'LulzSec suspect' arrested by New Scotland Yard

Filed Under: Denial of Service, Law & order, Malware, Vulnerability

LulzSecNew Scotland Yard has confirmed that it has arrested a 19-year old suspected hacker in Essex, UK, in connection with a series of hacks and denial-of-service attacks against a number of organisations.

It is being widely speculated that the arrest is in connection with the high-profile attacks by the LulzSec hacking group, which has claimed amongst its victims Sony, the CIA, the FBI, and the Serious Organised Crime Agency (SOCA).

Officers from the Police Central e-Crime Unit (PCeU) arrested the man last night at approximately 10:30pm, on suspicion of breaching the Computer Misuse Act, and searched a house in Wickford, Essex, where they seized computer equipment which will undergo forensic examination.

The FBI and local Essex police worked in co-operation with the PCeU to investigate the case. The arrested man, who has been named as Ryan Cleary in many media reports, has been taken to a London police station for questioning.

It's important to note at this point that it has not been confirmed that the arrested man is suspected by the authorities of being involved with LulzSec. But many observers are speculating that that could be the case.

LulzSec Twitter wallpaper

The controversial LulzSec group have been playing a dangerous game as they targeted "big players" such as the crime-fighting agencies around the world. Inevitably the authorities were not going to take kindly to that, and would put man-power to work seeking out intelligence as to who could be involved.

Seemingly drunk with the popularity of their Twitter account (which has more than 220,000 followers) they have becoming increasingly vocal in the messages they have made public, and embarrassed computer crime authorities and large organisations around the world with their attacks.

New Scotland YardOne had to wonder if all of this bragging could lead to the group's downfall. It would, after all, be hard to keep a secret from friends and peers if you were a member of LulzSec.

There has been much speculation recently regarding who might be behind LulzSec - if the police believe that they have cracked the group then a strong message will be sent to others considering engaging in illegal acts such as malicious hacking and denial-of-service attacks.

It will be interesting to see if LulzSec's Twitter account is updated, or has anything more to say about the arrest. Will it be a case of "who lulz last, laughs longest?"


Update: LulzSec has posted a tweet about the arrest:

There were also rumours earlier today that LulzSec had stolen details from the UK Census. This story always appeared somewhat dubious, and LulzSec has now officially denied any involvement.

Unless any evidence comes to light, I think we can be reasonably confident that no hack has occurred against the UK census.

We'll have more information as it becomes available or follow me on Twitter where I will post more details as they come to light.

, , , , ,

You might like

45 Responses to 'LulzSec suspect' arrested by New Scotland Yard

  1. Tim · 1198 days ago

    Let's hope he's not deported to the US.

  2. Emily · 1198 days ago

    Charge all these idiots as terrorists. Perhaps then, they won' be laughing.

    • your definition of "terrorist" seems a bit broad

    • NinjaNoel · 1198 days ago

      lol, funny you should use the word 'terrorist', as seen from the other side they would then be called 'freedom fighters'.

      You classification just cements the importance of their work, I love my freedom, such as it is, and these guys are keeping us safe from idiot corporations!

    • Emily · 1197 days ago

      Spoken like true cyber terrorism supporters. You want YOUR private info spread throughout the world, go ahead and do it your selves. Me? Well I'm good without, thanks. There are other ways to keep safe. This, as a matter of fact, is the OPPOSITE of safe. Send me your address so I can break into your home and prove to you that it can be done. Still "freedom fighting"? You are insane. Safe from idiot corporations? How?

  3. Dave · 1198 days ago

    Well as they are postig today as if nothings happened, i call BS.

    • They haven't posted to their Twitter account since the wee small hours of the morning UK time. I guess we'll find out soon enough.

      • Richard · 1198 days ago

        The first thing I'd do if I was a criminal with a public web presence is share the password with a trusted lieutenant. Or simply have a Lulzsec 'publicity officer'.

        That way, I could point at it and say, "Honestly, I'm not Lulzsec," in interview.

        Unsurprisingly (as your update points out), they're still posting, and it's a denial that the arrested guy is one of them.

    • Cruimh · 1149 days ago

      I think if it did happen, they would have handled it the same way they did Topiary, but it does make sense that if they found one of them, the others aren't soon after. We can only wait and see, can't we?

  4. I really hope its not Lulzsec.....bcuz they rock......

    • titeko · 1198 days ago

      they rock? yeah stealing innocent people info and exposing their credit card and personal info all over the net...yeah they rock, imagine if those people are you,your friends and family. who is just trying to enjoy life peacefully...

      • maya · 1198 days ago

        If companies are outsourcing to offshore companies to develop "secure sites" and cannot protect themselves against SQL injections: that's a problem that needs to be exposed.

        Whether they should be exposed to the public is a different subject matter... but you get what you paid for... right?

      • GGG · 1198 days ago

        Now imagine that it wasnt lulzsec that was doing the hacking. Imagine it was actually an organised effort to steal personal information for profit, and not "lulz". Lulzsec is revealing how insecure our personal information is in the hands of giant corporations. Perhaps their activities will force companies to take the threat of real, malicious hackers seriously.

        • abcd · 1198 days ago

          They are not just exposing the fact that the sites are vulnerable to SQL injections, they are then taking the information they have stolen and releasing it on the internet for everyone to see. Terrorists or not they are making the information available to anyone who wants it. If they were just exposing flaws in security then they would just perform the attack and alert the company.

          As for th DDoS attacks... do they want a cookie or something?

          These idiots need to be caught and locked up, end of.

          • Emily · 1195 days ago

            You're exactly right. There's a HUGE difference between letting companies know they need to address security, and being the threat you are trying to "protect" us from.

            If I were stealing information from wallets and purses, I would surely be arrested and charged as a criminal, not idolized as a freedom fighter.

  5. Jon · 1198 days ago

    Talk about misleading your audience - the tile says "'LulzSec suspect' arrested by New Scotland Yard" and then the fifth paragraph: "It's important to note at this point that it has not been confirmed that the arrested man is suspected of being involved with LulzSec by the authorities."

    It's all about the clicks, isn't it, Graham?

    • The police haven't made any connection public.

      I was trying to make the point that although it has not been confirmed that the cops think he might be connected to LulzSec, plenty of others are making the link.

      I don't know if he is or not. A name is being bandied around in connection with the arrest, but has not been released by the authorities.

      I guess we'll have to wait and see.

      • Amber Jones · 1198 days ago

        Really? Why not write "Suspected hacker arrested by New Scotland Yard" then instead of the utterly sensationalist title?

        Plenty of others are making the link? There's no link so far, only *pure* speculation. Plenty of blogs reported the iPhone 5 is coming out in June and it didn't.

        Wide speculation doesn't make something true.

      • Dave Keays · 1197 days ago

        "Lulz suspect" sounds like a good way to say "person suspected of being involved with lulz".

        Writing a headline is an art. I don't want all the details of an article jammed into the headlines which means you can't scan over them as easily.

  6. Layllah · 1198 days ago

    How dare you brag about something you guys had nothing to do with, besides they bagged the IRC keeper not the lizard! Maybe pseudo security company's should be exposed for what you are FRAUDS! DDOS and Injection code methods have existed since the begining, and you experts have done nothing except sell products that can't stop either!

    • Matt · 1198 days ago

      Believe me, Sophos is far from a 'pseudo-security' company...

  7. I wonder: is there an agency for Silly or "Not So Serious" Organized Crime, as well?

  8. Very unfortunate for him not to cover his tracks

  9. @Tim, Why would he be deported to the U.S.? And what if he were? Why would that be an issue for you? As an American I do not understand your inference in your comment.

    • Oranges · 1198 days ago

      Deported for attacking the CIA's or FBI's website/servers.

      It's an issue because the authorities don't respect people's rights in the USA.

      Your country has trials where the CIA can tell a judge 'we have proof the accused did this. We can't show you that proof for national security reasons, we can't even tell you what that proof is, but believe us, this proof exists" and the judge can accept this statement as 'proof' - this is an issue because the accused and his lawyers can't see this proof and thus can't defend themselves against it, and because this can be abused to fabricate fake proof against innocent people.

      Your country has Gitmo, where people are detained for many years without a trial. In case you aren't very familiar with the law, people are normally supposed to have the right to get a trial quickly. This is to prevent abuses where an innocent person is kept in jail 'waiting for a trial' but never gets a trial and as a result it's just as if he's serving a prison sentence. This right is usually know as Habeas Corpus.
      I'm not even mentionning the conditions in which the people are detained at Gitmo.

      Also, even if that hacker isn't sent to Gitmo, the authorities could simply threaten to send him there as a 'terror suspect' in order to force him to confess - this would violate his right to not incriminate himself and could be used to make him confess to things he did not do.

      The US government and the authorities aren't perceived as defending freedom and rights anymore. Not in the rest of the world at least, but I heard many Americans say the same. This is why, should he be deported to the USA to be tried, we would suspect his trial may not be fair. Personally, I wouldn't put it past the CIA and FBI to fabricate evidence.

    • Anon · 1198 days ago

      Nor the word 'inference' it would seem.

    • abadidea · 1198 days ago

      It is (I assume) a reference to a British hacker with a mild disability (who apparently really was pretty naive rather than malicious) who the US demanded be deported to them. I can't remember his name at the moment.

      Being deported to the US is not a good thing for any party concerned... it's gotten a bit of a "reputation" for maltreatment of foreign suspects lately...

      • abcd · 1198 days ago

        The sad thing about this case is that the US demands we deport criminals to them under some agreement that was signed saying we would. The US does not recoprocate the conditions of that agreement though. Its a disgrace UK courts would even consider deportation to the US but if he is found guilty then it may well happen.

      • ninjahack · 1197 days ago

        Gary McKinnon

        and I agree, these punks hacked UK Government organisations too, so they should be tried here first, serve their sentences in UK jails before the US get their hands on them

  10. The Twitter thing suggests that as they haven't Tweeted in hours then he must be behind it. Hello, LulzSec is a group of people, so just because they have POSSIBLY caught one member doesn't mean the remaining members wouldn't still have access to the Twitter etc. The lack of Tweets proves nothing in my eyes. Let's wait and see if LulzSec or anonpops mention anything in regards to the arrest in the coming hours.

  11. N Moggie · 1198 days ago

    If the authorities have any sense they will employ him and pay him shed loades of money

  12. john · 1198 days ago

    lulzsec are tweeting again.

  13. Mel · 1198 days ago

    And he'll probably get a "slap in the wrist", get released and then become rich by becoming a consultant to security firms wanting his expertise.

  14. James · 1198 days ago

    Here's my idea. Just turn off the whole public internet for a month and see who comes stumbling out into the streets with the shakes - disoriented then start questioning them.

    Be a nice break and vacation from the web for everyone anyway.

    • Elegwa · 1197 days ago

      Everything now and days is on the internet. There is not private internet. Online classes, learning resources, communications. My job relies on the internet, I'd be out in the streets in a matter of seconds, I need to feed myself and my family. Not to mention, how would one go about shutting down the internet? It's not owned by a single person. It's against the law to start filtering.

      At least Lulzsec is being...Nice? About it, they could have taken all those passwords and email address and used it for there own evilness. Instead they released them onto the internet. You can quickly check to see if your account has been comprised.

      It also reminds us not to use the same passwords on all sites. Its very unsafe :(

  15. Rev Egg Plant · 1198 days ago

    Is it commonplace on this blog to report on unconfirmed rumor?

    "It's important to note at this point that it has not been confirmed that the arrested man is suspected of being involved with LulzSec by the authorities. But many observers are speculating that that could be the case."

    What a bunch of crap. You have no solid evidence that such is true, but you'll report it like it's true. Stop that.

  16. Lee · 1198 days ago

    "if the police believe that they have cracked the group then a strong messaage will be sent to others considering engaging in illegal acts such as malicious hacking and denial-of-service attacks"

    Boy, I miss those strong messaages from the police--they were the only thing that could loosen up my shoulders!

  17. AMSJD · 1197 days ago

    It's impossible to condone what these hackers and attackers do. It's childish! We all know that these large companies work extremely hard to create websites for the world, and they're doing nothing wrong.

    What goes on in the government is none of our business unless they tell us it's our business. Same for website databases.

  18. Dave Keays · 1197 days ago

    Bandwidth and data on a server are assets on the cloud just like your car is an asset to your household. Keying someones car or DoD'ng a site for lulz (for laughs) isn't exactly non-violent as they claim.

    Plus, their moral high-grounds are shakier than Anonymous' or Wikileaks', and they weren't showing the skills seen in pown-to-own. They are like a KKK crowd without the supposed moral motivations and are just doing it for fun.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.