Australian police have arrested a "well-respected" IT security professional and self-proclaimed leader of an international hacking ring after he allegedly infiltrated a government website earlier this month.
The 24-year-old man, from Point Clare on the NSW central coast, claims to be a leader of the international hacking group LulzSec.
LulzSec, an abbreviation of ''lulz'' (laughs) and security, was formed in 2011. The group has claimed responsibility for multiple high-profile cyber attacks, including against Sony, Rupert Murdoch's News International, the CIA and other government organisations. They are also associated with prominent international hacking group Anonymous.
The man, known online as AusShock, is a "well-respected" IT professional who works at the Sydney branch of an international security IT company, where he had access to sensitive information from clients, including government agencies, police said.
He used this information to gain access to and deface a government website from his computer, which has been seized by police. Police would not confirm details of the hack or the website, but said that it was not a federal government site.
"He took advantage of a commonly-known exploit to access the [website], and then put a back door in so that he could gain further access to the website and also posted other things on that website", said Detective Superintendent Brad Marden of the AFP.
Despite gaining access to the site, the man is not thought to have accessed personal private information stored on the site.
"We are not dealing with small petty crime here," said Commander Glen McEwen, manager of cyber crime operations at the AFP. "The potential for such access has huge ramifications for society."
"The potential for damage is immeasurable. This is not harmless fun. This is serious."
The man appears to have been working alone, police said, but has been involved with LulzSec for some time, and his multiple claims to be a figurehead there did not go unchallenged by other members of the online community.
The Australian Federal Police said his arrest at work on Tuesday evening in Sydney was the first by the AFP of a LulzSec member.
In the United States last week, Lulzsec hacker Cody Kretsinger, 25, pleaded guilty to a computer breach of Sony Pictures Entertainment and was sentenced to one year in prison and community service.
In April, 26-year-old British Lulzsec hacker Ryan Ackroyd pleaded guilty to cyber attacks on Sony, Nintendo, News International and the Arizona State Police.
The AFP said they arrested the Australian man less than two weeks after discovering his online activities as part of ongoing investigations into cyber crime. He is alleged to be known to international law enforcement agencies.
He was released on bail on Tuesday evening and will face court in May on charges of unauthorised access and modification to restricted data.
- FFX Aus