LulzSec Hacks U.S Senate Web Site, Video Game Maker
LulzSec said Monday that they had successfully hacked into the U.S. Senate’s Web site, Senate.gov, and posted “basic information on the file systems,” including user names and the Web server config files, according to Chester Wisniewski, Sophos senior security advisor.
In addition, LulzSec published a list of directory names from the server, but did not appear to post any proprietary or personally identifying information, according to the office of the Sergeant at Arms. Government officials said in a statement that no critical information had been compromised during the attack.
“The intruder did not gain access into the Senate computer network and was only able to read and determine the directory structure of the files placed on senate.gov,” according to a statement issued by the office of the Sergeant at Arms, which oversees cyber security, adding that the server was intended for public access on the “public side of the Senate’s network firewall, and any files that individual Senate offices place there are intended for public consumption.”
The vulnerability was traced to a senator’s office, although the office of the Sergeant at Arms did not disclose which senator was targeted, according to ABC News .
“Although this intrusion is inconvenient, it does not compromise the security of the Senate’s network, its members or staff,” according to the Sergeant at Arms statement. “Specifically, there is no individual user account information on the server supporting senate.gov that could have been compromised.”
LulzSec punctuated its cyber attack with a taunt, posted to its Web site. “This is a small, just-for-kicks release of some internal data from Senate.gov—is this an act of war, gentlemen? Problem?”
Under the U.S. Computer Fraud and Abuse Act, the hack could potentially carry of sentence anywhere between five and 20 years in prison, if the attackers were apprehended and convicted.
Also during its latest rampage, the notorious hacker group claimed another attack victim, video game maker Bethesda Softworks , makers of Quake, Fallout, Doom, Elder Scrolls as well as other popular games.
Similar to its other attacks, the group posted passwords and sourcecode from a Bethesda Softworks database server.
The motive for the recent attacks is thus far undetermined, although Wisniewski said that it appeared that the miscreants were attempting to show they were superior hackers than another group that recently broke into Bethesda’s new game, Brink.
“It is difficult to explain random acts of sabotage and defacement, so I am not going to attempt to get into the heads of those behind these attacks,” Wisniewski said in a blog post. “About the only take-away is that it’s best to secure your Web assets against these types of attacks before rather than after.”
Meanwhile, the attack on the U.S. Senate is hardly a first for LulzSec. In recent months, members of the group have made a name for themselves with a series of high-profile attacks against Sony, FBI affiliate InfraGard , and PBS.
The group had claimed that it attacked PBS for its critical portrayal of WikiLeaks, while the assault on InfraGard was apparently a retaliatory effort after the Pentagon announced that it would treat cyber crime as an act of war.