The latest in a string of attacks by a hacker group known as Lulz Security (LulzSec) targeted the Arizona police today. The hackers exposed user names and personal information of law enforcement officers as well as sensitive documents housed on their servers.
While rumors surfaced about a supposed kingpin of LulzSec being arrested by New Scotland Yard this week, their intimidation tactics continue, and we have no idea who the next target will be.
As usual many of the dumped passwords were easy to guess or crack, showing that too many people believe it can’t happen to them. It is increasingly apparent that using software and encryption to create and protect unique passwords for every website is necessary.
That LulzSec exposed these passwords suggests they were either unencrypted, or used an insecure hashing algorithm. This is bad in and of itself, but far worse if the victims used the same passwords elsewhere.
While many of us are frustrated with the current state of corporate security and would like to affect change in a meaningful way, we control our own destiny. Most of us reside within nations that have democratic governments and can participate in shaping our futures through legal means.
In my view, the hacker ethic is to empower people with understanding and to use our collective intelligence to advance our ideas. Destroying privacy by exposing the information of innocent victims doesn’t advance anything.
Creative Commons lulz photo courtesy of beej55’s Flickr photostream.