Hackers claim hit on CIA website

[Guest guest]

http://ca.news.yahoo.com/hackers-claim-hit-cia-website-011621563.html;_ylt=ApSXz\

51mQnROaSVNHUC8Vy8essB_;_ylu=X3oDMTNjMGxlOXQ0BHBrZwM5YzY5YTM0NS02OGZlLTNlYzYtYmF\

jNS1mMTQyMTBkMTQ2YTcEcG9zAzEEc2VjA01lZGlhU2VjdGlvbkxpc3QEdmVyA2E0ZTUwMDEwLTk3Yjk\

tMTFlMC1iZWRmLTEwNmQxNGIzMjAxOA--;_ylg=X3oDMTJ0NmhmM2RuBGludGwDY2EEbGFuZwNlbi1jY\

QRwc3RhaWQDMDlmNWEyMzktYzA2OC0zMWQ1LWI0ZWYtNDdlOTZkODU5YjY5BHBzdGNhdANjYW5hZGF8Y\

i1jBHB0A3N0b3J5cGFnZQ--;_ylv=3

Hackers claim hit on CIA website

By Glenn Chapman | AFP – 24 minutes ago

A hacker group was brazenly ramping up its antics as waves of cyberattacks

targeting even the US spy agency expose how poorly defended many networks are

against Internet marauders.

" It's becoming a big problem, because at the end of the day these guys are doing

whatever they want, " said Panda computer security labs technical director

Corrons. " This is showing us that we have a long way to go to protect our

systems and our information. "

The public website of the US Central Intelligence Agency (CIA) on Wednesday

joined a growing list of hacker targets that has included Sony, The

International Monetary Fund, and Citibank.

The CIA told AFP it was looking into reports that cia.gov was knocked offline

temporarily by a hacker group calling itself Lulz Security.

Lulz has claimed in recent weeks to have cracked into Sony, Nintendo, the US

Senate, the Public Broadcasting System news organization, and an Infragard

company that works with the FBI.

The group is flaunting its notoriety with a telephone hotline for people to call

and suggest targets for cyberattacks.

" Our number literally has anywhere between five and 20 people ringing it every

single second, " members of the group said in a message on their @LulzSec Twitter

account.

Setting up a telephone hotline was " kind of eccentric " given that the hackers

could have easily created an online forum asking for targets, according to

Corrons.

" These guys are upsetting a lot of people, " Corrons said. " They think they will

never be caught, and that could be their biggest mistake. "

Lulz has seized the spotlight amid unrelenting reports of cyberattacks with

apparent motivations ranging from spying and profit to glory and activism.

" As we get more connected more of the time, the number of potential attackers is

growing because anyone can do it from anywhere in the world, " Corrons said. " As

the number of potential attackers grows, the number of successful attacks

grows. "

Hacker group Anonymous, from which Lulz is believed to have formed, gained

notoriety with cyberattacks in support of controversial website WikiLeaks.

Unlike cyber criminals who amass armies of " zombie " computers by stealthily

infecting machines with viruses, people volunteered to install software in

support of Anonymous campaigns, according to Corrons.

" Anonymous has been out there for years, " Corrons said, noting the group had

launched attacks on music or movie firms taking people to task for pirated songs

or films.

" When the WikiLeaks case came, they reacted fast and gained a lot of

popularity, " he said.

Anonymous used a tried and true distributed-denial-of-service (DDoS) attack that

overwhelms websites with simultaneous requests for pages or other bits of

content.

At times about 5,000 computers, each firing off about 10 requests per second,

took aim at websites for Anonymous, according to Spain-based PandaLabs.

" There are not so many people now as there were a few months ago; I see fewer

people connected, " Corrons said of Anonymous. " Maybe people are realizing that

you can protest, but this is not the best way. "

Lulz may be related to Anonymous, but its tactics are more sophisticated.

Lulz cracks computer system defenses instead of simply flooding websites with

page requests.

" In the Lulz group, they know what they are doing when it comes to breaking into

places, " Corrons said.

" It's their way to say the security here sucks and we are going to show you

why, " he continued. " Based on the way they act, I would say they are young

people. "

Other attacks reported in recent months, such as those on the IMF, weapons maker

Lockheed , and Gmail accounts connected to Chinese activists, bore signs

of being the work of spies with political or financial objectives.

" This is showing us that we have a long way to go to protect our systems and our

infrastructure, " Corrons said. " This is a failure from private companies and

even security companies -- there is a lot of room to improve. "