Feeds

back to article Elite UK police agency website downed by Lulzsec

The Serious Organised Crime Agency is facing serious embarrassment this morning - it was forced to take its website offline last night after an attack by LulzSec hackers. The Metropolitan Police is still suffering big computer problems of its own and Soca's website doesn't include operational functions but this is still …

COMMENTS

This topic is closed for new posts.
Silver badge
FAIL

DDoS != hacking

Having your site taken down by a DDoS just means you didn't put in the money and thus infrastructure to handle this. Your site isn't hacked, just not available.

If that is how they had to bring it down, it means they couldn't hack it? If it is, then this is actually positive news, no?

13
0
Mushroom

LulzSec != Hackers

Script kiddies? Some will be, yes.

Crackers? Yes.

Criminals? Perhaps.

Freedom fighters? Depends on your point of view I guess.

Hackers? No. Not not, not ever.

This is a tech website, kindly use the term "hacker" only when it is appropriate.

13
1
FAIL

Why embarrased?

The website is not part of the operational organisation, it's a public facing site and is hosted externally

If it were hosted internally that would be a different matter.

Lulz going after low hanging fruit.

8
0
FAIL

Hacked?

A DDOS attack suggests to me that they either couldnt or didnt hack it.

1
0
Happy

If I had any...

... I would put bitcoins on it turning out to be the Bastard in his spare time.

0
0
Silver badge
IT Angle

Back when I were a nipper....

We 'ad to use social engineerin', brute forcin' and all sorts of TCP/IP jiggery-pokery when we were 'acking, unlike these new-fangled kids with their botnets and DDosin'.

Now get the hell off my server.

2
0
FAIL

Really..

..they thought it was a good idea to slightly annoy the law enforcement agencies? How clever..

0
0
Thumb Down

Lame

The only people impressed/amazed by DDoS attacks are non-techies who read the trip made up by major newspapers. Lulzsec are proving themselves to be as lame as Anon.

0
0
WTF?

Not quite.

"LulzSec has taken down the FBI, the CIA as well as various gaming companies. ®"

No, they have taken websites offline, wich have probably been made by Average Joe.

1
1
Silver badge
Holmes

SOCA down - no sh#t sherlock

the lulz are rapdily becoming my fave band of folklore heroes.

Sure, you will mostly disagree, but you have to applaude anyone who poke an angry bear with a big stick.

And for those of you who think these folk are criminals, let me put it to you. Losing your house keys is unfortunate but leaving your house unlocked is plain stupidity.

5
26
Silver badge

Oh so many things wrong with you

"And for those of you who think these folk are criminals, let me put it to you. Losing your house keys is unfortunate but leaving your house unlocked is plain stupidity."

1) Even if your house is unlocked if someone steals from it it is still theft.

2) It was a DDOS, not a hack. A DDOS is analogous to a group of people standing outside your house stopping you from entering, not breaking in and stealing things.

12
0
Silver badge
IT Angle

Um.

"Sure, you will mostly disagree, but you have to applaude anyone who poke an angry bear with a big stick."

I could also stick my cock into a mains outlet* but that still wouldn't stop it being a really dumb move.

*With a suitable adaptor from PC World ofc.

11
0

Um, no

Clearly you don't understand the difference between a DDoS and a genuine hack. Their attacks which have actually retrieved data are impressive, and a good way to shame companies that use cleartext password. A DDoS is not like leaving your house unlocked, it's like coming home to find some asshole as nailed planks across the door.

4
0
Thumb Down

Leaving your house unlocked...

"And for those of you who think these folk are criminals, let me put it to you. Losing your house keys is unfortunate but leaving your house unlocked is plain stupidity."

So you are trying to justify it how exactly - leaving your house unlocked is stupid but entering someone elses house / server and stealing information is criminal.

1
0
Silver badge

Yes they are criminals

Please feel free to come into my unlocked house. The local Police station is only 5 minutes away and has a nice armed response unit with experience of dealing with terrorists. I'm sure they'd like to meet you.

1
4
Silver badge

Kids?

The assumption that they are all just a bunch of bored kids is way off the mark or if they are just bored kids then folks should be really worried and not pretend it's just playground pranks.

A DDoS is more like finding the planks nailed to the door but also discovering how the door is put together, what locks are on the door, does it have a burglar alarm, is there home cctv etc.

Basically a DDoS can also be used to find out how much work is needed to actually break in.

But don't let that get in the way of numrous posters who assume it's just a laugh, they are the Sony product addicts who are just sore at being kept away from thier fix for a while.

Sony ain't laughing (we might be, though)

2
2
Coffee/keyboard

@Thomas 4

Thanks for that.

Boss: WTF is this coffee all over my report!

BOFH: Sorry Boss, I was reading a story about some bloke sticking his cock in a mains socket.

3
0
Silver badge
Go

Do it,

But I would still applaude you, but you would get a cheaper adapter from maplins.

1
2
WTF?

Breaking and entering

Going in to an unlocked building and stealing someone's property is a crime, no matter how "plainly stupid" an unlocked door is. But this is not what lulzsec are doing: they're breaking in to a house which is locked simply because lulzsec know about a flaw in the lock that the house owner does not know about.

I know enough about locks to break in to garages, and houses: that doesn't mean that I feel the need to do so.

LulzSec are criminals. Nothing more, nothing less.

1
0
Gimp

Mere language symantics

Hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.

A web server is part of a secure network. FACT!

Mere symantics of language are abound here.

The OED does not even recognise the term hacking.

So your both right and wrong

0
2
Pint

Re: Um.

It might be a really dumb move, but I'd cheer you on, film it and put it on youtube.

0
0
Bronze badge
Coat

@Thomas 4

I don't know mate, it brought the spark back into my marriage! Spark? Mains? Ah, suit yourselves....

0
0
Anonymous Coward

re: Yes they are criminals

Be careful with your analogy.

In the UK if your front door is wide open and I walk in, I haven't committed a criminal offence.

0
0
Bronze badge
Facepalm

but to be fair

the quality of the interface won't impress

0
0
Bronze badge
Thumb Down

@ukgnome

Just maybe you should 'get a life', and then reevaluate your folklore heroes?

Also your analogy of 'leaving the house unlocked', as would apply to this article. So that would be just about anybody foolish enough to think that they might connect a web site to the Internet?

2
1
Silver badge
Trollface

Ooooh Handbags

Glad for your social commentry.

I have a life, and it's all good but thank you for your concern.

Although I do agree, what I should of said is make sure your outward facing portal to the world is robust and secure. But now I'm just knitpicking my own comment.

0
2
Silver badge
Headmaster

@ukgnone

No, what you should have said is "should have", not should "of".

PS the word is "nit-picking", not "knitpicking"

0
0
Big Brother

Great

Never underestimate the vengeance of a humiliated politician.

1
0
FAIL

Folklore heroes ?

As much as I have a healthy distrust of law enforcement agencies, they merely prevented access to a public resource leading to a cost from the public purse.

All in the name of headlines.

You say folklore heroes, I say attention seeking media whores.

2
0
WTF?

@ukgnome = not getting it

@ukgnome = not getting it

It was a DDOS - that was the equivalent of thousands of people blocking the entrance to your house and in this case your whole street - i.e. they took the site down to stop it affecting other people hosted there as well.

If someone is determined enough / has sufficient resources they could probably take almost any site down with a DDOS.

1
1

@AC

>>"It was a DDOS - that was the equivalent of thousands of people blocking the entrance to your house and in this case your whole street - i.e. they took the site down to stop it affecting other people hosted there as well."

True, though I guess if the website is merely a little public-information front, not the organisation itself, it's a bit more like someone having a crowd of kids blocking the entrance to the shed on their allotment, or to a lock-up garage that they hopefully don't keep anything important in.

And as for ukgnome's claim that one has to applaud someone who pokes a bear with a stick, I think much of the time I'd give more applause to the bear if it gave them a well-deserved slap in return, and I'd maybe spend some time wondering whether the bear might just take the opportunity to also go after people who haven't done anything wrong.

0
0
Silver badge
Facepalm

DDOS

Um.... the right kind of DDOS (udp) won't stop just because you've taken your server off-line, you have to tell your hosting provider to drop inbound traffic to that address because as far as the internet is concerned (in the routing tables and/or DNS), your machine is still there, it is simply not responding (which is, of course, the point)

0
0
Anonymous Coward

Silly Children Will Play if They Can Steal The Toys

If some bunch of silly children stole a JCB and built a pile of dirt round your house to stop access that would be the same as this dummy DDOS attack. In that case there would be little you could do about it. You might be pleased if the neighbours called the police and even more pleased if they could stop paper shuffling, tea drinking or whatever and stopped the children.

I doubt that few beside other children would find them to be folk heros.

1
0

Read a bit more...

If you put a system under high stress, cracks will appear.

http://www.zdnet.co.uk/news/security-threats/2011/06/14/lulzsec-targets-bethesda-softworks-game-maker-40093100/

0
0
FAIL

btw

i just asked a mate what lulsec have actualy done that wasnt a DDoS.... apparently some password hashes from poorly-configured webservers and a list of ATM's and their lat/longs...

Now the ATM one sounds interesting (bank attacks?) until you ask yourself where this could of come from... It'd be a fairly simple "hack" to take apart a TomTom now wouldn't it...

0
0
Bronze badge
Happy

They're sneaky these super-hackers!

ATM list? They probably went to some POI site and downloaded them...dun dun dun...with a fake login account ( which one of their mums created for them the day before! ) .

0
0

Surely...

...LulzSec are just asking for trouble with stuff like this? They really do seem to consider themselves Too big to fall. It will be interesting to see what the final outcome of Lulzsec is, part of me expects some jail sentences.

0
0
Anonymous Coward

Jail and...

Jail and, I also suspect, giving up everyone they know in an embarrasingly short amount of time as soon as they realise what sort of time they're looking at.

0
0
Black Helicopters

Guys - we're being overtaken by events

Do you remember a couple of weeks ago when the name and address of an alleged Anonymous sysadmin came out after a bit of spat in the non-organisation?

Well the Beeb has just reported the arrest of a 19-year old "suspected hacker" in the same small Essex town.

1
0
Megaphone

For the lulz

A couple of things;

Doesn't a DDOS attack sometimes act as a distraction to what is really going on? Wasn't that what happened with Sony? They flooded one area and used it to cover their tracks whilst breaking in?

Also lulzsec are this months wikileaks. Where's all the wikileaks coverage gone? Where are all the supporters of Wikileads in the comments anymore? Yesterdays news that one, just like this will be in a month or two.

0
0
Anonymous Coward

What do Intelligence Agencies and Eve Online have in common?

The skill: Target Painting

Lulzsec seem determined to paint a pretty big bullseye on their arses. Hope reality catches up with them soon.

0
0
Silver badge

DDOS...

A DDOS is only slightly higher up the "hacker" scale than the NOTW phone "hackers".

A DDOS is just flooding a server with more requests than it can handle. If I phone you on your mobile, your home phone and then knock on the door, all at the same time, then I have effectively done exactly the same to you as a person.

I only put the DDOS above the NOTW because to do it you generally need access to a large collection of machines and internet connections in order to generate the required volume of traffic from a wide range of IPs to make it work.

A real hack would be getting into things which are locked down and secured (so not mobile voicemails with a default password).

0
0

Weeeeeeeeeeeell

"A real hack would be getting into things which are locked down and secured (so not mobile voicemails with a default password)."

There are more than a few hackers out there that would call this cracking.

0
0
FAIL

We will find out who they are when...

The CIA are not all nice cuddly people. Even a non secure public facing website that (I assume) is not connected to their operations is their turf. Lulz have now stepped into the crosshairs and may be coming to the notice of a group of people they would be better keeping away from.

We will know who they are after we hear of a group of people who each committed suicide by shooting themselves in the back of the head - twice.

0
0
Megaphone

Community service for zombies

"committed suicide by shooting themselves in the back of the head - twice"

Because they would be so incompetent that they would miss the first time? :-)

If any good comes out of this, it will be that the plod will take ddosing even more seriously and lean more on ISPs to take action against their moron users that get compromised, but this is a complex issue requiring global cooperation, education some coercion, and the subject of a few PhDs.

Some angry bears are best not poked with a sharp stick, as it risks innocent lives too.

The whole fucking net is overrun by selfish criminals happy to mug a bingo hall full of grannies for pennies without regard to the collateral, and these LulzSec kiddies should get a life and use what skills they have to help clean up the litter...

Disinfecting zombies should be added to community service punishments (if not already)...

0
0
Bronze badge

Little Nuisance

If Lulzsec or Anonymous actually managed to hack a significant government system I might be impressed, but public web sites is just pointless.

A better analogy than access to your house might be access to the bathroom, not that inconvenient, until you really need to go. These websites hardly have a high volume of traffic, but when they are needed, well, it's the public who suffer, not the organisations involved.

Would these guys still be your heroes if they took the 999/911 service down.

0
0
This topic is closed for new posts.