IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NCA site hit bit Lizard Squad following arrest of six teenagers

Downtime follows in wake of DDoS arrests linked to sales of Lizard Squad's Lizard Stresser software

Arrest

The National Crime Agency's (NCA) website was knocked offline yesterday in a DDoS attack by Lizard Squad. 

While the site is now back online (and was yesterday), an NCA spokesperson told the BBC that the agency is an "easy target." 

"DDoS is a blunt form of attack which takes volume and not skill," the spokesperson added, whilst reitterating it hadn't been hacked, just taken offline. "It isn't a security breach, and it doesn't affect our operational capability. At worst, it is a temporary inconvenience to users of our website," the spokerson said. 

An NCA statement issued to the Guardian also referred to such attacks as a "fact of life" but claimed the agency had measures in place that meant it would usually be able to recover and be back online in around half-an-hour following such issues. 

The Lizard Squad also tweeted 'New weapon coming soon' yesterday and, last week, suggested via Twitter it would release a free version of Lizard Stresser to make it more widely available in the wake of the NCA raids. 

The DDoS attack follows news that British Police had arrested six people involved in Lizard Stresser DDoS attacks, because the group behind the software used - Lizard Squad - didn't encrypt the details of their users.

Those being investigated range from ages 15 to 18 and all bought software used to hack with Bitcoins. Most of the group - from Huddersfield, Manchester, Milton Keynes, Northampton and Stockport - have now been released on bail.

Security researcher Graham Cluely wrote on the We Live Security blog: "What I think is most notable about these details is that it is teenagers who are instigating denial-of-service attacks, attempting to bring down sites to disrupt businesses and organisations, presumably with mayhem in mind rather than money-making."

Lizard Stresser users may have thought their purchases were anonymous, however the fact these people were arrested shows that the authorities will uncover their identities eventually, according to Cluely. The details were uncovered because the software's creator Lizard Squad stored its users' details in plain text.

The NCA has an additional 50 addresses of those thought to have used the DDoS tool and plans to investigate accordingly, despite the authorities saying they may not have actually used LizardStresser to attack websites.

"Acts of unlawful internet behaviour are seen by many of the average public as not being punishable or very rarely caught," said Mark James, security specialist at ESET.

"It is instances like this that should make those involved step up and understand it is a crime to participate in this type of activity, and your anonymity on the web cannot be guaranteed. It's just a matter of time and resources before you are caught."

LizardStresser was used to take down the Playstation and Xbox Live networks on Christmas Day last year.

This article was originally published on 31/08/15 and was updated on 02/09/15

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021
TikTok phishing campaign tried to scam over 125 influencer accounts
social media

TikTok phishing campaign tried to scam over 125 influencer accounts

18 Nov 2021
Alibaba ECS instances targeted in new cryptojacking campaign
cryptocurrencies

Alibaba ECS instances targeted in new cryptojacking campaign

16 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022