'LulzSec suspect' arrested by New Scotland Yard

New Scotland Yard has confirmed that it has arrested a 19-year old suspected hacker in Essex, UK, in connection with a series of hacks and denial-of-service attacks against a number of organisations.
It is being widely speculated that the arrest is in connection with the high-profile attacks by the LulzSec hacking group, which has claimed amongst its victims Sony, the CIA, the FBI, and the Serious Organised Crime Agency (SOCA).
Officers from the Police Central e-Crime Unit (PCeU) arrested the man last night at approximately 10:30pm, on suspicion of breaching the Computer Misuse Act, and searched a house in Wickford, Essex, where they seized computer equipment which will undergo forensic examination.
The FBI and local Essex police worked in co-operation with the PCeU to investigate the case. The arrested man, who has been named as Ryan Cleary in many media reports, has been taken to a London police station for questioning.
It's important to note at this point that it has not been confirmed that the arrested man is suspected by the authorities of being involved with LulzSec. But many observers are speculating that that could be the case.

The controversial LulzSec group have been playing a dangerous game as they targeted "big players" such as the crime-fighting agencies around the world. Inevitably the authorities were not going to take kindly to that, and would put man-power to work seeking out intelligence as to who could be involved.
Seemingly drunk with the popularity of their Twitter account (which has more than 220,000 followers) they have becoming increasingly vocal in the messages they have made public, and embarrassed computer crime authorities and large organisations around the world with their attacks.
One had to wonder if all of this bragging could lead to the group's downfall. It would, after all, be hard to keep a secret from friends and peers if you were a member of LulzSec.
There has been much speculation recently regarding who might be behind LulzSec - if the police believe that they have cracked the group then a strong messaage will be sent to others considering engaging in illegal acts such as malicious hacking and denial-of-service attacks.
It will be interesting to see if LulzSec's Twitter account is updated, or has anything more to say about the arrest. Will it be a case of "who lulz last, laughs longest?"


http://nakedsecurity.sophos.com/2011/06/21/lulzsec-suspect-arrested-scotland-yard/

Soca website taken down after LulzSec 'DDoS attack'

The UK Serious Organised Crime agency has taken its website offline after it appeared to be a victim of an attack by hacking group Lulz Security.

Soca said it had taken its website offline to limit the impact attack on clients hosted by its service provider.
Soca.gov.uk had been unavailable for much of Monday afternoon, with an intermittent service restored later.
Lulz Security has said it was behind the denial of service attack which had taken the website offline.
Earlier on Monday, as the agency launched an investigation, LulzSec tweeted: "Tango down - in the name of #AntiSec".
The group has hit a number of high-profile websites in recent weeks, including the CIA and US Senate.
Soca appeared to be the victim of a distributed denial of service (DDoS) attack, where large numbers of computers, under malicious control, overload their target with web requests.
In a statement given to BBC News, a Soca spokesman said: "Soca has chosen to take its website offline to limit the impact of DDoS attack on other clients hosted by our service provider.
"The Soca website is a source of information for the general public which is hosted by an external provider. It is not linked to our operational material or the data we hold."

Embarrassment

Earlier on Monday, a LulzSec Twitter posting seemed to confirm the nature of the attack.
"DDoS is of course our least powerful and most abundant ammunition. Government hacking is taking place right now behind the scenes," it said.
The latest attack will come as an embarrassment for Soca, which is tasked with investigating cybercrime.
"It is not going to please the boys in blue one bit," said Graham Cluley, senior technology consultant at security firm Sophos.

Mr Cluley added that it was wrong to confuse DDoS with the kind of hacking that can lead to confidential information being stolen.
However, he warned that LulzSec was capable of both types of attack.
"They have in the past broken into websites and stolen e-mail addresses and passwords, so there is a lot of harm can be done."



Big Lulz
When Lulz Security first appeared in May, the group portrayed itself as a light-hearted organisation, bent on creating online fun and Lulz (laughs).
Soon after, details of its hacking exploits began to emerge.
The first involved stealing and publishing a database of US X-Factor contestants, including their e-mail addresses and phone numbers.
It followed up with a mixture of website denial of service attacks and intrusions where data was taken and made available on the internet.
On June 19, LulzSec declared that it would begin targeting government systems, calling the campaign Antisec.
"Top priority is to steal and leak any classified government information, including e-mail spools and documentation. Prime targets are banks and other high-ranking establishments," said a post on the group's website.
The reason for LulzSec's greater focus on government is unclear, although it appears to have recently ended a feud with the more politically-motivated group Anonymous.

http://www.bbc.co.uk/news/technology-13848510