TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Management shake-up at TymeBank – including a new CEO

      24 May 2022

      Standard Bank CEO apologises for weekend downtime

      24 May 2022

      South Africa fifth in Africa for blockchain funding

      24 May 2022

      Hein Engelbrecht to lead Mustek on interim basis

      24 May 2022

      Datatec in talks over Analysys Mason unit

      24 May 2022
    • World

      Terra collapse triggers $83-billion DeFi slump

      24 May 2022

      Zuckerberg sued in personal capacity over Cambridge Analytica

      24 May 2022

      Is the end of the bitcoin winter nigh?

      24 May 2022

      Zoom leaps higher on upbeat forecast

      24 May 2022

      Michael Dell becomes kingmaker in Broadcom, VMware deal

      23 May 2022
    • In-depth

      Bernie Fanaroff – the scientist who put African astronomy on the map

      23 May 2022

      Chip giant ASML places big bets on a tiny future

      20 May 2022

      Elon Musk is becoming like Henry Ford – and that’s not a good thing

      17 May 2022

      Stablecoins wend wobbly way into the unknown

      17 May 2022

      The standard model of particle physics may be broken

      11 May 2022
    • Podcasts

      The rewarding and lucrative careers to be had in infosec

      23 May 2022

      Dean Broadley on why product design at Yoco is an evolving art

      18 May 2022

      Everything PC S01E02 – ‘AMD: Ryzen from the dead – part 2’

      17 May 2022

      Everything PC S01E01 – ‘AMD: Ryzen from the dead – part 1’

      10 May 2022

      Llew Claasen on how exchange controls are harming SA tech start-ups

      2 May 2022
    • Opinion

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022

      Cash is still king … but not for much longer

      31 March 2022

      Icasa on the role of TV white spaces and dynamic spectrum access

      31 March 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»News»Behind the scenes at LulzSec: no laughing matter

    Behind the scenes at LulzSec: no laughing matter

    News By Editor15 March 2012
    Facebook Twitter LinkedIn WhatsApp Telegram Email
    The LulzSec logo

    Imagine you’re the CEO of an Internet security start-up. Now imagine one of the world’s most notorious hacker groups signs up for your service, to help protect their own website from attacks. What do you do?

    That’s exactly the dilemma Matthew Prince, CEO and founder of CloudFlare, faced in June 2011. LulzSec — short for Lulz Security — was a hacker collective formed in May 2011 which quickly achieved infamy by hacking the Fox Network and PBS and publishing portions of their private data.

    When LulzSec launched its own site in June, it was immediately attacked in retaliation and brought down within 45 minutes by a distributed denial-of-service attack (DDoS). The hackers signed up for CloudFlare — which specialises in deflecting these kinds of attacks — and their site was quickly back online.

    “The only time they were offline after that point was when they supplied us with an invalid Internet Protocol address,” explains Prince with a wry smile, speaking at this year’s South by South West (SXSW) Interactive festival.

    For the next 23 days, everyone from government agencies to “white-hat” hackers deluged the site, trying to figure out where LulzSec was hosting its content — which by now included millions of user records stolen from the Sony.com site. “We literally sat in the crossfire of that,” says Prince.

    For CloudFlare, the experience was both a blessing and a curse. Its basic service, which LulzSec used, is entirely free. “LulzSec didn’t pay us a cent, but they gave us a lot of pain,” quips Prince, getting a hearty laugh from his audience.

    Lulzsec did, in fact, offer to pay for CloudFlare’s services via Twitter, asking for a premium membership “in return for rum“. “It depends on what kind of rum, and how much,” responded Prince. “I have since been advised by council to delete that tweet,” he says with an impish grin.

    Despite the pain caused by the experience, which included many sleepless nights for his small team, Prince still sees it as a positive experience. “This turned out to be the kind of pentesting (penetration testing) that money can’t buy. We generated over a million new rules based on these attacks.” These rules now help CloudFlare fight off similar attacks on other sites it services.

    If you think a security company working for hackers is bizarre, the on-the-job training it did in unwitting preparation for the LulzSec incident was even more wacky. Soon after it launched in June 2009, CloudFlare started to get lots of sign-ups from Turkish escort agencies.

    Prince explains that they soon learnt the reason for this unexpected trend. “While Turkey’s government is secular and tolerant, many people in Turkey are not, and they see these escort agencies as emblematic of everything that’s wrong in their society. So the sites were frequently attacked and brought down. That’s where we came in.”

    So, in essence, LulzSec benefited directly from efforts by conservative Turks to stop their louche countrymen from visiting escorts. And that, for Prince, is the beauty of CloudFlare’s model. By sharing the lessons learnt from one attack with the entire network, everyone can benefit and be better protected.

    How does CloudFlare work? At the simplest level it’s a “reverse proxy” — all traffic to your sites is routed via their systems, which allows the company to see attacks coming and mitigate against them. This “light touch” model allows it to process huge amounts of traffic — 80bn page impressions per month or 1bn per employee. Prince estimates that 25% of all Web traffic travels through CloudFlare at some point.

    But why is Prince daring to reveal these secrets, and possibly bring the wrath of the hacker community down on CloudFlare? He asked them first, of course, and eventually received a laconic e-mail: “You have my permission. — Jack Sparrow.”

    On the topic of whether CloudFlare should have blocked LulzSec from using its services, Prince is quite philosophical. “We’re not going to play the censor — it’s not our role.” For Prince that kind of thing represents a “slippery slope” that he feels services like CloudFlare should avoid at all costs.

    And what of LulzSec? The hacker collective dissolved just as quickly as it formed, announcing on 26 June 2011 that it was ceasing operations. For Prince the turning point was obvious “when LulzSec knocked Minecraft offline, public sentiment turned against them. Don’t mess with the gamers.”  — Alistair Fairweather, TechCentral

    • Subscribe to our free daily newsletter
    • Follow us on Twitter or on Google+ or on Facebook
    • Visit our sister website, SportsCentral (still in beta)
    CloudFlare Lulz Security LulzSec Matthew Prince
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleLight: the final (communications) frontier
    Next Article Datatec set to crack $5bn in sales

    Related Posts

    Management shake-up at TymeBank – including a new CEO

    24 May 2022

    Standard Bank CEO apologises for weekend downtime

    24 May 2022

    South Africa fifth in Africa for blockchain funding

    24 May 2022
    Add A Comment

    Comments are closed.

    Promoted

    Generalists tend to outperform specialists when the going gets tough

    24 May 2022

    Vodacom champions innovation acceleration in Africa

    23 May 2022

    Kyocera answers top 10 questions on enterprise content management

    23 May 2022
    Opinion

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    From spectrum to roads, why fixing SA’s problems is an uphill battle

    19 April 2022

    How AI is being deployed in the fight against cybercriminals

    8 April 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.