A 19-year-old man alleged to have hacked into companies and intelligence agencies around the world was arrested Tuesday in Wickford, England by Scotland Yard and the FBI, according to British police.
The police would not confirm whether the suspect was connected to a hacking group called Lulz Security, but the arrest took place days after LulzSec took credit online for bringing down the CIA's website, the most recent major security breach the group allegedly accomplished.
"Do you feel safe with your Facebook accounts, your Google Mail accounts, your Skype accounts?" said LulzSec in a letter posted Friday. "You are a peon to these people. A toy. A string of characters with a value."
The CIA breach was just one in a string of high-profile hack attacks by loosely-organized shadow groups such as Lulzsec and Anonymous, including the websites of Sega,SonyCitibank and the U.S. Senate. Their websites have all been hit by hackers now. In Sega's case, the firm said over the weekend the attackers got access to account information for 1.3 million users.
Will today's arrest make a difference? LulzSec, which has attracted more than 200,000 followers on Twitter, put up a post today: "Seems the glorious leader of LulzSec got arrested, it's all over now... wait... we're all still here! Which poor bastard did they take down?" LulzSec, which often tweaks the corporations and governments it claims to have victimized, calls itself "the world's leaders in high-quality entertainment at your expense."
Hacking -- once seen as the pastime of geeky teenagers who didn't have better things to do with their technological skills -- has apparently ballooned in just the last few weeks or months. Google's Gmail service was attacked from somewhere in China. There have been debates over whether cyber attacks from other countries qualify as acts of war.
Security consultants said you, the regular Internet user, are probably safe if you take standard precautions, such as deleting emails from strangers and changing your passwords regularly. Most firms that handle sensitive data, such as credit card numbers, try to stay a step ahead of the intruders. But it's full-time work.
"According to the Senate's Sergeant at Arms, the computer systems of the Executive Branch agencies and the Congress were probed or attacked an average of 1.8 billion times per month last year," said Sen. Susan Collins, D-Maine, after the Senate site was hit. "Congress needs to fundamentally reshape how the federal government works collaboratively with the private sector to address all cyber threats, from espionage and cyber crime to attacks on the most critical infrastructure."
"It feels to me like there are definitely more hacks taking place," said Graham Cluley, who analyzes online trends for the computer-security firm Sophos. In an email to ABC News, he broke the attackers into three types:
"Hacktivists. They may be doing it for laughs, or believe they are making a political point, but they don't have a financial motive."
Genuine criminals. Cluley called them "your regular identity thieves -- interested in stealing identities, credit card detail, because of the money that can be made out of them."
Infiltrators. "These are the hackers who appear to be hacking organizations and government bodies with the intention of stealing sensitive information with -- perhaps -- military or economic motivation," said Cluley. He cited attacks on U.S. military contractors, such as an internal network at the aerospace giant Lockheed Martin.