On June 26th, LulzSec faded back into the woodwork, ending their hacktivity with “50 days of lulz,” in which they leaked internal data from AOL, AT&T, the FBI, gaming forums, NATO bookshop, and navy.mil, among others. The leak marked the end of the Lulz Boat’s “planned 50 day cruise,” leaving its 6-member crew to “now sail into the distance, leaving behind–we hope–inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love. If anything, we hope we had a microscopic impact on someone, somewhere. Anywhere” (LulzSec).
This begs the question I’ve been dodging forever: does spectacle, ultimately, constitute impact? What did X, Y, or Z actually do? Apart from gathering numerous followers, supporters, and participants, LulzSec’s antics have impacted the way organizations view cybersecurity, drawing statements from NATO and prompting the Obama administration to propose stricter anti-hacking laws. (This is one year after the Australian government proposed that DDoS and script hacks be termed “cyber-terrorism” following Operation Titstorm, so that their import could be easily recognized. Notably, these attacks were performed in response to ISP-level censoring measures proposed by the government that year.)Continue reading