Following hacker group LulzSec's call for war on all government websites, the Homeland Security Department, which protects U.S. private and civilian agency networks, said DHS is proceeding with work to secure .gov networks in response to emerging online threats.
The group of unidentified pranksters on Monday claimed responsibility, in a tweet, for flooding the website of the United Kingdom's Serious Organised Crime Agency with useless traffic that knocked the site offline throughout the day. The site was not loading as of 8:00 p.m. Eastern Daylight Time.
A message purportedly from the hackers that posted Sunday said it is "declaring immediate and unremitting war" on government sites.
Under Operation Anti-Security, "top priority is to steal and leak any classified government information, including email spools and documentation," the note continued, adding that LulzSec encourages "the flaunting of the word 'AntiSec' on any government website, defacement or physical graffiti art."
During the past month, LulzSec -- lulz is Internet slang for laughter, usually at someone else's expense, and sec stands for security -- has been taking credit for hijacking sites to poke fun at their weak protections, including those belonging to Sony, PBS and the U.S. Senate. New this time is the threat against all government websites and a specific call to expose secret government information and vandalize web pages.
On Monday evening, a DHS official said the department, along with partner federal agencies, will continue operations to secure the .gov domain in response to evolving cyber threats.
After LulzSec and another hacktivist group named Anonymous recently ramped up efforts to knock sites offline, Homeland Security late last week issued guidance for businesses and agencies on defending against such "distributed denial of service attacks."
The fact sheet advises developing a checklist of mitigating actions to take during a DDOS, as well as having on hand contact information for Internet service providers and web hosting services. "Be familiar with the services your ISP might offer to mitigate a DDoS such as, temporarily increasing your bandwidth, switching your [network] address and blocking attacking [network] addresses," the guidance stated.
Monitoring daily traffic and typical system performance for signs of increased traffic or subpar service can be a major help in detecting attacks early, the notice adds. The fact sheet recommends separating critical data from public online services.