HARTFORD, Conn. – Internet hackers say they have compromised the security of more than 1,000 accounts at a Connecticut-based FBI partner organization.
The online hacking collective Lulz Security says it attacked a local section of InfraGard, a partnership between the FBI and the private sector to share security information. Connecticut InfraGard’s website is down.
FBI spokeswoman Jenny Shearer in Washington says the agency is aware of the attack and that the website is shut down as a precaution. She declined to comment on the extent of any damage.
Lulz claimed responsibility for the breach in a Twitter posting Sunday night.
The anonymous group takes credit for an April security breach of Sony Corp’s PlayStation Network. The hackers also say they are responsible for attacks on the CIA webpage and the U.S. Senate computer system. [Hackers claim attack on FBI partner in Conn.]
Everybody Getting Hit
Cyberattacks on governments, corporations and individuals are spiking. Sony’s PlayStation Network, Lockheed Martin, PBS, Google’s Gmail passwords, Nintendo and Citigroup’s credit-card customers’ files have all been hacked, causing concern and significant financial damage.
“Our opponents can attack at any time, using any method at their disposal, and only need to be successful once,” say Jason Andress, author of Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. “We have to be alert and react to every attack. This applies to every system, network and organization equally. Military, critical infrastructure, and corporate systems are all part of the ongoing fight.”
And it’s not just big companies and governments, either. The Anti-Phishing Working Group is reporting that more than one-third of respondents to a new web vulnerabilities survey were repeat victims of phishing. Thirty-seven percent reported their web sites had phishing or spoof sites planted on their web servers two or more times before, a statistic that reflects both the persistence of phishers and the difficulties of keeping them at bay.
“Phishers value compromised web sites highly because they are much harder for interveners to take down. They’re confident that they’ll be able to identify and exploit sites, and do so repeatedly,” said APWG Research Fellow Dave Piscitello of ICANN.
“Victims are not mitigating exploits entirely or are not implementing adequate measures to keep them away,” he added. “Keeping all components of a web site — OS, web server, applications and content — patch-current and applying the most secure configuration options possible could significantly reduce initial and repeat attacks.” [Hackers Take Sega Data — LulzSec Offers To Help]