FBI Takes Down Servers in Quest for LulzSec Hackers


The New York Times broke the story yesterday that the FBI had seized a number of servers from a datacenter located in Reston, Virginai, owned by web hosting provider DigitalOne (offline at press time). According to the New York Times story, the FBI reportedly had information that some of the servers at DigitalOne were used by the hacker group LulzSec, so the agency raided the facility in the early morning hours of Tuesday, June 21st.

I find this news interesting for three reasons: To begin with, this raid signifies that LulzSec has managed to finally draw the ire of the likes of the FBI, CIA, Britain's Serious Organized Crime Agency (SOCA), and a number of other government agencies throughout Europe. All the aforementioned groups are reportedly working together to bring down LulzSec.

Secondly, initial reports surfacing about the DigitalOne raid raises some disturbing questions about the apparently destructive methods used by the FBI to confiscate servers used by LulzSec. While the data and information the FBI sought was located on a specific server, the agents involved reportedly pulled three entire enclosures of hardware from the data center, impacting dozens of DigitalOne clients who are unaffiliated with LulzSec and innocent of any wrongdoing.

Finally, that overly aggressive seizure of datacenter hardware by the FBI begins to cast further doubt on companies that are considering moving parts of their IT infrastructure into the cloud. What happens if you have critical business information co-located at a hosting provider, and the FBI or other government agency decides to seize the hardware? Windows IT Pro contributor David Chernicoff has a excellent post on this topic over at ZDNet, and any IT administrator considering the cloud for their IT resources would be wise to read it.

So what are your thoughts on the FBI raid of DigitalOne? Does the FBI's desire to stop LulzSec trump the rights of innocent parties who suffered due to their seizure of DigitalOne hardware? And what does this mean for cloud computing adoption? Let me know what you think by adding a comment to this blog post or by starting up a conversation on Twitter.

Discuss this Blog Entry 5

on Jun 24, 2011
Thanks for the comments, everyone. @jtorri: You make some very good arguments, and I'm not faulting the FBI at all for taking action. But innocent businesses who had absolutely nothing to do with LulzSec were harmed by this action. You don't have to take my word for it -- read what Instapaper's founder had to say about the raid knocking out his business in his own words here: http://blog.instapaper.com/post/6830514157 And I don't think I've ever had any divine inspiration, but I'll be sure to write about it if I do. ;) @mmcginty: Agreed - I'm sure many people may start to re-examine any co-hosting/co-location/cloud arrangements they have, and see if those agreements include a provision for incidents like this, and how those things are handled. @tmullenaux: Ha! I thought about that as well before posting, but the word "Quest" seemed to be the best word choice there.
on Jun 23, 2011
Using this as reason that cloud computing is flawed is a pretty big stretch. Hacking can and does happen to everyone - better to have the professionals dealing with it. Also, DR is one reason to go to the cloud. I assume removing some servers (or even an entire data center) would trigger that process. PS: At first, I thought "Quest" in the subject meant the company Quest.
on Jun 23, 2011
Yep - This is but ONE of the several reasons we are going to be one of the last to move to cloud computing. FBI right/wrong really does not matter. The fact is, several innocent companies are not able to do business. If you will look beyond the hype of cloud computing, you may realize that it is being pushed by those who have the most to gain. It's just another cash cow. Do what you want, but I think the conscientious IT manager will let the "cloud" mature for a few years before jumping in.
on Jun 23, 2011
Cloud shmoud, I'm so sick of that buzzword. Co-location facilities have been around for years and years, and that's specifically what this is about. The hacker group likely wasn't using any "cloud" services at all, they were probably using a dedicated host or virtual, or maybe even just web hosting on a shared server. I do think the FBI went at least a little overboard, but I have to wonder about the back-stories. Maybe DigitalOne was less than cooperative, maybe the FBI didn't think they did enough to help them isolate the hacker's resources? Maybe DigitalOne's internal security failed to contain the hacker's resource utilization? Who knows? I think the impact on innocent users of DigitalOne's services speaks poorly for both DigitalOne and the FBI. Co-location providers cannot turn a blind eye to the activities of their subscribers, and they must go the extra mile to assist law enforcement when they need to isolate a suspect subscriber. One last thing about those innocent subscribers, any of them that don't have sufficient backups to hit the ground running after being reprovisioned by DigitalOne, or contracting with another provider, deserve to be shut down by virtue of ignorance. Any that stayed down longer than DNS propagation delay have only their IT staff/budget to blame. Trust the job of hosting your Internet presence, sure, but never your ability to create it.
on Jun 23, 2011
"Overly aggressive"? Really, Jeff? Without being involved in the details of this event it seems you have formed a specific opinion. How? Divine inspiration, perhaps? I assume you are convinced DigitalOne, an organization whose goal is to profit financially from its endeavors assumes some responsibility for the harm inflicted to others through the use of its facilities. Or do you not? Put another way, if DigitalOne had handled the threat itself there would have been no need for anyone else to be involved. Seems that would have been the simpliest solution for all. However, had you added that question to your "reporting" there would have been no victim and no evil empire. And without a victim and an evil empire, where's the drama? What technology did DigitalOne either not employ or employ inadequately that could have avoided the questions you raise entirely? Seems to me WindowsITPro has some expertise and experience in that arena. You know, specific solutions to specific challenges. Surely you understand useful solutions the challenges faced by organization like DigitalOne will involve more than 144 characters to resolve. And resolving challenges is the goal of WindowITPro, isn't it? BTW, Jeff, in this remarkable nation we are the government. But then, if one accepts that reality who are we to blame for our all too human, all too predicatable mistakes? And what, how what, do we then do with our righteous indignation?

Please or Register to post comments.

What's Security Blog?

Security news, views, product reviews, and solutions for Microsoft Windows IT professionals.

Blog Archive

Sponsored Introduction Continue on to (or wait seconds) ×