[ISN] School holiday hackers raid top companies

From: mea culpa (jerichot_private)
Date: Mon Jul 20 1998 - 23:01:26 PDT

  • Next message: mea culpa: "[ISN] WIPO-HR2281: Update"

    Forwarded From: Simon Taplin <stickert_private>
    HACKERS have broken into computer systems at some of South Africa's
    biggest companies, taking with them top-secret passwords.The bulk of the
    attacks came in the past three weeks and coincided with the school
    holidays and the release of a hacking tool on the Internet. At least one
    13-year-old has been caught breaking into a massive computer network. 
    In the most recent incidents:
    a.. The computers at one of South Africa's biggest companies were used as
    a gateway for hacking into other companies; 
    b.. A hacker claimed that a list of credit card numbers was downloaded
    from the database of an on-line ticket booking agency, but this has been
    denied by the company; 
    c.. The database linked to a cinema chain's web site was accessed and
    d.. The home page of a computer company's web site was completely altered; 
    e.. Passwords belonging to users of two Internet service providers were
    stolen and E-mailed to people in the computer industry.  At the cinema
    chain's web site, the mischievous hackers completely altered the Top 10
    movie listing. 
    Many system administrators have observed an increase in hacking attempts
    on their networks over the past three weeks. 
    Security logs show that many of these attacks have involved the running of
    scanning programmes, in particular the "mscan" hacking tool, posted on a
    popular hacker web site some two and a half weeks ago. 
    Local web servers on the list of casualties include The Internet Solution,
    Acenet and MWeb, countless other Internet service providers and a number
    of corporate servers. 
    Acenet's technical director, Wilhelm Lehmann, confirmed a malicious hacker
    had managed to intercept the user names and log-ins of several people, but
    added that the company had a complete list of the individuals concerned
    and had contacted them. 
    MWeb's public relations officer, Karen Visser, confirmed servers on its
    system had occasionally been "compromised" in the past, but she said any
    security loopholes had been closed effectively. 
    The Internet Solution's marketing manager, Alison Wright, confirmed that
    one of its unprotected servers had been compromised, but stressed the
    server did not contain any critical data and that the incident had not
    affected any of the company's clients. 
    "People attempt to break into our network on an ongoing basis," said Trent
    Rossini, director of The Internet Solutions' electronic commerce division. 
    "It's not whether hackers are trying, but whether they are successful," 
    Rossini said. 
    Deloitte & Touche security consultant Ryan Reuben said: "There is a big
    difference between changing the titles on a Top 10 movie listing and
    industrial espionage. But the reality is that it is easy to get into
    public web sites. Depending on the other security measures, individuals
    who want to could cause serious damage." 
    Fortunately, the hackers involved in five of the incidents were not
    malicious, and after exploring the vulnerabilities of the computer systems
    -- which included the public websites of two major banks, two
    entertainment companies and one corporation -- then notified the
    administrators about the security risks they had discovered. 
    At least one young hacker - a 13-year-old Cape teenager - has been traced
    by one of the biggest Internet service providers in the country. 
    The electronic footprints of another hacker were tracked from a network he
    had broken into - through various servers and a dial-up connection - to a
    leafy Gauteng suburb. A 30-year-old man was identified as the hacker and a
    pending criminal case against him may be the first of its kind to be heard
    in a South African court. 
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:03 PDT