Sun website hacked by LulzSec as News International crisis deepens

The hack, which apparently took place late last night, saw the Sun portal re-routeing to a rogue site - - with a hoax story saying that Rupert Murdoch had been found dead in his garden.

Shortly after this, LulzSec claimed responsibility via its Twitter account, although some newswires note that LulzSec disbanded itself late last month following police investigations.

The BBC newswire says that the attack on the Sun website "has LulzSec's fingerprints all over it, with the combination of a mischief-making news story, and a target that is seen as being involved in corporate wrongdoing."

The BBC also reports that the Times website and the News International corporate website were taken down by the company as a precaution on Monday evening.

Commenting on the Sun site hack, John Stock, senior security consultant at vulnerability management specialist Outpost24, said that, given the huge media frenzy surrounding today's impending Common's committee meeting and News International's fate, this latest breach by LulzSec couldn't have come at a worse time for the beleaguered organisation.

"This is the latest breach by LulzSec of a large organisation with Sony and Nintendo previous targets. The hacking group has, however, now turned its attention to focus directly on Rupert Murdoch with the sinister warning `you are next'," he said.

According to Stock, for an organisation that has relied on exclusives and scoops, you would have thought that News International would have had tighter security measures in place to protect itself from this latest line of attack.

"Website hacks are becoming an all too frequent occurrence and unless organisations start taking this problem more seriously, we will continue to witness the dire consequences of a failure to truly lock down all systems", he noted.

Russell Poole, security director of IT services company 2e2, meanwhile, said that this just one in a long list of recent high profile hacking incidents.

"It's clear that organisations with a substantial online presence are being targeted by hackers. These incidents will only increase", he said, adding that any organisation whose business is heavily reliant on their websites should be reviewing their security policies.

They should also, he went on to say, review their security procedures and carry out further penetration testing to evaluate the potential risks they face.

"Hackers are becoming more sophisticated and targeted and so we need to be more vigilant, with individuals across any organisation being reminded of what they need to do to comply with security policies", he explained.

According to Poole, where in the past attacks were very general in nature, we are now seeing hacking groups focusing their attentions on specific organisations.

"They are using multiple methods, including social engineering, to get information about certain individuals and then use this information to access corporate systems. Essentially, hackers are constantly evolving their weapons of attack, the challenge for businesses is to stay one step ahead", he said.

What’s hot on Infosecurity Magazine?