June 14, 2011
Hackers Target US Senate And Bethesda Softworks
Lulz Security (LulzSec) - the shadowy hacker group that was behind recent security breaches at Sony, Nintendo and Fox News - has now set their sights on video game company Bethesda Softworks and the US Senate.
US officials said they have ordered a security review after an apparent hack was made on the Senate website over the weekend. Martina Bradford, the deputy Senate Sergeant of Arms, said on Monday the incident had been "inconvenient," but had not compromised the security of the staff.
"Specifically, there is no individual user account information on the server supporting Senate.gov that could have been compromised," she said.
The Sergeant at Arms said it would be conducting a security review of all of the sites hosted on Senate.gov.
The hack was confirmed after LulzSec said it had carried out the attack on Senate.gov for fun and posted files on its website lulzsecurity.com.
"We don't like the US government very much," LulzSec said at the top of a release. And, likely referencing reports that the Pentagon is considering whether a cyber attack could be considered an act of war, it wrote: "is this an act of war, gentlemen? Problem?"
Under existing US computer crime law -- specifically the Computer Fraud and Abuse Act -- the hack might be punishable upon indictment and conviction by up to five years' imprisonment.
Application Security Inc's chief technology officer, John Shaul, said the data LulzSec posted is "verifiable proof" that it was able to gain access to and take control of the Senate's website.
"It's a very skilled group "¦ they claimed it was easy," he told the Associated Press (AP).
LulzSec has successfully launched a series of attacks on Sony, Nintendo, PBS, and Fox News as well.
Shaul said the recent string of attacks take advantage of insecure systems. Most companies only protect the perimeter of their networks. Once hackers get in, "everything is there to own." It's the equivalent of a bank putting a guard at the door and leaving all the money in a pile instead of in safes and vaults, he added.
"We've created this situation where it's so easy for a skilled attacker to break in and get data," said Shaul. "They are doing it because they can."
The Senate is continually the target of hacking attacks, with tens of thousands averted each month, Senate Sergeant of Arms Terrance Gainer told Reuters in early June.
John Bumgarner, of think tank Cyber Consequences Unit, said the break-in is embarrassing for the Senate, "because they are often asking others to explain why their cyber security programs have failed."
"The information disclosed online ... shows that the intruders had administrator-level access to the Senate server. This access could have potentially been used as a jump-off point to compromise other systems in the network," he told Reuters.
Bethesda Softworks also acknowledged there was an intrusion on its network in a blog post on Monday, saying hackers may have gained access to users' names, email addresses and passwords. Bethesda said no credit card data or other financial information was compromised, however.
LulzSec posted what appears to be source code and database passwords of Bethesda Softworks, a subsidiary of ZeniMax Media, online. The hackers claim to have obtained the info and more after finding holes in Bethesda's systems while running a denial of service attack two months earlier.
LulzSec, which claims to be fans of Bethesda, also claimed to have data on more than 200,000 registered users of the game Brink. The claims, however, remain unverified.
"We're going to release lots of Bethesda/ZeniMax data today - however we might not release their 200,000+ users as we love Call of Cthulhu," the group said in a Tweet. "Bethesda, we broke into your site over two months ago. We've had all of your Brink users for weeks. Please fix your junk, thanks! ^_^," they added.
LulzSec said it had resisted temptation to release data on Brink users so as not to distract Bethesda from work on its next fantasy epic "Skyrim."
Bethesda declined to comment beyond its blog post and did not say how many users were affected.
On the Net: