Though many safety specialists angrily railed towards the media’s portrayal of Lizard Squad as “refined,” folks grudgingly got here to just accept that the Christmas assault did have a big effect on cybersecurity and the gaming trade. There’s little doubt that this was not the group’s motive—regardless of their clumsy makes an attempt to assert so in interviews. But it surely was a wake-up name. Safety web site SecurityAffairs wrote a “classes realized” piece by dissecting my interview with Kivimäki. Many individuals thought-about Lizard Squad script kiddies, they wrote, including, “This strategy is completely improper.”
The scale of the assault unleashed on that day can be shrugged off by most fashionable websites, however DDoS assaults are nonetheless commonplace and are getting extra highly effective. Costly safety companies at the moment are essential for any group that should keep on-line.
The assaults additionally began one thing of a cybercrime pattern. In 2024 Europol unveiled a world legislation enforcement operation to take DDoS companies down in December: “The festive season has lengthy been a peak interval for hackers to hold out a few of their most disruptive DDoS assaults, inflicting extreme monetary loss, reputational injury, and operational chaos for his or her victims,” the group said in a statement.
On the time of Lizard Squad’s assaults, most of the people was surprised. Regardless of Lizard Squad being on the tail finish of a wave of teenage hacking teams within the 2010s, there was little consciousness of the facility that might be wielded by these in any other case novice attackers. There may need been a obscure feeling within the zeitgeist that “hackers in hoodies of their bedrooms” have been more and more inflicting issues, however this assault was fast, unmissable, and straightforward to grasp. It was in fact additionally straightforward to get offended about. Over the subsequent couple of days I got here again to the story with follow-ups concerning the fallout as different Lizard Squad members spoke to YouTubers concerning the so-called “drama.” However the huge factor the newsroom stored asking me was, When would these youngsters be arrested?
Vinnie Omari was the primary. On New Yr’s Eve he was raided by the South East Regional Organized Crime Unit, which collared him on suspicion of cyber fraud offenses dedicated in 2013 and 2014. It regarded just like the raid was for different alleged offenses involving PayPal fraud, however the search warrant, which later surfaced on-line, additionally referenced the Christmas DDoS assaults. “They took all the things: Xbox One, telephones, laptops, pc USBs, and many others.,” Omari advised reporter William Turton from the Day by day Dot. He was later cleared of any involvement.
After Omari’s arrest, different Lizards have been taken out too. On January 16, 2015, police introduced that they’d arrested an 18-year-old in Southport, close to Liverpool. They didn’t give a reputation, however reporters on the Day by day Mail recognized him: “The ‘quiet’ teenager, named domestically as Jordan Lee-Bevan, was arrested throughout a raid at his semi-detached residence in Southport, Merseyside, in the present day, with officers seizing computer systems as he was taken away in a police automotive.”
In 2016 teenager Zachary Buchta from Maryland was additionally arrested for his function in Lizard Squad and one other group referred to as PoodleCorp. As a boy he had been warned in 2014 about his legal path by police who had caught him finishing up minor cybercrime exercise. However he was undeterred and even modified his Twitter profile at one stage to @fbiarelosers to taunt the cops.
