also important to understand that the CIA [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] [Redacted] or for any American who wants to live in a free country, at least.
Anonymous

Talk about a misnomer

http://1.usa.gov/62hgHR
Anonymous

It’s up, as of ten minutes ago, with no sign of disturbance.
Enormo

I tried to follow the link but the site was down. What gives?
- Anonymous
  
  Millions of others were just prompted to do the same thing, in order to crash the site. Mission accomplished…Sigh.
Wickedashtray

The lulzboat strikes again.

Sorry but I find it hilarious that a bunch of smart-assed teens can play with high level, government run shit like a cat with a yarn ball.
- MrJM
  
  shit like a cat with a yarn ball
  
  And thus was a new defecation idiom born.
- Anonymous
  
  I am not entirely sure the CIA is devoting its best and brightest to keep it’s kinda generic looking website running.
  
  Bob the overworked CIA IT guy is probably not as mighty a titan as you might think.
- IronEdithKidd
  
  What makes you so certain that teenagers are behind all this?
Drabula

I’m old enough to have lived through a a good chunk of the Cold War but feel more like we’re living on the brink of something now then I ever did then. It’s as if the spooks and M-I-C ended up jonesing once the fix of communist panic was taken away and now lurch about groping for a raison detre that was only inflamed like a boil by 9-11.
I came perilously close to working for them long ago. I’m rather happy I’m just an armchair observer of these crazy times.
Anonymous

This is getting ridiculous.Now i feel like their puppet.Some of the commenter s above are right about “us” doing the DDOS. Ugh, i wish this would come to an end. It really is getting out of hand. I noticed that lulzsecurity is hosted by Cloudflare. Supposedly, it’s a very secure web-hosting company. How ironic.
Anonymous

After reading some of the first comments, I wonder : Can you really run a “social” DDOS by telling people ‘go there’ ?

I mean, wouldn’t it require an awful lot of people trying to reach the target site at the exact same time. A decent botnet is over 1 million machines, that can perform the same attack again and again.

Anybody knows if it’s possible / has been done ?
- oheso
  
  Anybody knows if it’s possible / has been done ?
  
  It’s called the “Slashdot effect”, as in, “That site has been Slashdotted.”
  
  Typically, though, it’s a case of some rinky-dink site getting maxed on its monthly bandwidth allotment with its ISP rather than the actual hosting infrastructure getting its knickers in a twist.
Anonymous

Am I the only one who still finds it amusing that the CIA has a ‘Kids’ Page’?
Drabula

…or, maybe we should turn it into a conversation about whether the cia is a good use of american tax money….or how we feel about its operations representing americans around the world….i have nothing to do with the hacking world. i might be a hack writer or a hack artist now and then but these shenanigans are far beyond my ken, but i recognize these lulzsec types as modern anarchists and i view them thru that lens good or bad, and it’s still the real world that concerns me ie renditions, secret prisons, assassinations, torture. i mostly find lulzsec entertaining – state sponsored terror, not so much.
Drabula

yep. i reckon they pretty much say as much in their recent tweet: “Lulz Security, where the entertainment is always at your expense, whether you realize it or not. Wrecking your infrastructures since 2011.”
Sef

Of course you can do a social DDOS. I’m sure boing boing still occasionally shuts down websites simply by suggesting that it is worth taking a look at them.
splint

How many groups have the power to simply tell people to go somewhere in order to prompt a DDOS? Still impressive.
PaulMorel

Wow. They must be pretty confident in their ability to hide, both on the internet and in real life.

This seems like a pretty stupid target.

But also, when did DDOS attacks become legitimate hacking? DDOS attacks are the teeball of hacking: you have to start there before moving on to the real deal.
- Anonymous
  
  Its not real hacking. They’re doing it to gain the attention of the world to show off their more legitimate intrusions. And it seems to be working. They’ve definitely got the internet paying attention.
  - SamSam
    
    And it seems to be working. They’ve definitely got the internet paying attention.
    
    What’s the name of the fallacy where you assume that everyone else is like you?
    
    I know the feeling. It seems that all of the blogs that I go on probably know about lulzsec. But I guarantee you that not a single one of my internet-savvy acquaintances and family members know about this.
    
    Maybe 0.01% of “the internet” is paying attention to this. That seems pretty high, though, once we start considering all Chinese internet users. :)
- Anonymous
  
  try doing the slightest bit of research next time before extending your opinion.
  
  all the releases on their list are hacks, not ddos. http://lulzsecurity.com/releases/
jjsaul

Wasn’t there talk a while ago about tightening up the protocols to ID packet traffic sourcing?

Between that and opponents of net neutrality, there certainly are a lot of big interested corporations and governments ready to benefit from the authoritarian reactions that are coming.
Cook!EMonstA

Back in the 20th century, disaffected youth hung out in public spaces or in businesses that were open to the public, therefore their protests and demonstrations happened in those public places. At the time this had a profound impact because people saw these actions as radical. Over the last 50 years the street protest has been neutered, corralled into free speech zones and regulated into death.

Today, the youth hang out on the public inter-webs. Their protests and demonstrations should take place there as well. Does it take any special skill to stand in front of a building and make it more difficult for people to get in to do business? No, why should it. Civil disobedience needs to be direct action that has a profound impact.
- TabulaRasa
  
  Some german courts – until recently – ruled that DDoSing sites was no different from blocking access to physical sites with public sit-ins. civil disobedience, yeah, but protected.
  But recently they ruled it’s computer sabotage.
  Brave new world.
Anonymous

man this is gonna have some sort of backlash that people not involved wont like
Anonymous

Let’s imagine the CIA’s website was a lemonade stand, and the actual CIA was a 500 pound gorilla selling lemonade.
Lulzsec would be a group of young people coming through the neighbourhood, painting all over the lemonade stand, but still laughing and exchanging invisible badges of courage in front of the gorilla.
Just saying. (even though I like and appreciate ‘lulzsec’)
The Hamster King

As the person who wrote the in-game dialog for the original Rainbow Six, I feel I bear a significant amount of responsibility for the mainstreaming of the phrase “Tango down!”

I’m so proud!
- Anonymous
  
  Just yesterday, I was digging through my game CDs and happened to find Rainbow Six. Good ol’ Ding Chavez…
- penguinchris
  
  That’s great; I am always reminded of Rainbow Six when I hear the phrase. I was one of the regulars on the Red Storm forums for a long time, obsessed with that game and the first couple sequels, before I stopped doing much gaming.
theawesomerobot

Hey, don’t knock the good old DDOS attack – it often serves as a vessel for more nefarious deeds. Don’t forget – the Sony fiasco was supposedly perpetrated under a DDOS cloud.
Cowicide

Let’s face it, a bunch of representatives in Congress probably phoned in requests on the Lulsec request line.
Cowicide

Meanwhile, this doucheberry still looks like a doucheberry.
Anonymous

It goes up and down periodically. So if it’s up when you visit, try hitting the reload button if you want to see what everyone is talking about. ;)
Teller

If Lulzsec isn’t job-hunting, then this is the cyberversion of why a dog licks its balls.
optuser

How many years to go before the following scenario:

1. hacker crosses the wrong government/corporation/mafia

2. violated g/c/m gets pissed off

3. hacker gets located and abducted

4. some kind of public, violent end to hacker

I’m not saying this is how I feel about hackers, but I imagine this is going to happen sometime in my life span.

Or is this story a crappy 90′s after school special I didn’t see?
- TabulaRasa
  
  1. hacker crosses the wrong government/corporation/mafia
  2. violated g/c/m gets pissed off
  3. hacker gets located and abducted
  4. some kind of public, violent end to hacker
  
  Well, let me see. currently there is Bradley Manning being held in confinement after pissing off the US Gov., and Julian Assange who is under house arrest in the UK.
  
  Manning is being charged for high treason, iirc, so what is the punishment for that?
- Anonymous
  
  That happened to a West German hacker or two that had worked for the Stasi for money. Can’t remember names or details but they seemed to commit “suicide” in highly unlikely circumstances or what not.
  - Anonymous
    
    People shoot themselves in the head in the back of police cars all the time. while cuffed. after being disarmed.
- Cowicide
  
  How many years to go before the following scenario: 1. hacker crosses the wrong government/corporation/mafia 2. violated g/c/m gets pissed off 3. hacker gets located and abducted 4. some kind of public, violent end to hacker … I’m not saying this is how I feel about hackers, but I imagine this is going to happen sometime in my life span.
  
  Welp, back in the 90′s when banks and everybody were still trying to convince the general public to trust online banking (and financial websites in general) they often didn’t report hacks into their banking systems to the authorities. The banks did this at the time because they felt like they’d lose more money to wary customers (who were still learning this whole “Internet” thing) than the losses from the hacks themselves.
  
  So…
  
  They would quietly attempt to find the perpetrator. If they found the hacker, some heavies would come to his house, kick open the door, smash his computer, throw his ass against the wall and warn him his life was in danger. I don’t know of any hackers that were killed, but some got roughed up. The authorities knew this was going on at that time and it made them “uncomfortable”, but it went on anyway as long as it was kept quiet (and Iâ€™m sure some payoff money exchanged hands here and there).
  
  Nowadays, the public is much more comfortable with the Internet (probably to their peril) and seem to take hacks into banks, etc. much more in stride than in the 90′s when it was all “new and scary”.
  
  So…
  
  It’s already happened in your life span while you were busy watching crappy 90′s after school specials. ;D
- robulus
  
  I’m pretty sure that’s “Kick Ass”.
- Anonymous
  
  When these things start mattering in more than a symbolic sense, probably.
  
  ‘Oh noes you have brought down our pr/information webpage with your hacker shennanigans! All our money, political influence and ability to make things actually happen mean nothing in the face of your brutal memes!’
  
  No, it doesn’t really work that way. Some irritated middle manager in an it department somewhere gets to go ‘What is this shit?’ and piss away his entire morning trying to fix it but all you’ve really done is raise some guys blood pressure, probably shaving a few months off his life and depriving his grandchildren of his company.
  
  Yeah, someone is going to get arrested over the Sony thing sooner or later but at this point, I don’t think anyone important actually cares, beyond the incredibly ugly implications of the PBS hack.
Cowicide

WTF?
WeightedCompanionCube

ANS Communications, Inc BLK198-15-ANS (NET-198-80-0-0-1) 198.80.0.0 – 198.81.255.255
Central Intelligence Agency OIT-BLK1 (NET-198-81-128-0-1) 198.81.128.0 – 198.81.191.255

The public-facing site is on a web host… but given that it’s in Ashburn, VA I wouldn’t be surprised if “ANS Communications” isn’t a contractor that exists solely to host the CIA’s public websites.

So LulzSec managed to hack (or more likely DoS) a web host. That’s a long way from “Hacking the CIA” and I’m probably more irritated about it than they are. Don’t fsck with my access to world factbook!
eaglescout1984

I prefer saying “Tango Uniform”. If you don’t know what it means, well, look it up.
djfatsostupid

A lot of speculation here about what this was all about. Can anyone actually confirm that anything on the website was changed? Or confirm from a reliable source that nothing was?
Anonymous

A lot of people aren’t aware of this, but Lulzsec is not the same as anonymous which used manpower and a call to arms to DDOS. Lulzsec has a pretty massive botnet, which is a tremendous power period and if they get more clever about using it, they will become a force of leveling.
knoxblox

Yup, I kind of get the feeling LulzSec is not well trained in hand-to-hand combat, and they’ve just picked a fight with the CIA?

Eventually, the CIA even found Osama bin Laden. Best-case scenario, I think LulzSec’s going to wind up pecking at the keyboard someday because their fingers don’t work.
- Cowicide
  
  Eventually, the CIA even found Osama bin Laden
  
  You just made me spit out my drink and laugh. Thank you for this.