What's a little laughable about this charge is that LulzSec openly admitted doing exactly what the FBI says it did when it issued its press release for the so-called Sownage attack:

Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?

To give you some idea of the extent of the SQL injection problem (or SQLi in the industry lingo), a report out Tuesday from the security firm Imperva found that Web applications it observed since July "suffered on average 71 SQLi attempts an hour." Lay people can learn SQLi in a few hours through tutorials like this one, and can sign up with hidemyass.com or a site like it in minutes. Though it should be noted that that particular proxy server doesn't appear to have done a very good job of hiding Kretsinger.

The ease with which SQLi attacks can be learned and carried out, and the allure of being part of what the U.S. Attorney's office calls "elite computer hackers," combined to create a powerful draw for many online who participated in LulzSec and Anonymous attacks. As we pointed out in July, some who participated in the attacks weren't very savvy at all. Kretsinger faces 15 years in prison for the Sony breach, and according to CNET, federal agents carried out more search warrants in New Jersey, Minnesota, and Montana on Thursday. There could be several more LulzSec arrests and indictments coming in the near future.

This article is from the archive of our partner The Wire.