Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Hackers could be planning major attack, says White House,

Klingt nach Al Qaeda und dem im Radio wieder auferstandenen Osama Bin
(wer erinnert sich noch an die Ideen der US-Infowarriors, mittels
Audio-und Videomorphingden gegner in die Irre zu führen? Aber das ist
ein anderes Thema.),
ist aber nur ein Wurm...

November 12, 2002 

Hackers could be planning major attack, says White House 

By Shane Harris sharris -!
- govexec -

A new computer worm infecting a popular World Wide Web technology is
proof that computer hackers have grown more sophisticated and could be
preparing a significant attack, according to a senior White House

Marcus Sachs, director of communication and infrastructure protection at
the White House Office of Cyberspace Security, said hackers driven to
"the back streets and back alleys of the Internet" by intense law
enforcement scrutiny following the Sept. 11 attacks have quietly been
building new threats. The new worm, widely known as Slapper, is a prime
example of their abilities, he said.

Officials believe millions of devices are vulnerable to Slapper, which
is a computer code that burrows into a server, the program that provides
the files that constitute Web pages. It enters through a well-known
weakness in the Secure Socket Layer (SSL) that connects servers to the
Internet. Once inside, the worm forces the server to seek out other
infected machines, forming an army of so-called "zombies" that could
bombard Web sites with bogus requests for information, causing a massive
traffic jam on the Internet. 

The attack method, known as a distributed denial-of-service attack, has
been used to disrupt service on sites such as Yahoo! and eBay. Attacks
last year by other worms, such as Code Red and Nimda, caused billions of
dollars in damage and targeted some government Web sites, including a
White House server. 

The Slapper worm was identified two months ago, but federal officials
still are concerned that many infected or at-risk organizations and
individuals haven't taken adequate steps to protect themselves. The
FBI's National Infrastructure Protection Center has found four variants
of the worm, and notes that rates of new infection have declined.
However, the agency also has warned that between 25,000 and 30,000
servers have already been infected. A steady buildup of infections
preceded the Code Red and Nimda attacks. 

Sachs said Slapper represents a "double barrel" feat of hacker
engineering, because it targets two well-known devices that have long
been considered quite secure. The Apache server the worm attacks and the
hole in the SSL connection through which it enters are open source
products, meaning their design is publicly available. Sachs said there
has been a longstanding myth that open source technologies are safer
than proprietary systems because their design can be improved by anyone
who wants to examine them. The Slapper worm is helping to dispel that
notion, he said. 

The SSL vulnerability exists on a number of products, but Slapper is
infecting only Apache servers that use the device. 

Computer security experts believe Slapper is an evolution of previous
worms and viruses because it includes some of the capabilities of its
predecessors. It allows a remote attacker to hijack and command the
infected system, and it may cause network disruption when the zombie
systems communicate with one another, according to the Computer
Emergency Response Team Coordination Center, a federally funded security
research organization run by Carnegie Mellon University in Pittsburgh. 

Some believe Slapper is a sign of threats to come. "These types of worms
have the potential of becoming the much bigger problem out there," said
Vincent Weafer, senior director of the Symantec Anti Virus Research
Center in Santa Monica, Calif., who worked with the FBI to investigate
Code Red and other worms. 

Advisories from the center and the FBI list a number of steps to protect
systems against Slapper.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.