Anonymous and LulzSec it's time to decide

Face bandits: Anonymous and LulzSec are losing their strength due to distracting attacks and they need to become smarter and more focused - this was the conclusion of security experts who visited DefCon in Las Vegas last week.

“We have the opportunity not just to wreak havoc, but to wreak organized havoc,” said Josh Corman, research chief at analyst at 451 Group , who added that both anonymous groups bury their message in noisy DoS and SQL attacks: “To me it seems that the actions carried out in order to achieve the goal cast doubt on the very purpose. There is a way to clarify what their goal really is. ”

I recall that both Anonymous and LulzSec started with DDoS attacks on PayPal and MasterCard sites, after the latter blocked WikiLeaks charity accounts. PBS.com also got after posting a story about Bradley Manning. Not to mention the frequent attacks on companies performing government contracts and an episode with Sony.
')
Korman proposes that both of them spend their energy on more significant things, such as demolishing sites with illegal content, like child pornography: “For this we will all stand.”

Another discussion participant, dissatisfied with Anonymous’s latest actions on hacking at ManTech International’s website, notes that both organizations should look for evidence of corruption on a large scale or just non-standard things — such as the Collateral Murder video published by WikiLeaks in 2010, where US soldiers opened fire on the group civilians in iraq.

“If you are going to reach your real goal, look for real dirt,” another DefCon visitor advised, who had appeared on the stage in black glasses and a scarf covering the bottom half of the face a little earlier. When the audience asked the speaker to reveal his appearance, security blogger Krypt3ia turned out to be him .

The funny thing is that many people are not in a hurry to express a negative opinion towards Anonymous or LulzSec - the HBGary burglary story affects thousands of emails from Aaron Barr, then the former CEO of the company. This was due to the fact that he mentioned the personal data of some members of Anonymous and was going to merge this data with the FBI.

Barra was fired from the company because it turned out that his letters revealed the plan of operation to discredit WikiLeaks and some people who supported the system. Aaron himself was supposed to appear on the recently concluded DefCon, but changed his mind after threatening a former employer to sue him at the very first word about a hack or anti-WikiLeaks project.

Some conference participants approached Josh Corman and said, “Guess who is my next goal? HB Gary ”, so he has no doubt that the company will again be under attack.

The controversial discussion, led by Paul Roberts (Paul Roberts) - editor of the ThreatPost blog, was attended by Jericho, the former founder of Attrition.org, a computer security site specializing in finding and disclosing fraud and corruption.

Krypt3ia blamed both groups for the lack of real goals and simply wanting to destroy everything, later justifying their actions. He also notes that because of the hidden nature of Anonymous and LulzSec, nothing prevents any person or group of people from declaring that they also belong to her. Thus, you can cover corporate espionage, international incidents, and just a little shift the center of attention.

Jericho called on the community to “build the best Anonymous” in order not to make useless noise, but also to benefit the security community. He also suggested that both groups could be involved in improving the protection of companies by hacking into the sites of those that have already been told about critical holes.

If a company is not properly protected, why not force it to do it forcibly: “If they don’t learn anything, why not enter LulzSec and wake them up?”

Finally, he considers the defense of people who expose vulnerabilities in various systems or products to justified actions - this is a subtle hint at George Hotz, who played in PS3.

via ArsTechnica