According to Chinese spokespeople for Lenovo, a hack occurred and the notorious Lizard Squad group was quick to claim it. This came on the heels of the US Department of Homeland’s Security warning that Lenovo computers have been installed with Superfish software, which makes systems susceptible to cyberattacks via SSL spoofs. In short, hackers can redirect traffic geared at “real” websites while also being able to read traffic that’s encrypted. This isn’t a rare attack for Lizard Squad, which has claimed breaches at Electronic Arts and PlayStation, Xbox Liver recently.
Lenovo reports that hackers got into the DNS and began turning visitors to a spoof Lenovo website. Simultaneously, internal Lenovo emails were read. In order to claim fame to this hack, Lizard Squad posted on Lenovo’s Twitter site about removing Superfish software. Two hours after the Twitter post, Lenovo website visitors began seeing a slideshow set to the soundtrack of High School Musical. However, less than 20 minutes later the site was returned to normal—although the music persisted. One hour later, it appears Lenovo had regained total control of their site.
Many hackers zero in on websites simply to showcase a vulnerability or exert power without intending to harm anyone. This may be the MO of Lizard Squad. The anonymous hacker group spokesperson, “King Ryan”, told Forbes in an instant message that, “We hijacked the DNS, pointed it at CloudFlare, but I didn’t keep any logs so Kentucky police can’t arrest me.” According to Lizard Squad, he gained Lenovo access from a stolen password but that hasn’t been confirmed. “I’m reading their email right now,” King Ryan told Forbes.
However, white hack hacking experts think it’s more feasible that hackers compromised DNS servers to send internal messages to the hacker’s systems instead. The Verge dug deeper, and found that the site’s source codes while the hacking was taking place was, “the new and improved, rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey.” These two, both hackers, have been linked with Lizard Squad in the past. However, Lenovo seems to be moving forward and has since issued a statement that everything is restored. “We regret any inconvenience that our users may have if they are not able to access parts of our site at this time,” they had posted during the attack. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information and experience.”
Thus far, Lenovo hasn’t said exactly how they will prevent such attacks in the future. However, it has been stated that, “We are also working proactively with third parties to address this attack and we will provide additional information as it becomes available.” Lenovo has already been publicly blasted for putting Superfish in their computers in the first place, and it’s likely that Lizard Squad was trying to bring this adware to the public’s attention. It’s no secret that China is deep in censorship mode, as well as cyber-sovereignty, and some are wondering if Chinese-created technology meets the privacy standards of other countries.
Following the attack, but unrelated as far as experts now, China stopped accepting a number of US-based company technology such as Cisco into the mainland. In February 2015, there were additional restrictions placed on tech providers which demanded source codes were released. Already, some countries in Europe are feeling the impact from such strict restrictions with the European Chamber of Commerce stating there has been a 15 percent spike in businesses claiming Chinese laws were effecting business.