Cyber threat: Has LulzSec gone too far hacking the NHS?
Despite the fact that LulzSec openly stated in its recent correspondence with the U.K.'s NHS that it didn't consider the service an "enemy" many of the general public have already begun to question the groups supposedly noble intentions to "help" the service.
LulzSec and the NHS
The hacking group known as LulzSec reportedly emailed the NHS earlier this week, warning the service that its network security was weak.
In a subsequent tweet on its Twitter page the group posted a comment revealing its interactions with the NHS.
"In celebration of little girls getting bigger bones, we're now emailing NHS and informing them of those admin passwords we took months ago."
The group then posted the email it had sent the U.K.'s health service online:
"Greetings ... we're a somewhat known band of pirate-ninjas that go by LulzSec. Some time ago, we were traversing the internet for signs of enemy fleets. While you aren't considered an enemy - your work is of course brilliant - we did stumble upon several of your admin passwords."
LulzSec went on to claim that it did not target the NHS for any malicious reason, rather that it wanted to "help" the service. "We mean you no harm and only want to help you fix your tech issues."
In keeping with this sentiment, the group blacked out the passwords contained on the email when it posted it online.
LulzSec's other recent exploits
The past few weeks have been a busy time for LulzSec. The group has claimed responsibility for successful cyber attacks on both Sony and Nintendo.
In the wake of Sony's PSN outage, LulzSec hacked both its sonypictures.com website and BMG music department. In both attacks the group posted the stolen information on its website in press releases entitled, "Sownage" and "Sownage 2".
As was the case with its recent interactions with the NHS, LulzSec once again claimed that its actions were done with the public's interests at heart.
The group claimed that it attacked Sony to make the public aware of the company's continued cyber weakness, teaching them not to once again trust Sony with their personal and banking information.
"Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now.
"From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"
The group's following attack on Nintendo was of a similar nature, though this time as was the case with its interactions with the NHS, the group again claimed that it did not have any ill-feeling toward the company. Instead, the group argued that it carried out the attack hoping to help Nintendo improve its security. "We like the N64 (gaming console) too much - we sincerely hope Nintendo plugs the gap," read a post on the group's website.
LulzSec good or bad?
As is the case with any discussion about hacking, the question of whether LulzSec's recent interactions with the NHS are a good or a bad thing is likely one that will generate numerous conflicting opinions.
Some will universally support LulzSec -- like the individual who reportedly donated the group $7200 -- while others will take the more hard-line view that hacking is always wrong no matter the justification. Then there will be those in the middle, that while viewing hacking as wrong, can see how LulzSec's actions could help the service improve its security ensuring another more malicious hacker doesn't gain access to its network.
Whatever the case, it seems likely that LulzSec's recent actions will only serve to fan-the-flames currently surrounding the debate about cyber-attacks and what needs to be done to stop them.
© Copyright IBTimes 2024. All rights reserved.