From: anonymous <anonat_private> http://www.nytimes.com/library/tech/99/01/biztech/articles/21hack.html January 21, 1999 U.S.I.A. Says Invader Killed Web Site and Damaged Computer By DAVID STOUT WASHINGTON -- An outsider breached the Internet security of the United States Information Agency a week ago, knocking its Web site out of action and forcing the agency to re-evaluate its computer protection, an official of the agency said today. The Web site was invaded at about 9 P.M. on Jan. 13 by someone who diverted users to other locations and then dismantled the site, according to James McGregor, a computer expert for the agency. McGregor said the site might function again by Thursday. He said the sabotage, the second such incident in six months, had caused "a constant stream of phone calls." The agency oversees educational and cultural-exchange programs, including the Voice of America radio network and the Fulbright scholarships. American diplomats abroad and foreign diplomats constantly use the Web location for statements on American policy or texts of official speeches not covered by news organizations, McGregor said. The new invasion of the site, created in 1994, is far more serious than the first, McGregor said. The Federal Bureau of Investigation is working on the case, and anyone caught could face serious criminal charges, he added. McGregor said there were similarities between the two break-ins. The first crippled the site for several days. In each attack the invader left the message, "Crystal, I love you," and the signature "Zyklon," McGregor said. Zyklon-B was the poison gas widely used in Nazi extermination camps. The styles of sabotage, however, were different in the two cases. In the first the hacker inserted his page into the site and then destroyed some of the agency's electronic documents. Computer experts at the agency said they thought that they had repaired the damage, but the saboteur had planted a "Trojan horse" that repeated the destruction hours later, McGregor said. The new assault resulted in basic hardware damage and the destruction of the site, McGregor said. The invader's message was also accompanied by a strange scrawl. "Before, he was just into text," McGregor said. "Now he's into bad graphics." Since news of the new invasion began circulating in computer circles, the agency has heard from people who call themselves hackers but disassociate themselves from the tactics of the taunters, McGregor said. People who consider themselves hackers affect a Robin Hood-like code of honor and describe more malicious saboteurs as "crackers," McGregor said, adding that the distinction is irrelevant to him. The invasion occurs as the information agency is about to pass from the scene. The independent agency will become part of the State Department on Oct. 1. McGregor said the damage from the break-ins could not be easily estimated. More significant than dollars, he said, has been the time spent by employees and outside contractors to make repairs. McGregor said a more permanent cost would be tighter security at the Web site. Users will not notice, he said, but employees will see changes as they have to go through additional elaborate steps to place items on the site. "We simply can't have this happening every six months," McGregor said. "People rely on us." ___________________________________________________________________ You don't need to buy Internet access to use free Internet e-mail. Get completely free e-mail from Juno at http://www.juno.com/getjuno.html or call Juno at (800) 654-JUNO [654-5866] -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:42 PDT