[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] NIPC warnt vor DDOS-Attacken aus China

To: "Infowar.de" <infowar - de -! - infopeace - de>
Subject: [infowar.de] NIPC warnt vor DDOS-Attacken aus China
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Tue, 01 Apr 2003 19:32:27 +0200
Organization: http://www.fogis.de
Reply-to: infowar - de -! - infopeace - de
Sender: bendrath -! - zedat - fu-berlin - de

Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------

Ich habe die Warnungen auch aus anderen Quellen schon vor ein paar Tagen
gehört, aber die eigentlichen Attacken sind bisher ausgeblieben. Oder
habe ich was verpasst?
RB


Feds: Chinese Hack Attacks Likely

By Brian Krebs
washingtonpost.com Staff Writer
Monday, March 31, 2003; 3:27 PM

Chinese hacker groups are planning attacks on U.S.- and U.K.-based Web
sites to protest the war in Iraq, the Department of Homeland Security
warned in an alert that it unintentionally posted on a government Web
site today.

The hackers are planning "distributed denial-of-service" attacks,
which render Web sites and networks unusable by flooding them with
massive amounts of traffic. They also are planning to deface selected
Web sites, according to the alert, though the government said it did
not know when the attacks would occur.

The Homeland Security Department said it got the information by
monitoring an online meeting that the hackers held last weekend to
coordinate the attacks.

The department sent the alert to government and industry officials
over the weekend, but accidentally posted the link this morning on the
homepage of the National Infrastructure Protection Center (NIPC). The
alert was pulled early this afternoon.

Homeland Security Department spokesman David Wray said the information
was not supposed to be released to the public. "This was an
inadvertent release and the information -- while not classified -- is
sensitive," he said.

The disclosure was an embarrassment for NIPC, which has tried to win 
the trust of private sector companies that share information about 
cyber attacks and vulnerabilities, said Fred Cohen, a security 
researcher and former principal member of the technical staff at Sandia 
National Laboratories.

"When these groups see this alert, they'll potentially be able to see 
ways that they're being monitored and avoid those forums in the future," 
said Cohen, a pioneer in computer virus defense techniques. "All this 
from an agency that is supposed to be trusted to keep this level of 
information appropriately confidential."

The messages cited in the NIPC alert were posted on several hacker Web 
sites thought to be affiliated with the "Honker Union of China," a cadre 
of Chinese hackers that launched an assault against dozens of U.S. 
government Web sites in May 2001, after the collision of a Chinese
fighter 
jet and a U.S. surveillance plane on April 1, 2001. "Honker" is Chinese 
slang for "hacker."

The group at that time claimed responsibility for defacements at the
National Institutes of Health, the U.S. Navy, the California Department 
of Energy, the U.S. Department of Labor and other government and
business 
Web sites.

One Internet security expert said the April 1 anniversary cannot be
overlooked.

"Anniversaries are very important to Chinese hackers, and if they're 
planning on something in protest of the war in Iraq and to coincide with 
the anniversary of the April 1 collision, I think we can expect to see 
something fairly soon," said Jim Melnick, director of threat
intelligence 
for iDefense, an Internet security firm based in Reston, Va.

Melnick said the Honker group was rumored to be one the top suspects
behind 
the "Slammer" worm, a fast-moving Internet virus that spread to hundreds
of
thousands of servers almost instantaneously in January.

"The exploit code for Slammer was very similar to code they had posted
on 
a Web site earlier, but no one was ever able to verify the two were
related," 
he said.

The Homeland Security Department's warning comes amid a flurry of
antiwar 
hacking activity. Approximately 10,000 Web sites have been marred with 
digital graffiti by protesters and supporters of U.S.-led war in Iraq, 
according to F-Secure, a Finnish Internet security firm.

---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.

Prev by Date: [infowar.de] Hackers bombard US sites, pasting anti-war messages
Next by Date: [infowar.de] Reporter ohne Grenzen zum Irak
Previous by thread: [infowar.de] Hackers bombard US sites, pasting anti-war messages
Next by thread: [infowar.de] Reporter ohne Grenzen zum Irak
Index(es):
- Date
- Thread