Though many safety consultants angrily railed in opposition to the media’s portrayal of Lizard Squad as “subtle,” individuals grudgingly got here to just accept that the Christmas assault did have a huge impact on cybersecurity and the gaming business. There’s little doubt that this was not the group’s motive—regardless of their clumsy makes an attempt to say so in interviews. But it surely was a wake-up name. Safety web site SecurityAffairs wrote a “classes discovered” piece by dissecting my interview with Kivimäki. Many individuals thought-about Lizard Squad script kiddies, they wrote, including, “This strategy is completely improper.”
The dimensions of the assault unleashed on that day can be shrugged off by most fashionable websites, however DDoS assaults are nonetheless commonplace and are getting extra highly effective. Costly safety providers are actually essential for any group that should keep on-line.
The assaults additionally began one thing of a cybercrime development. In 2024 Europol unveiled a world regulation enforcement operation to take DDoS providers down in December: “The festive season has lengthy been a peak interval for hackers to hold out a few of their most disruptive DDoS assaults, inflicting extreme monetary loss, reputational harm, and operational chaos for his or her victims,” the group mentioned in a press release.
On the time of Lizard Squad’s assaults, most people was shocked. Regardless of Lizard Squad being on the tail finish of a wave of teenage hacking teams within the 2010s, there was little consciousness of the ability that may very well be wielded by these in any other case novice attackers. There might need been a obscure feeling within the zeitgeist that “hackers in hoodies of their bedrooms” have been more and more inflicting issues, however this assault was fast, unmissable, and straightforward to know. It was in fact additionally straightforward to get indignant about. Over the subsequent couple of days I got here again to the story with follow-ups concerning the fallout as different Lizard Squad members spoke to YouTubers concerning the so-called “drama.” However the huge factor the newsroom saved asking me was, When would these youngsters be arrested?
Vinnie Omari was the primary. On New Yr’s Eve he was raided by the South East Regional Organized Crime Unit, which collared him on suspicion of cyber fraud offenses dedicated in 2013 and 2014. It appeared just like the raid was for different alleged offenses involving PayPal fraud, however the search warrant, which later surfaced on-line, additionally referenced the Christmas DDoS assaults. “They took every little thing: Xbox One, telephones, laptops, laptop USBs, and many others.,” Omari advised reporter William Turton from the Day by day Dot. He was later cleared of any involvement.
After Omari’s arrest, different Lizards have been taken out too. On January 16, 2015, police introduced that that they had arrested an 18-year-old in Southport, close to Liverpool. They didn’t give a reputation, however reporters on the Day by day Mail recognized him: “The ‘quiet’ teenager, named regionally as Jordan Lee-Bevan, was arrested throughout a raid at his semi-detached dwelling in Southport, Merseyside, at the moment, with officers seizing computer systems as he was taken away in a police automotive.”
In 2016 teenager Zachary Buchta from Maryland was additionally arrested for his function in Lizard Squad and one other group referred to as PoodleCorp. As a boy he had been warned in 2014 about his prison path by police who had caught him finishing up minor cybercrime exercise. However he was undeterred and even modified his Twitter profile at one stage to @fbiarelosers to taunt the cops.