A shadowy group of hackers behind a string of recent cyberattacks claimed on Monday to have breached the US Senate website and taken internal data.

The Senate Sergeant at Arms, which is responsible for congressional security, confirmed there had been an intrusion into the server hosting the public website, Senate.gov, but said no sensitive information was compromised.

The hacker group, which goes by the name of "Lulz Security," published files online at lulzsecurity.com said to have been swiped from Senate.gov.

"This is a small, just-for-kicks release of some internal data from Senate.gov -- is this an act of war, gentlemen?" Lulz Security said in a statement.

"We don't like the US government very much," the group added. "Their sites aren't very secure."

The Sergeant at Arms said Senate computer security staff had discovered an "unauthorized access" over the weekend into the server hosting Senate.gov.

"The intruder did not gain access into the Senate computer network and was only able to read and determine the directory structure of the files placed on Senate.gov," the Sergeant at Arms said in a statement.

"That server is for public access on the public side of the Senate's network firewall, and any files that individual Senate offices place there are intended for public consumption," it said.

The Sergeant at Arms said the intruders took advantage of a vulnerability in a portion of the website that is maintained by an individual Senate office.

"Although this intrusion is inconvenient, it does not compromise the security of the Senate's network, its members or staff," the Sergeant at Arms said.

"Specifically, there is no individual user account information on the server supporting Senate.gov that could have been compromised," it said.

The Sergeant at Arms said it would be conducting a security review of all of the sites hosted on Senate.gov.

Lulz Security, whose name is derived from the text-messaging shorthand phrase LOL, or "laugh out loud," has claimed credit for a series of cyberattacks in recent weeks.

The targets have included Sony's online operations, an FBI partner website, the website of videogame developer Bethesda Softworks and the website of the US non-profit Public Broadcasting Service.

earlier related report
Expert warns NATO of cyber arms race
Tallinn (AFP) June 10, 2011 - The world is entering an era of a cyber arms race where ever-more sophisticated versions of malware are the weapons of choice of actors often impossible to trace, a top IT expert told NATO Friday.

"We are entering the era of a cyber arms race, but the problem in this arms race is we don't know what kind of new arms the others have, so we don't have a quick, effective means to counter them," Mikko Hypponen said at a meeting on global cyber conflict organised by the Tallinn-based NATO Cyber Centre.

"And we often don't know also who is in charge, who has these weapons," said the Finn, who works for a top global IT security firm.

Hypponen is known for having been involved in weeding out the feared Storm and Stuxnet computer worms and has assisted authorities in the United States, Europe and Asia in cracking global cyber crime.

He singled out defence contractors, government and non-governmental organisations as the "three main large target groups of hackers."

"We are following daily how hackers break into computers and take them over without users having the slightest idea what is going on," Hypponen said.

"The damage arrives usually with the attachment from a sender you know or trust fully, having been linked even to mail looking like arriving from the US Department of Defence, World Bank, United Nations etc., but having in fact nothing to do with them," he added.

He said failures in a widely-used documents system were largely to blame.

"Current technologies are simply failing," charged Chris Brown, an expert from US network security company NetWitness.

"People underestimate the complexity and capability of cyber threat and are not taking proactive steps," he warned.

A NATO official announced this week at the Tallinn conference that the alliance plans to beef up its cyber defence capabilities with the creation of a special task force to detect and respond to Internet attacks.

The Symantec cyber security firm recently reported that web-based attacks in 2010 were up 93 percent from 2009.

The June 7-10 NATO cyber security conference attended by 300 top IT experts from across the globe focuses on the legal and political aspects of national and global Internet security.

Tweet

Related Links Cyberwar - Internet Security News - Systems and Policy Issues