Topic: Security

Former Lulzsec Headman Turns Informant To Help Bust Bad Guys

added by Douglas Bonderud on March 15, 2012

1 0

On the morning of March 6, 2012, law enforcement agencies in the United States and the United Kingdom made six arrests of suspected hackers belonging to high-profile groups Anonymous, Lulzsec and AntiSec. Those arrested were described as "principal members" of the groups and information given about their whereabouts is being credited to former Lulz group leader, Hector Xavier Monsegur, also known as "Sabu." After being arrested last year by the FBI, Sabu agreed to act as an informant and enabled law enforcement agencies to track down some of the most senior members of these hacking groups.

A Lack of Anonymity

Last July, the FBI managed to uncover Sabu's identity and make an arrest, enabling them to peer into the shadowy world of hackers and cyber terrorism. Sabu agreed to turn informant for the government agency, but both his arrest and any information he divulged were kept secret until other hacking group members were arrested, according to an article at InfoWorld. One of the main spokesmen for Lulzsec (an offshoot of Anonymous), Monsegur was living in New York when he made an error--forgetting to mask his IP address when making an online post. He was arrested shortly thereafter, and since that time, has been supplying the FBI with reliable information about other "hacktivists."

One of the main challenges faced by authorities when it comes to Internet hacking groups is finding principal members--those who founded the groups--rather than hangers-on or latecomers who simply want to be identified as part of the movement. Among those arrested was Jeremy Hammond of Chicago, who is tied to a December 2011 attack on Stratfor, an Austin-based intelligence firm. Hammond claimed to have obtained data about a former U.S. vice president and after the hack, which affected an estimated 860,000 users, Anonymous sent an email to those same users lauding its own accomplishments.

For midsized businesses, these kinds of attacks represent the ultimate unknown--they can come seemingly from anywhere, at any time, and even in the few days after these worldwide arrests, hacker groups have been lashing out at business around the world, not just those connected to law enforcement or security.

All for the Lulz

One hallmark of the hacker community is their attitude toward IT security; they see it as a joke, a minor inconvenience to their great work. What's interesting about Sabu is that despite his 45,000-strong Twitter following (according to a recent Yahoo News article) and his ability to disrupt sites like Visa, Mastercard, and Paypal, the father of two was living in public housing, unemployed, while he carried out his global attacks. It's impossible to predict who might be tied to a group at first glance; the identity-free nature of the Internet makes it easy to hide in plain sight.

Cooperation with law enforcement authorities was a smart choice for the former Lulzsec leader and may help him evade a 120-year prison term, and he likely has a great more to share about the organizations. Barrett Brown, a former journalist with ties to Anonymous says that Sabu has "been a leader," and that "people came to him with information."

The seeming invulnerability of Anonymous and similar groups, contrasted with the sudden inroads made by law enforcement, help illustrate the reality of security concerns for business IT across the globe. While systems are vulnerable to electronic attack on a variety of fronts, it's the human factor--the desire for fame, for change, or simply for gain--that both informs security breaches and can aid in curtailing them. Though these arrests don't signal the end of hacker groups as a whole, they do help shine light on subversive groups that pride themselves on keeping security companies and law enforcement in the dark.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.

Topics: Security

Comments

About the Author

Douglas Bonderud

Member since October 2011

A freelance writer since 2009, Doug has a particular passion for technology and its impact on our daily lives. As an evolving resource, technology changes us as much as we inform its development, giving fertile ground for thought.
Full description »

©2010 IBM   |   Terms and Conditions   |   Privacy Policy