As news gets out that notorious hacking group LulzSec has disbanded, an unfortunate missing element to these stories is that there are individual components of the notorious group and numerous other groups that have always existed, continue and will continue to emerge. The cat is out of the bag and many internet hackers are believed to be inspired to follow the LulzSec saga of publicity-driven breaches. LulzSec’s history of exploiting known vulnerabilities and threats and subsequent public disclosure of the methods used during their escapades will and has likely inspired followers en masse. The #antisec movement they have founded has already turned up a number of similar domestic and international efforts thus far. In their final #antisec act, Lulzsec leaked documents belonging to Arizona’s Department of Public Safety.
Add to this the fact that for some time to come the compromised threat position of most of the internet and insecure websites is well and long proliferated. In fact, massive breaches and vulnerabilities emerge daily and are regularly reported in certain circles, but rarely, if ever, see the light shone by the common major media outlets. It will not be long before another group or factions of this group pop up elsewhere and perhaps try to capture that notoriety that LulzSec experienced.
In a bit of irony that was obviously forecast well ahead of time, it seems that the disbanding of LulzSec may have relation to continued investigative pressures to disclose their identities, including efforts from other hacking groups. The very notoriety they sought caused them to become a target and culminated in release of reported chat logs and reported apprehension of potential associates of the group. There are reports at this time that members of the group are joining forces with Anonymous.
LulzSec as a group may indeed have packed it up, but rest assured they will live on in some form, perhaps with a different name, and a renewed agenda. This is hardly a time to rest easy as threats and malicious groups will continue to emerge.
Protect yourself, address your security now. Get in compliance, hire a qualified pentester, and secure data. Develop a comprehensive security plan. Be aware that a good deal of data loss incidents happen from within your own organization. Train your people on what the crown jewel assets of your organization are, confidential information, process, reputation. Capture all of those things and proceed to boldly pursue technology to enable your organization with the best in functionality with the best possible approach to securing the information that is the lifeblood of the enterprise. LulzSec as a group may be indeed forever disappearing, but their saga should not be forgotten. The threats are real, the stakes are high, and there are many other entities out there with bad intentions.