It's easy to forget, in the ten months or so that have followed it, that there was a period in the middle of 2011 during which an organized hacking campaign was carried out against major gaming, media, and government groups' web presences. LulzSec formed in May of that year, ostensibly a small group of seven people with the stated goal of causing mayhem and little more. They began with hacks into Fox and PBS' websites, releasing user data, but the one that drew the most initial attention was a break-in to Sony Pictures' website. The group claimed that they were retaliating for legal action Sony had taken against George Hotz in the wake of his jailbreaking the PlayStation 3.
Their rampage continued throughout June, targets including a variety of gaming sites; Bethesda Game Studios was targeted, supposedly two months prior, garnering user data for Brink. They brought down the websites of Minecraft and League of Legends, as well as gaming news and video site The Escapist. In mid-June, LulzSec knocked out the main server of Heroes of Newerth.
This was really only LulzSec's gaming-related activity. They also weaseled their way into a variety of government websites (both United States and otherwise) and retrieved information or defaced pages, kicking things into high gear in late June with "Operation AntiSec," supposedly in collusion with Anonymous. By mid-July, however, LulzSec released an announcement that they were retiring, and had soon disappeared from the news and, by now, the memories of the public.
It all came rushing back yesterday, though, when accused LulzSec member Cody Kretsinger pleaded guilty to one charge of conspiracy and one charge of "unauthorized impairment of a protected computer" in a Los Angeles court. This comes in the wake of last month's reveal that, from mid-August on, LulzSec leader Sabu (real name Hector Xavier Monsegur) had been aiding the FBI in drawing out and arresting the other six members of LulzSec as part of a plea bargain to avoid prosecution for the twelve charges to which he had pleaded guilty.
The thing to understand about LulzSec's activity, though, and what made it so notable was the timing. In April of the same year, the PlayStation Network had been breached and personal information potentially compromised. The service itself was out of commission for a month, from the end of April to the end of May, while Sony assessed the damage and sought out the vulnerability. People were already feeling scared and distrustful of big business, and there was a widespread perception that Sony had failed in due diligence to the consumer, misrepresenting the severity of the leak and keeping the public out of the loop on the steps they were taking both to assess and rectify the problem. It's no surprise, then, that one of LulzSec's first targets was Sony Pictures, not just because of the George Hotz case, but due to an existing stigma that then surrounded the Sony brand. It became easy to paint themselves as the heroes in their story, justifying their actions.
That's the mindset of terrorists, though—the thought that one is facing off against an evil profound enough that violence or other illegal activities are justified as a response. Even if the individual or group is going on the offensive, as was the case with LulzSec, it's all too simple to hold that the mere existence of their target is, itself, an affront that demands a pre-emptive strike.
Of course, despite the convenient timing, LulzSec's stated goal was never to engender any sort of social or political change, despite that their assaults focused on media and government websites and databases. It can be argued that those represented the highest profile targets, the areas in which their actions would be the most visible if successful. Rather than fixating on an activist ideology, LulzSec sought attention, and lashed out in the same way a young child might throw a tantrum, demanding that awareness by virtue of being too loud and outrageous to ignore.
That's plain to see, at least, in everything from the LulzSec logo to their behavior on their Twitter account and website, back when the two still existed. Everything was designed to frustrate their detractors with a seemingly carefree and dismissive attitude. Trolling, in other words, was the LulzSec way.
With the group of seven (supposedly) unmasked, though, the question that comes to mind is, "Was it worth it?" When he was still fighting his charges in court, Kretsinger was facing up to fifteen years in prison, and he was only charged for his suspected involvement in the Sony Pictures breach. Those who broke into further websites, particularly those with ties to government organizations such as the CIA, will likely face almost excessive maximum sentences. We don't often think about the fact that someone who's locked away for twenty years will, eventually, step out into an entirely different world than the one they left when they were locked away.
From the outside, it seems difficult to justify such a strong reaction to throwing around some code. The damage of the act isn't as obvious as with a physical crime, in which there's typically visual evidence of what the crime has wrought. Perhaps LulzSec getting caught, though, provides that concrete evidence necessary to discourage future "hacktivist" campaigns from even getting off the ground, much less going on the sort of rampage that got LulzSec's members into this mess.
Date: April 6, 2012
*The views expressed within this article are solely the opinion of the author and do not express the views held by Cheat Code Central.*