[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Deceptive Duo plant weitere Angriffe auf Pentagon-Webseiten
(von Georg Schöfbänker)
Defense Information and Electronics Report May 3, 2002 Pg. 1
Hacker Group Says It Plans More Attacks On Pentagon Web Sites
A hacker group that defaced two Defense Department Internet sites last
says it plans more attacks on DOD Web pages in the coming days to
Pentagon cybersecurity shortcomings.
"There are a lot more vulnerable DOD computers, [and] we plan on
their inadequate security in the near future," the "Deceptive Duo"
group wrote in an e-mail to Defense Information and Electronics Report
DI&ER received the response after sending a message to an e-mail address
the group posted on several defacements of DOD and other government Web
sites, including a NASA site, over the past several days.
"The DOD sites were easy to deface," the group told DI&ER. "We said
target the DOD and NASA now' -- 25 minutes later we were in DOD
as well as NASA computers."
The main page of the Office of the Secretary of Defense Web site
(www.osd.mil), and the Navy's Space and Naval Warfare Systems Command
(www.spawar.navy.mil) were defaced last week, according to Defense
The OSD site was defaced during the "latter part of last week" Maj. Ed
Thomas, a spokesman for the U.S. Space Command's Joint Task Force for
Computer Network Operations, told DI&ER May 1. Multiple Web sites that
track Internet security incidents reported that the OSD defacement took
place April 26. The SPAWAR site was defaced April 22, said SPAWAR
The group claims both sites were breached as part of a recent spree of
government Web site defacements the group has executed in order to call
attention to national security dangers posed by lax government computer
security. Williamson acknowledged that it was easy for the group to gain
access to www.spawar.navy.mil. Navy investigators have determined, he
that the group gained access using a default administrative username and
password that had accidentally remained active when the site was moved
its developmental server to a live server a year and a half ago.
The defaults were set as "username" and "admin," respectively,
Thomas refused to comment on the method used to breach the OSD site.
operational security reasons, our policy is not to discuss impacts to
networks, our ongoing military operations, nor our protection and
mitigation efforts and strategies," he said.
Though Williamson and Thomas acknowledged the defacements were a breach
security, each stressed that the sites accessed in both cases were
Web sites containing only publicly available information.
The defacements were "done to unclassified public Web sites," Thomas
"Is it a violation of our computer security? Yes, it is. However, it is
important to note that there was not classified information on these
Williamson said that all SPAWAR information the group was able to access
was similarly "cleared for global public release" and was information
taxpayer had a right to see.
The incidents, nevertheless, are being "carefully scrutinized and
investigated and taken very seriously," Thomas said.
SPAWAR "senior management," Williamson said, has "directed a
review of all sites that are possibly accessible from the outside."
Promising more hacks on DOD sites, the Deceptive Duo appears willing to
risk being caught by military investigators. "We are of course afraid of
being prosecuted," they wrote in their e-mail, "but we are more afraid
the insecurities that lay within our U.S. government and other critical
SPACECOM's Thomas refused to confirm or deny whether the Deceptive Duo
behind the attack on the OSD Web site, but Williamson confirmed the
defacement included a claim of responsibility from the group.
In addition to the SPAWAR, OSD and NASA sites, the group has defaced
owned by the Federal Aviation Administration, The Energy Department's
Sandia National Laboratory, the U.S. Geological Survey and the National
Institute of Standards and Technology over the past several days,
to Web sites that track security incidents. The group has also targeted
other elements of the nation's critical infrastructure, including
Besides the main SPAWAR site, the group defaced a Navy site at
c4iweb.spawar.navy.mil on April 29, according to Williamson. That site,
however, is hosted not on a SPAWAR server, but on a server owned by the
consulting firm Booz Allen Hamilton, which contracts with SPAWAR for
Web site development work, Williamson said.
The content of that defacement and others by the hacking group were
captured and stored by the Internet security Web site Alldas.org. In
of these incidents, the content of the target site's main page was
with the Deceptive Duo's trademark page, which identifies the group,
the motivation for the defacement, and in most cases contains examples
Web content the group was able to access at the target site.
The defacement of c4iweb.spawar.navy.mil, for example, includes what
appears to be a screen shot of an employee database, complete with the
usernames and passwords of each employee.
On the standard Web page the group posts as part of each defacement, the
hacking effort is identified as "Mission: Foreign Threat," the objective
which is to "Alert all National Security threats. Specifically the
infrastructures (government agencies, banks, environmental system
airport/airlines, corporations) within The United States of America,"
according to the copies of the defacements.
"We are two U.S. Citizens that understand how sad our country's
cyber-security really is," the group stated. The group's "mission is to
define the weaknesses that lie upon us. Our lives revolve around the use
electronic communication, we must protect our formation of
controlling-technology one way or another," the hacked pages stated.
-- Hampton Stephens
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.