Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Deceptive Duo plant weitere Angriffe auf Pentagon-Webseiten,

(von Georg Schöfbänker)

Defense Information and Electronics Report May 3, 2002 Pg. 1

Hacker Group Says It Plans More Attacks On Pentagon Web Sites

A hacker group that defaced two Defense Department Internet sites last
says it plans more attacks on DOD Web pages in the coming days to
Pentagon cybersecurity shortcomings.

"There are a lot more vulnerable DOD computers, [and] we plan on
their inadequate security in the near future," the "Deceptive Duo"
group wrote in an e-mail to Defense Information and Electronics Report
May 1.

DI&ER received the response after sending a message to an e-mail address 
the group posted on several defacements of DOD and other government Web 
sites, including a NASA site, over the past several days.

"The DOD sites were easy to deface," the group told DI&ER. "We said
target the DOD and NASA now' -- 25 minutes later we were in DOD
as well as NASA computers."

The main page of the Office of the Secretary of Defense Web site 
(, and the Navy's Space and Naval Warfare Systems Command
( were defaced last week, according to Defense 
Department officials.

The OSD site was defaced during the "latter part of last week" Maj. Ed 
Thomas, a spokesman for the U.S. Space Command's Joint Task Force for 
Computer Network Operations, told DI&ER May 1. Multiple Web sites that 
track Internet security incidents reported that the OSD defacement took 
place April 26. The SPAWAR site was defaced April 22, said SPAWAR
Richard Williamson.

The group claims both sites were breached as part of a recent spree of 
government Web site defacements the group has executed in order to call 
attention to national security dangers posed by lax government computer 
security. Williamson acknowledged that it was easy for the group to gain 
access to Navy investigators have determined, he
that the group gained access using a default administrative username and 
password that had accidentally remained active when the site was moved
its developmental server to a live server a year and a half ago.

The defaults were set as "username" and "admin," respectively,
Williamson said.

Thomas refused to comment on the method used to breach the OSD site.
operational security reasons, our policy is not to discuss impacts to
networks, our ongoing military operations, nor our protection and 
mitigation efforts and strategies," he said.

Though Williamson and Thomas acknowledged the defacements were a breach
security, each stressed that the sites accessed in both cases were
Web sites containing only publicly available information.

The defacements were "done to unclassified public Web sites," Thomas
"Is it a violation of our computer security? Yes, it is. However, it is 
important to note that there was not classified information on these

Williamson said that all SPAWAR information the group was able to access 
was similarly "cleared for global public release" and was information
taxpayer had a right to see.

The incidents, nevertheless, are being "carefully scrutinized and 
investigated and taken very seriously," Thomas said.

SPAWAR "senior management," Williamson said, has "directed a
review of all sites that are possibly accessible from the outside."

Promising more hacks on DOD sites, the Deceptive Duo appears willing to 
risk being caught by military investigators. "We are of course afraid of 
being prosecuted," they wrote in their e-mail, "but we are more afraid
the insecurities that lay within our U.S. government and other critical 

SPACECOM's Thomas refused to confirm or deny whether the Deceptive Duo
behind the attack on the OSD Web site, but Williamson confirmed the
defacement included a claim of responsibility from the group.

In addition to the SPAWAR, OSD and NASA sites, the group has defaced
owned by the Federal Aviation Administration, The Energy Department's 
Sandia National Laboratory, the U.S. Geological Survey and the National 
Institute of Standards and Technology over the past several days,
to Web sites that track security incidents. The group has also targeted 
other elements of the nation's critical infrastructure, including
regional airports.

Besides the main SPAWAR site, the group defaced a Navy site at on April 29, according to Williamson. That site, 
however, is hosted not on a SPAWAR server, but on a server owned by the 
consulting firm Booz Allen Hamilton, which contracts with SPAWAR for
Web site development work, Williamson said.

The content of that defacement and others by the hacking group were 
captured and stored by the Internet security Web site In
of these incidents, the content of the target site's main page was
with the Deceptive Duo's trademark page, which identifies the group,
the motivation for the defacement, and in most cases contains examples
Web content the group was able to access at the target site.

The defacement of, for example, includes what 
appears to be a screen shot of an employee database, complete with the 
usernames and passwords of each employee.

On the standard Web page the group posts as part of each defacement, the 
hacking effort is identified as "Mission: Foreign Threat," the objective
which is to "Alert all National Security threats. Specifically the
infrastructures (government agencies, banks, environmental system
airport/airlines, corporations) within The United States of America," 
according to the copies of the defacements.

"We are two U.S. Citizens that understand how sad our country's 
cyber-security really is," the group stated. The group's "mission is to 
define the weaknesses that lie upon us. Our lives revolve around the use
electronic communication, we must protect our formation of 
controlling-technology one way or another," the hacked pages stated.

-- Hampton Stephens

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.