[ISN] Information Warfare News Briefs: 06 July 1998

From: mea culpa (jerichot_private)
Date: Mon Jul 06 1998 - 19:16:37 PDT

  • Next message: mea culpa: "[ISN] AUCRYPTO: Professor Junger looses ohio crypto case."

    Forwarded From: iteamt_private
             I N F O R M A T I O N  W A R F A R E  -  N E W S  B R I E F S
                                 Monday 06 July, 1998
       Articles for today:
         1. Teen hacker breaks into Cape Internet accounts 
         2. Hacker posts anti-nuke message on scores of sites
                   Teen hacker breaks into Cape Internet accounts             
                              (Boston Herald; 07/04/98)                       
       A 16-year-old Eastham computer hacker broke into the Cape's main 
    Internet  service provider and looked at its customers' 15,000 account files, 
    Barnstable  police said yesterday.
       "His parents didn't seem to have a clue about what he was doing," said  
    Detective James Tamash. "They're cooperating with us 100 percent."
       He attends Nauset Regional High School and studies computers.
       Barnstable police and the attorney general's high-tech unit are now  
    investigating whether the hacker and his friends also gained access to 
    customer  credit card numbers.
       "We believe so," Tamash said. "Right now we can't say for sure."
       Police searched the youth's bedroom at 7:30 a.m. Wednesday and confiscated  
    his computer equipment after a long investigation that began in February with  
    an anonymous fax sent to CAPEInternet of Osterville.
       The fax said a group of teenagers had gotten their hands on customers' log- 
    on names and passwords, giving themselves free Internet access.
       As many as six Cape teens may be involved, including a Harwich youth who  
    worked for a company called Doctor PC, the Cape Cod Times reported.
       CAPEInternet traced a security breach last month to Doctor PC in Harwich  
    Center - the office where the company keeps modems that hook up 3,000 of its  
    Cape computer users to the net.
       But CAPEInternet has no evidence the hackers obtained any credit card  
    information from customer files, CI president W. Brooks McCarty said in a  
    letter posted on the company's home page. The company has stepped up security  
    and also moved its modems from Doctor PC to an undisclosed location.
       Investigators now are combing through the Eastham teen's computer files and  
    expect to charge him with several crimes. His name was not released because he  
    is a juvenile.
    (Copyright 1998)
                   Hacker posts anti-nuke message on scores of sites            
                                 (Reuters; 07/06/98)                           
        By James Glave     SAN FRANCISCO (Wired) - An 18-year-old member of the  
    anti-nuclear hacker group that last month wreaked havoc with e-mail and Web 
     servers at India's atomic research center has struck again with another  
    Internet political protest.     In what may be the largest "mass hack" ever  
    undertaken, the cracker, who goes by the name "JF," along with a number of  
    anonymous colleagues, simultaneously defaced more than 300 Web sites late  
    Thursday. The group replaced the sites' homepages with an image of a mushroom  
    cloud and an anti-nuclear screed.     "This mass takeover goes out to all the  
    people out there who want to see peace in this world," read the 800-word  
    declaration that graced an eclectic mix of general interest, entrepreneur,  
    adult, sport, and fan sites until early Friday morning.     Affected domains  
    included sites for The World Cup, Wimbledon, The Ritz Casino, actor Drew  
    Barrymore, and The Saudi Royal Family. Some of the sites were still defaced or  
    down as of late Friday afternoon, when Wired News spoke with JF over Internet  
    Relay Chat.     "The year is 1998," wrote JF, who is based in England. "We  
    should be moving towards world peace in the millennium, and nuclear warfare  
    [and] testing is NO way forward. It can destroy the world," the teen said.      
    "I'm only young; I don't want a hostile world on the edge of a nuclear  
    conflict," he added.   
     The mass hack happened almost by accident. While scanning a large network,  
    looking for security weaknesses, JF and his colleagues came across a Web site  
    hosting company called EasySpace. The firm, based in Kingston upon Thames,  
    England, offers "virtual domain" hosting-an arrangement whereby multiple Web  
    sites are located on a single server.     "We ... came across this, at first by 
     accident, then [we] realized what it was, and as we were planning a mass hack, 
     we decided to put it into operation," JF said.     The teen said that he and  
    his colleagues-members of another group called Ashtray Lumberjacks-penetrated  
    EasySpace's network with what they claimed was a nonpublic attack, and ran  
    computer code that inserted the same altered Web page on all the sites hosted  
    at EasySpace.     The entire operation was completed in approximately one hour, 
     he said.     EasySpace representatives declined to comment, aside from  
    forwarding to Wired News a copy of the email the company sent to affected  
    customers.     "This attacked (in the hacker's own spelling) coincided with 
    us  preparing to move our Easypost mail system onto a new server and receive  
    upgraded software," the message read in part.   
     "We will be re-installing the operating systems of the server your Web site is 
     hosted on over the weekend and will be upgrading the security. Apologies for  
    any inconvenience that may have been caused," the message concluded.     The  
    email included instructions for customers to restore their own Web sites,  
    suggesting that EasySpace had no backups of its own.     The protest Web page  
    bore the logo of JF's group Milw0rm. Last month, the same group claimed  
    responsibility for stealing email and deleting Web servers at the Bhabha Atomic 
     Research Centre in Bombay, India. In the latest protest statement, the 
    crackers  expressed their disappointment that peace talks had not begun on the  
    subcontinent.     "This tension is not good, it scares you as much as it scares 
     us. For you all know that this could seriously escalate into a big conflict  
    between India and Pakistan and possibly even World War III, and this CANNOT  
    happen," the text read.     John Vranesevich, founder of the computer security  
    Web site AntiOnline, said that mass Web page attacks, affecting multiple sites  
    at one time, are not common events.     "Usually any Internet Service Provider  
    that hosts such a large number of domains has very good security procedures in  
    place simply because they are usually a larger operation," Vranesevich said.    
      Vranesevich added that the group was unusual in that its members appear to be 
     driven as much by politics as they are by computer security issues.      
    "They're not claiming to be hacking to help progress computer security and 
    to  help make new exploits known. They're doing it for political reasons; it's 
    not  the means that's important it's the end result," Vranesevich said.      
                                (Defense Daily; 07/02/98)                           
      Jul  2, 1998  (DEFENSE DAILY, Vol. 199, No. 6) -- Only one year after their  
    formal establishment, the Air Force's six battlelabs are "for real and here to  
    stay," according to the chief of the service's battlelab integration division.
    "Our's is a strategy of innovation...the traditional acquisition process is too 
     slow and too cumbersome to affect real change," Air Force Col. Ron Kurjanowicz 
     said yesterday. "The battlelabs can bring real change to how we do business 
    and  impact the Air Force sooner rather than later."
    Kurjanowicz, who ensures that the disparate battlelabs remain visible to the  
    service's headquarters at the Pentagon, made his remarks yesterday at an Eaker  
    Institute colloquium hosted by the Air Force Association (AFA) in Arlington,  
    Va. AFA held the event in part to commemorate the battlelabs' first  
    anniversary, as well as to expose industry representatives to the battlelab  
    concept and to their commanders.
    The Air Force currently operates six battlelabs around the country. They  
    include: the Air Expeditionary Battlelab at Mountain Home AFB, Idaho; the Space 
     Battlelab at Schriever AFB, Colo.; the Information Warfare Battlelab at 
    Kelly  AFB, Texas; the Force Protection Battlelab at Lackland AFB, Texas; the 
    Command  and Control Battlelab at Hurlburt Field, Fla.; and the Unmanned Aerial 
    Vehicle  Battlelab at Eglin AFB, Fla.
    The role of the nascent battlelabs is to identify innovative operational and  
    logistical concepts, and to measure their potential for advancing the Air  
    Force's core competencies.
    According to Kurjanowicz, the challenge facing the battlelabs during the next  
    year is "what to do with our initiatives next," meaning how to introduce the  
    battlelabs' more promising concepts into the Air Force.
    "That's going to be an uphill fight, because innovation always threatens  
    existing paradigms," he said.
    Despite that, Kurjanowicz is confident that the battlelabs "will solve the  
    implementation challenge...because the battlelabs enjoy the support of the Air  
    Force's senior leadership."
    The IW News Briefs are provided as a free service of iWarfare.com, if you have
    any articles you think would be of benefit to this news service, please email
    them to iwteamt_private
    To unsubscribe send email to iw-newst_private, UNSUBSCRIBE in the subject.
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:15 PDT