A computer nuisance who is part of a group that has disrupted Maine websites for three days in a row is likely a socially maladjusted, lonely young male seeking to impress others.

Glenn Wilson, director of the Maine Cyber Security Cluster and an associate research professor at the University of Southern Maine, said that based on the attacker’s destructive actions and boastful tweets, the group is likely composed of low-skilled cybercriminals often referred to as “script kiddies.” They are so named because they use existing computer scripts developed by more advanced hackers and lack the expertise to write their own.

According to Lee Munsen, a writer on hacker culture who has contributed extensively to the website Security-FAQs.com, the typical profile of a script kiddie is “a 14- to 28-year old white male, usually intelligent but academically underachieving.”

“They often lack social skills, are loners (in the United States) and show poor judgment and impulse control,” Munsen wrote. “Where a hacker may work for days or weeks to solve a particularly difficult problem, a script kiddy lacks the discipline to even begin to become a competent programmer and so depends on code written by real hackers.”

Munsen and Wilson are referring to a group of online attackers targeting the Maine.gov website who on Wednesday broadened the scope of its attacks to include news, tourism and government sites.

Meanwhile, a Twitter user going by the name of Vikingdom2015 and claiming to represent the hackers issued a stream of taunts, threats, insults and profanities until Twitter suspended the user’s account Wednesday afternoon.

“Maine.gov mitigated our attacks, but we’ve got something special for Maine,” the user wrote. “YOU’R (sic) ALL GOING TO FREAK OUT!”

Before the suspension, Vikingdom2015 indicated via tweets that the group was conducting the attacks for fun and to demonstrate its cyberattacking prowess. The self-described hacker also claimed to have “successfully installed (a) hidden (Internet Protocol address) logger” inside the Maine.gov website, which was attacked Monday, Tuesday and Wednesday. The Twitter user posted Internet addresses that the group claimed to have captured from users who visited Maine.gov, and vowed to shut down each of them for 10 minutes.

But LePage administration spokesman Alexander Willette said Vikingdom2015’s claims appear to be bogus.

“We really investigated that,” Willette said. “There is no indication that that is accurate.”

Sites that appeared to have been shut down temporarily Wednesday morning as a result of the attackers included wabi.tv, the website of WABI TV5 in Bangor, and the Bangor municipal website, bangormaine.gov. Both sites were working again by 10:45 a.m. Wednesday.

Maine.gov, the central Internet portal for Maine state government offices, was down intermittently in the late morning and early afternoon. FoxBangor.com, the website for Bangor’s Fox and ABC affiliate stations, was shut down intentionally by its owners shortly after noon to avoid an attack, according to its Facebook page.

“To save ourselves from a hacking attack from someone we know nothing of, we have preemptively taken down our website,” it said. “We will have more about this hacker that goes by @Vikingdom2015 on Twitter tonight at 6 p.m.” The site remained down as of 3:45 p.m., but was back up by early evening.

Vikingdom2015 also claimed to have temporarily shut down a portion of the Bangor Daily News website along with visitmaine.com, the website of the Maine Office of Tourism, but neither site appeared to have been affected by the alleged attacks.

Websites in other states, including Connecticut and Tennessee, also were targeted Wednesday by the group.

Maine.gov was disabled for about three hours Monday and 2½ hours Tuesday, the target of seemingly random attacks on state government and other websites.

As a result, residents and businesses were temporarily unable to access online services to, for example, apply for a state license, register a vehicle or search incorporation papers and other public documents.

The hackers used a method of attack on the Maine.gov website known as distributed denial of service, or DDoS, according to Willette.

A DDoS attack involves flooding a website with thousands of repeated requests for data, causing it to become overwhelmed and stop working. Cybersecurity experts said that such attacks are difficult to prevent but usually can be thwarted relatively quickly after they begin.

Vikingdom2015 initially listed his location as Russia, but later acknowledged he was not in that country. His actual location is unknown.

Wilson, of the Maine Cyber Security Cluster, described Vikingdom2015’s claim that the group was able to infiltrate the Maine.gov website and capture visitors’ IP addresses as “pretty fishy.”

He said DDoS attacks are relatively unsophisticated and are not designed to infect a website with malicious software or extract user data.

“By definition, DDoS attacks are really much more about just creating a nuisance,” Wilson said.

Regardless of the intended purpose, LePage spokesman Willette said the group has committed a series of crimes and can expect to be investigated by “state and federal authorities,” although he did not know specifically which agencies.

In the meantime, Wilson said computer users in Maine should continue to protect themselves from online threats by using strong passwords and making sure all of their software is up to date.

“It’s just good cybersecurity hygiene,” he said.

J. Craig Anderson can be contacted at 791-6390 or:

canderson@pressherald.com

Twitter: jcraiganderson

Copy the Story Link