In it for 'the lulz'

The English language is a fluid thing interpreted differently by speakers from different lands. Its beauty is its flexibility: bad or broken English can be just as effective at communicating as fluent English.

The language is flexible enough that slang and loanwords can be incorporated (dictionaries are usually updated annually). But no traditional dictionary can incorporate "Internet/SMS-speak," where numbers of characters substitute for letters, and words are misspelled on purpose. If u dun no wat "l33t speak" is, ask a 15-year old.

One term may make into Oxford and Webster's though: "lulz." Its etymology is simple: "LOL" is an acronym for "laughing out loud" many of us have used in digital communication. Change the vowels and plural spelling and you have "the lulz" (laughs). It means doing something purely for amusement: being "in it for the lulz."

As kids, we all did things for "the lulz"--it might have been something like a practical joke, kidding our friends, and as we grew into teenagers, maybe something more serious like shave our own or someone else's head (with or without their consent). It might have gotten us into trouble, but no one got hurt.

When Net-hacks first started, it was "script-kiddies" in it for fun. But the game changed to organized criminal-gangs like the Russian Business Network deploying DDoS attacks to extort money from shady Web sites (gambling and porn), getting moderate payments and moving on. Now we've got a new breed of cybermonster to deal with.

I'm talking about Lulz Security, aka LulzSec, who seem a generation of short-attention-span hackers who enjoy making life hell for people. Although it's be painful, crude, and nasty, I encourage everyone involved in computer security to read their "manifesto" at:

No excerpts do justice, but I'll try: "[This is] what appeals to our Internet generation...we want our shot of entertainment or we just go and browse something else, like an unimpressed zombie...we release personal data so that equally evil people can entertain us with what they do with it...this is the Internet, where we screw each other over for a jolt of satisfaction."

For years, people have talked about the "dark alleys" of the Internet. With this document, LulzSec turns a spotlight down those alleys so we can see the ugliness. Why? LulzSec writes: "We'll continue creating things that are exciting and new until we're brought to justice, which we might well be. But you know, we just don't give a living f**k at this point - you'll forget about us in 3 months' time when there's a new scandal to gawk at, or a new shiny thing to click on via your 2D light-filled rectangle."

Perhaps we've reached a new inflection point of nihilism: something the old-school nihilists (Nietzsche, Schopenhauer, Kant) would never understand. A generation of youngsters who grew up with 24-hour TV coverage of terrorist-bombings, now compounded by global economic distress. They watch grisly crime shows and romantic dramas about cute vampires. Yes, these arguments have been made before, but we have never seen anyone TAKE DOWN the Sony PlayStation Network AND hack into secure military sites before. And why do they do it? For "the lulz."

Regrettably, despite their high-profile, amorphous organizations like LulzSec may be harder to stop than might be expected. As they brag in their manifesto: "People who can make things work better within this [2D light-filled] rectangle have power over others; the whitehats who charge [US]$10,000 for something we could teach you how to do over the course of a weekend, providing you aren't mentally disabled."

Join the CSO newsletter!

Error: Please check your email address.

Tags securitydata breach

More about etworkSony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stefan Hammond

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts