LulzSec claims it used a distributed denial of service (DDoS) attack against CIA.gov, which rendered the site inaccessible to the public for much of the day. Attacks such as this aren’t necessarily traditional hacks where information is lifted, but rather uses repetitive floods on a given domain to the point where a site malfunctions.
"People are saying our CIA attack was the biggest yet, but it was really a very simple packet flood," tweeted a LulzSec representative.
Robert Gray of the Risky Biz Internet security podcast told ABC that very few sites online can withstand a bombardment like the DDoS attack carried out by LulzSec, but it should be expected that the CIA’s site should be one of them.
"Inherently the Internet is a pretty risky place if even the CIA can't keep its website protected against a group of amateurs," said Gray.
LulzSec’s most recent e-attack was apparently a response to a message the group received on Twitter in which a user called out the hackers for only going after “soft targets.”
"Stop calling yourself hackers, you're giving real hackers a bad name," Twitter user Quadrapodacone wrote. "Here's a challenge … fbi.gov or cia.gov try changing text or something." The exchange of tweets between the user and LulzSec has since gone offline.
Bloomberg Businessweek writer Arik Hesseldahl has pointed out that attacking government websites is indeed a crime but says, “I’m assuming that LulzSec … knows it, and is wantonly demonstrating that it doesn't care. “
The hacking group revealed a list of data obtained from Senate.gov on Monday, which marked perhaps the most high-profile infiltration carried out by LulzSec in its few weeks of existence. Previously their portfolio of hacks and attacks had been punctuated by assaults directed at Sony, PBS and Nintendo.