Government warns of mass hacker attacks (Sunday, July 6)

Associated Press ^ | 07-02-03

[Brian S]

By TED BRIDIS AP TECHNOLOGY WRITER

WASHINGTON -- The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated "contest" that could disrupt Internet traffic.

An early-warning network for the technology industry, operating with the Department of Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.

"We emphasize that all Web site administrators should ensure that their sites are not vulnerable," wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.

Separately, the New York Office of Cyber-Security and Critical Infrastructure Coordination warned Internet providers and other organizations that the goal of the hackers was to vandalize 6,000 Web sites in six hours.

New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.

[norraad]

Duh, if they've already detected the hackers, fight back already, hit'um hard & fast. Can be done, let's roll!

Are you as tired of this pussy footin'w/bullys & scumbags as I am?

"P O W , P O W , P O W !"

- Barney Phiff -

[BullDog108]

Internet Security Systems Current Threat Level

[AdA$tra]

Thank God for the IBM AS/400. Go ahead, make my day.

[Jay D. Dyson]

I'm honestly surprised that Ted Bridis would write this stuff. I've been a source for him on a lot of articles and usually he puts out good copy.

All I can think is that this piece was Editor-driven and it's been a slow news week.

The most ridiculous part of this warning is the claim that it's some sort of "hacker contest" in which the kidiot who nails the most sites gets "500 megabytes of online storage space." What the hell? Even 7-year-old desktops that ran at 133 MHz came with four times that storage capacity!

Sorry...this whole thing strikes me as FUD-mongering. And it stinks on ice.

-Jay

[Johnny Gage]

LOL. AS/400 programmer bump.

[AdA$tra]

RPG?

[Johnny Gage]

RPG, CL, DDS (dspf/prtf/mnu) - primarily green screen software support/build/enhancements.

[taxcontrol]

As someone in the industry I can tell you that it's not the folks grabbing headlines (or putting out alerts) that we need to be worried about.

Cyberspace is a new battle field that few people have the skills to fight effectively. Most are script kiddies who run a command or execute some script that someone else wrote that takes advantage of some known weakness. I liken them to rent-a-cops on the modern battle field. Yes, given the right conditions they could be a problem. But they are not the worry.

There are folks out who are Special Forces level crackers (the correct term). Our own military and intelligence community employ such individuals. Further, our government is not alone. We know others have simular capabilities.

What worries me is the lack of a systematic intelligence gathering capability to monitor and track hacker activity. Currently there is not a NORAD like capability. However, I am aware of efforts to correct the situation.

Such alerts are useful to keep funding for security budgets. But I seriously question their value for cyber security.

[taxcontrol]

Don't get too comfortable. AS/400 has it's vulnerabilities as well.

[Nexus]

New Breed of Trojan Raises Security Concerns (IMMINENT CYBER ATTACK)

Mysterious Net traffic Spurs Code Hunt

Security Experts Name Mysterious Trojan: Stumbler

PING

[FairOpinion]

"I am aware of efforts to correct the situation."

--

I am glad to hear it. From what little I know, I can see that serious hackers are a threat to our national security. I don't know how good Al Qaeda is, but I have read that they found evidence that they were trying to get into US networks, about a year ago.

http://www.washingtonpost.com/ac2/wp-dyn/A50765-2002Jun26


"A forensic summary of the investigation, prepared in the Defense Department, said the bureau found "multiple casings of sites" nationwide. Routed through telecommunications switches in Saudi Arabia, Indonesia and Pakistan, the visitors studied emergency telephone systems, electrical generation and transmission, water storage and distribution, nuclear power plants and gas facilities.

White House and FBI analysts, as well as officials in the Energy and Commerce departments with more direct responsibility for the civilian infrastructure, describe the threat in more robust terms.

"We were underestimating the amount of attention [al Qaeda was] paying to the Internet," said Roger Cressey, a longtime counterterrorism official who became chief of staff of the President's Critical Infrastructure Protection Board in October. "Now we know they see it as a potential attack vehicle. Al Qaeda spent more time mapping our vulnerabilities in cyberspace than we previously thought. An attack is a question of when, not if.

According to officials who read it, the new memo said al Qaeda had "far more interest" in cyber-terrorism than previously believed and contemplated the use of hackers for hire to speed the acquisition of capabilities.

A computer seized at an al Qaeda office contained models of a dam, made with structural architecture and engineering software, that enabled the planners to simulate its catastrophic failure. Bush administration officials, who discussed the find, declined to say whether they had identified a specific dam as a target.

The FBI reported that the computer had been running Microstran, an advanced tool for analyzing steel and concrete structures; Autocad 2000, which manipulates technical drawings in two or three dimensions; and software "used to identify and classify soils," which would assist in predicting the course of a wall of water surging downstream.

To destroy a dam physically would require "tons of explosives," Assistant Attorney General Michael Chertoff said a year ago. To breach it from cyberspace is not out of the question. In 1998, a 12-year-old hacker, exploring on a lark, broke into the computer system that runs Arizona's Roosevelt Dam. He did not know or care, but federal authorities said he had complete command of the SCADA system controlling the dam's massive floodgates."

[FairOpinion]

Thanks for the ping.

I think from the "chatter" that there may be some serious attacks brewing and what you picked up in some chatroom does have some basis in reality.

[Nexus]

MORE

Hackers Rev Up for Weekend Attack

Wed Jul 2, 5:00 PM ET

Paul Roberts, IDG News Service

An international hacking contest scheduled to begin this weekend could disrupt the Internet and cause headaches for organizations worldwide, warn security consultants with Internet Security Systems.

The contest, known as the Defacers Challenge, awards points to malicious hackers who successfully compromise an organization's Web server and deface its Web pages.

Contest Rules

ISS became aware of the contest last week while monitoring Web sites and Internet Relay Chat (IRC) channels frequented by malicious hackers who specialize in defacement, according to Peter Allor, manager of X-Force Threat Intelligence Services at ISS.

Rather than focusing on the amount of defacement, the Defacers Challenge is set up to reward the skill of malicious hackers who can compromise sites. The contest targets servers running nonstandard or less frequently used operating systems like the Apple Macintosh (news - web sites) and such Unix (news - web sites) variants as IBM AIX and Hewlett-Packard HP-UX.

Contest organizers have even set up a Web site that outlines the rules of the game. It provides a point system for compromised machines and spells out guidelines for what counts as valid defacement. Windows servers count for 1 point, while HP-UX and Macintosh servers count for 5.

The objective is to deface 6000 Web sites. Organizers are offering a prize of free Web site hosting to the malicious hacker who can reach that goal first or accumulate the greatest number of Web sites in trying to do so, according to information on the site.

The Defacers Challenge is scheduled to begin on July 6 and last for 6 hours, though information on the exact time of the contest has not yet been released, Allor said.

ISS does not know which hacker or group of malicious hackers is responsible for organizing the challenge.

Caution Urged

Though the contest and Web page may be a joke, ISS has noticed an increase in reconnaissance and probing scans of Web sites that may be connected to the contest, Allor says.

Malicious hackers may be scouting out high-value systems, or even compromising them in advance so they'll be easy to deface once the contest begins, he says.

ISS recommends that organizations deactivate unneeded public-facing Web servers and turn off any unnecessary services on other Web servers. In addition, Webmasters should apply any necessary software patches to potentially vulnerable machines, Allor says.

Recently disclosed software vulnerabilities that have not yet been patched are attractive targets for hackers, he adds.

[Nexus]

I can't imagine going to my computer Sunday, and every site I go to was defaced with something like this:

Read this short story (fiction) for a jolt:

The Great Cyberwar of 2002

[FairOpinion]

Read this short story (fiction) for a jolt:

The Great Cyberwar of 2002

---

Fiction, but could be real scenario. I think that is exactly the major concern, the hackers gaining control over infrastructure. And as that article I mentioned from a year ago said, there have been incidents of probing, AQ is more computer savvy than they thought, and they found evidence of their interest in such attacks. You add it all together, and the fictional story can become real.

[PatrioticAmerican]

A good time to test that firewall.

[taxcontrol]

SCADA systems (System Control And Data Aquisition) are used to control the VAST (nearly 99%) of all gas, electrical, water (both hydro and drinking), and power grid funtions in the US. Most of these protocols are NOT IP based and NOT directly reachable via the Internet.

However, SCADA systems report back to and are controled from a host system the VAST majority of which ARE IP enabled, and many are connected to the Internet.

A "real" hacker (properly called a cracker) is a danger to our society - no doubt. Our enemies know this and are gaining skills fast. The problem is that the "fix" is a multi phased approach and the first phase will cost between $2 and $3 Billion to implement. The other problem is that the folks in the Fed who make the decisions are being advised by individuals who can not make it out in the "real security industry". So the solutions that will work and would begin to change landscape of Cyberspace, go lacking while feel good programs of color codes and anouncements and TV posturing get all the glory - and funding.

Click on my id to read about my background and determine for yourself if I know what I'm talking about.

[Due to obvious restrictions, that is about as much detail as I can go into at this time.]

[FairOpinion]

"The problem is that the "fix" is a multi phased approach and the first phase will cost between $2 and $3 Billion to implement. "

---

Someone should point out to them how much would it cost if just one major attack succeeded, the $2-3 B to prevent it is peanuts.

I did look at your page, impressive. Working on emerging technologies must be fun. Maybe you can convince the proper government departments of the importance and urgency of fixing the vulnerabilities, before an attack occurs. :)

I could tell from your posts even before, that you are knowledgeable and know what you are talking about. While I am not infallible, I can tell when someone speaks from real knowledge and experience or just blowing smoke.

[Cindy]

LINKS OF INTEREST:

GCN.com - GOVERNMENT COMPUTER NEWS: "WEB DEFACEMENT CONTEST SCHEDULED FOR SUNDAY" by William Jackson (ARTICLE SNIPPETS: "According to an announcement posted at http://www.defacers-challenge.com/, the contest will be conducted over a six-hour period." ..."The announcement is written in comically broken English, but security experts are taking the threat seriously.") (July 2, 2003)

NY POST.com: BLOOMBURGLAR" By ADAM MILLER and ANDY GELLER (ARTICLE SNIPPET: "A wacky computer hacker from Kazakhstan was sentenced to 51 months in the slammer yesterday for trying to extort $200,000 from Mayor Bloomberg's company before Hizzoner entered politics. Manhattan federal Judge Kimba Wood also ordered Oleg Zezev, 29, to pay restitution of more than $950,000. Zezev was found guilty on Feb. 26 of conspiracy, attempted extortion, sending threatening computer e-mails and computer intrusion.He faced up to 20 years behind bars, but Wood sentenced him only to four years and three months.") (July 2, 2003) (Read More..)