The UK’s Serious Organised Crime Agency was forced to take its website briefly offline on Monday evening as it faced a barrage of internet traffic in an attack launched by LulzSec, a hacker group. SOCA said its website held no operational material but that the “distributed denial of service” attack was affecting other customers of its web hosting provider.
LulzSec, which has recently launched similar attacks on the CIA and US Senate, as well as Nintendo and Sony, claimed credit for the attack on its Twitter page.
The toppling of a British police website, although unlikely to put national security at risk, is the latest in a rapidly growing epidemic of hacking, which has affected organisations from the International Monetary Fund to RSA Security, an internet identity protection service.
“DDoS is of course our least powerful and most abundant ammunition. Government hacking is taking place right now behind the scenes,” LulzSec said.
SOCA said in a statement: “SOCA has chosen to take its website offline to limit the impact of the distributed denial of service attack on other clients hosted by our service provider. The SOCA website is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold.”
Its website was intermittently unavailable for a few hours on Monday evening as it suffered a deluge of internet traffic, most likely directed from home computers hijacked by computer viruses. Because many companies’ websites are often hosted by external service providers in the same large data centre, a denial-of-service attack targeting one organisation can cause disruption to other sites. SOCA did not name the other companies or organisations affected.
LulzSec, an offshoot of the Anonymous group of internet activists, has said that its attacks are motivated by a desire to demonstrate the generally weak levels of online security, as well as provide its members and tens of thousands of Twitter followers with “entertainment” (lulz is a derivative of lol, internet-speak for “laugh out loud”).
Its victims have latterly included thousands of private individuals and messageboard users, as well as members of pornography sites and online gaming services.
Its latest campaign, dubbed Antisec, is more anarchic and anti-establishment, specifically targeting banks and government institutions.
“Top priority is to steal and leak any classified government information, including e-mail spools and documentation,” LulzSec wrote in an online posting. “Prime targets are banks and other high-ranking establishments.”
LulzSec said it was “teaming up” with Anonymous, the hacktivist group which took on opponents of WikiLeaks last December and more recently was involved in the attacks on Sony’s PlayStation Network. It threatened that it would later “unleash fire on multiple targets”.