[Moderator: This was originally made to other lists carrying the discussion.] Reply From: mea culpa <jerichoat_private> Time to debunk the bull again.. > From: Carolyn Meinel <cmeinelat_private> > Subject: HHD for 8/17 > > Have you been wondering about our Web site and War Game? Patience, > please, we'll be up again! The hacker war against us has escalated to epic > proportions. Because our opponents are unable to intimidate us, they have > resorted to attacking the ISP, Rt66 Internet, that serves us, and also are > attacking our ISP's customers. In an Aug. 8, 1998 attack, these criminals > caused over $1.8 million in damage against those they held hostage to their > demands that no one give us access to the Internet. On August 14, the FBI > publicly announced it is pursuing our assailants. 1.8 million eh? Now, we know that rt66.com staff are most likely on salary, so lets factor in a few months of their work first of all. Say they are completely stupid and needed 5 of them rubbing heads for 3 months to work on this, we can guess that brings the bill up to 30,000 or so, but hell, lets round up. 50,000 is what it cost in man hours to deal with this (remember, we are saying *3* months, more than the benefit of the doubt). Equipment. Lets say they went out and bought top of the line hardware based sniffers, new machine for shell usage, and more. Another 50,000 bucks. This figure is based on them going hog wild on new equipment, party expenses, and everything else. Now.. changing credit card numbers. That is a service provided by the credit card companies. IF she or RT are claiming this as part of the damage, lets figure that in. Rough.. 5000 or so customers? 2500 with credit cards? Takes roughly 10 minutes to call in and change it. Time + material + helpdesk should realistically go for 5 bucks per card or so. (we don't play the bullshit inflation game). 5 * 2500 = 12,500 Hrm... what else? Ahh. I bet they hired some consultants to come fix it! If so, first, fire them if the machine got broken into again. Now.. lets see what we have here. 50,000 + 50,000 + 12,500 = 112,500 subtotal. 1,800,000 - 112,500 = 1,687,500 left that needs explaining. Lets say they hire some top notch (cough) security consultants that bill themselves out at 500/hr, mind you 150/hr is average. 1,687,500 / 500 = 3375 hours. 3375 / 40 = 84.3 weeks if they use one consultant. So now.. for that 1.8 million.. they had 5 of their own people working 3 months on this, along with a consultant who worked 84 weeks (well over a year), and that is how they can explain 1.8 million dollars. Seems to me that the staff of RT66.com is a bit undertrained, and has no concept of security. Further, it seems that they have no clue on intelligent spending to maintain a sane budget. I have this strange feeling that they have recently read two books... _Idiots Guide to Spending on Stupid Things_, and _The Happy Hacker_. > We need volunteers who specialize in gathering forensic evidence. > Is there anyone whose company sells computer security products that would Carolyn.. you and rt66 need more than that. You need a clue and a wake up call. > Those who are assaulting the customers of Rt66 Internet are the > worst terrorists in the history of computer crime. If they get away with Can we leave a bit of the drama out? What about the 100,000 customers of netcom during Mitnick? Seems that is a BIT bigger than your little pond on the net. > they succeed, the whole world will know that a gang of computer criminals > now has the power to force their will on anyone who wants to use the Internet. Its amusing that you release this when no widespread public statement was made by the terrorists. I monitor almost 100 mailing lists, I received copies of two pieces of mail from the last hack (i assume), and saw no terrorist demands. There were no threats leveled at the customers of rt66.com, nor the staff. So.. that in mind, could you share their demands so that we know you aren't making that up too? It is more than obvious you are making up the 1.8 million figure. Lying to the FBI about an investigation is a crime Carolyn. But hell, you knew that. Not the first time you have lied to FBI agents is it? -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:01:21 PDT