[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] Deceptive Duo plant weitere Angriffe auf Pentagon-Webseiten

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] Deceptive Duo plant weitere Angriffe auf Pentagon-Webseiten
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Mon, 06 May 2002 14:45:52 +0200
Organization: http://www.fogis.de
Reply-to: infowar - de -! - infopeace - de
Sender: bendrath -! - zedat - fu-berlin - de

Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------

(von Georg Schöfbänker)

Defense Information and Electronics Report May 3, 2002 Pg. 1

Hacker Group Says It Plans More Attacks On Pentagon Web Sites

A hacker group that defaced two Defense Department Internet sites last
week 
says it plans more attacks on DOD Web pages in the coming days to
highlight 
Pentagon cybersecurity shortcomings.

"There are a lot more vulnerable DOD computers, [and] we plan on
exposing 
their inadequate security in the near future," the "Deceptive Duo"
hacker 
group wrote in an e-mail to Defense Information and Electronics Report
May 1.

DI&ER received the response after sending a message to an e-mail address 
the group posted on several defacements of DOD and other government Web 
sites, including a NASA site, over the past several days.

"The DOD sites were easy to deface," the group told DI&ER. "We said
'let's 
target the DOD and NASA now' -- 25 minutes later we were in DOD
computers 
as well as NASA computers."

The main page of the Office of the Secretary of Defense Web site 
(www.osd.mil), and the Navy's Space and Naval Warfare Systems Command
site 
(www.spawar.navy.mil) were defaced last week, according to Defense 
Department officials.

The OSD site was defaced during the "latter part of last week" Maj. Ed 
Thomas, a spokesman for the U.S. Space Command's Joint Task Force for 
Computer Network Operations, told DI&ER May 1. Multiple Web sites that 
track Internet security incidents reported that the OSD defacement took 
place April 26. The SPAWAR site was defaced April 22, said SPAWAR
spokesman 
Richard Williamson.

The group claims both sites were breached as part of a recent spree of 
government Web site defacements the group has executed in order to call 
attention to national security dangers posed by lax government computer 
security. Williamson acknowledged that it was easy for the group to gain 
access to www.spawar.navy.mil. Navy investigators have determined, he
said, 
that the group gained access using a default administrative username and 
password that had accidentally remained active when the site was moved
from 
its developmental server to a live server a year and a half ago.

The defaults were set as "username" and "admin," respectively,
Williamson said.

Thomas refused to comment on the method used to breach the OSD site.
"For 
operational security reasons, our policy is not to discuss impacts to
DOD 
networks, our ongoing military operations, nor our protection and 
mitigation efforts and strategies," he said.

Though Williamson and Thomas acknowledged the defacements were a breach
of 
security, each stressed that the sites accessed in both cases were
public 
Web sites containing only publicly available information.

The defacements were "done to unclassified public Web sites," Thomas
said. 
"Is it a violation of our computer security? Yes, it is. However, it is 
important to note that there was not classified information on these
sites."

Williamson said that all SPAWAR information the group was able to access 
was similarly "cleared for global public release" and was information
every 
taxpayer had a right to see.

The incidents, nevertheless, are being "carefully scrutinized and 
investigated and taken very seriously," Thomas said.

SPAWAR "senior management," Williamson said, has "directed a
comprehensive 
review of all sites that are possibly accessible from the outside."

Promising more hacks on DOD sites, the Deceptive Duo appears willing to 
risk being caught by military investigators. "We are of course afraid of 
being prosecuted," they wrote in their e-mail, "but we are more afraid
of 
the insecurities that lay within our U.S. government and other critical 
cyber-components."

SPACECOM's Thomas refused to confirm or deny whether the Deceptive Duo
was 
behind the attack on the OSD Web site, but Williamson confirmed the
SPAWAR 
defacement included a claim of responsibility from the group.

In addition to the SPAWAR, OSD and NASA sites, the group has defaced
sites 
owned by the Federal Aviation Administration, The Energy Department's 
Sandia National Laboratory, the U.S. Geological Survey and the National 
Institute of Standards and Technology over the past several days,
according 
to Web sites that track security incidents. The group has also targeted 
other elements of the nation's critical infrastructure, including
several 
regional airports.

Besides the main SPAWAR site, the group defaced a Navy site at 
c4iweb.spawar.navy.mil on April 29, according to Williamson. That site, 
however, is hosted not on a SPAWAR server, but on a server owned by the 
consulting firm Booz Allen Hamilton, which contracts with SPAWAR for
some 
Web site development work, Williamson said.

The content of that defacement and others by the hacking group were 
captured and stored by the Internet security Web site Alldas.org. In
each 
of these incidents, the content of the target site's main page was
replaced 
with the Deceptive Duo's trademark page, which identifies the group,
states 
the motivation for the defacement, and in most cases contains examples
of 
Web content the group was able to access at the target site.

The defacement of c4iweb.spawar.navy.mil, for example, includes what 
appears to be a screen shot of an employee database, complete with the 
usernames and passwords of each employee.

On the standard Web page the group posts as part of each defacement, the 
hacking effort is identified as "Mission: Foreign Threat," the objective
of 
which is to "Alert all National Security threats. Specifically the
critical 
infrastructures (government agencies, banks, environmental system
controls, 
airport/airlines, corporations) within The United States of America," 
according to the copies of the defacements.

"We are two U.S. Citizens that understand how sad our country's 
cyber-security really is," the group stated. The group's "mission is to 
define the weaknesses that lie upon us. Our lives revolve around the use
of 
electronic communication, we must protect our formation of 
controlling-technology one way or another," the hacked pages stated.

-- Hampton Stephens

---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.

Prev by Date: [infowar.de] Re: PI 02.05.02: RMA Cyborgs: Guided Rats
Next by Date: [infowar.de] Die Vision vom unblutigen Krieg: Waffen zur Aufstandsbekämpfung durchs US-Militär
Previous by thread: [infowar.de] Re: PI 02.05.02: RMA Cyborgs: Guided Rats
Next by thread: [infowar.de] Die Vision vom unblutigen Krieg: Waffen zur Aufstandsbekämpfung durchs US-Militär
Index(es):
- Date
- Thread