[ISN] U.S.I.A. Says Invader Killed Web Site and Damaged Computer

From: mea culpa (jerichoat_private)
Date: Thu Jan 21 1999 - 14:19:28 PST

  • Next message: mea culpa: "[ISN] U.S. Information Agency site hacked--again"

    From: anonymous <anonat_private>
    
    http://www.nytimes.com/library/tech/99/01/biztech/articles/21hack.html
    January 21, 1999
    U.S.I.A. Says Invader Killed Web Site and Damaged Computer 
    By DAVID STOUT
    
    WASHINGTON -- An outsider breached the Internet security of the United
    States Information Agency a week ago, knocking its Web site out of action
    and forcing the agency to re-evaluate its computer protection, an official
    of the agency said today. 
    
    The Web site was invaded at about 9 P.M. on Jan. 13 by someone who
    diverted users to other locations and then dismantled the site, according
    to James McGregor, a computer expert for the agency. McGregor said the
    site might function again by Thursday.
    
    He said the sabotage, the second such incident in six months, had caused
    "a constant stream of phone calls."
    
    The agency oversees educational and cultural-exchange programs, including
    the Voice of America radio network and the Fulbright scholarships.
    
    American diplomats abroad and foreign diplomats constantly use the Web
    location for statements on American policy or texts of official speeches
    not covered by news organizations, McGregor said.
     
    The new invasion of the site, created in 1994, is far more serious than
    the first, McGregor said. The Federal Bureau of Investigation is working
    on the case, and anyone caught could face serious criminal charges, he
    added. 
    
    McGregor said there were similarities between the two break-ins.  The
    first crippled the site for several days.
    
    In each attack the invader left the message, "Crystal, I love you,"  and
    the signature "Zyklon," McGregor said. Zyklon-B was the poison gas widely
    used in Nazi extermination camps.
    
    The styles of sabotage, however, were different in the two cases.  In the
    first the hacker inserted his page into the site and then destroyed some
    of the agency's electronic documents.
    
    Computer experts at the agency said they thought that they had repaired
    the damage, but the saboteur had planted a "Trojan horse" that repeated
    the destruction hours later, McGregor said.
    
    The new assault resulted in basic hardware damage and the destruction of
    the site, McGregor said. The invader's message was also accompanied by a
    strange scrawl. "Before, he was just into text," McGregor said. "Now he's
    into bad graphics."
    
    Since news of the new invasion began circulating in computer circles, the
    agency has heard from people who call themselves hackers but disassociate
    themselves from the tactics of the taunters, McGregor said. People who
    consider themselves hackers affect a Robin Hood-like code of honor and
    describe more malicious saboteurs as "crackers," McGregor said, adding
    that the distinction is irrelevant to him.
    
    The invasion occurs as the information agency is about to pass from the
    scene. The independent agency will become part of the State Department on
    Oct. 1.
    
    McGregor said the damage from the break-ins could not be easily estimated.
    More significant than dollars, he said, has been the time spent by
    employees and outside contractors to make repairs.
    
    McGregor said a more permanent cost would be tighter security at the Web
    site. Users will not notice, he said, but employees will see changes as
    they have to go through additional elaborate steps to place items on the
    site.
    
    "We simply can't have this happening every six months," McGregor said.
    "People rely on us."
    
    
    
    
    
    
    
    
    
    
    
    ___________________________________________________________________
    You don't need to buy Internet access to use free Internet e-mail.
    Get completely free e-mail from Juno at http://www.juno.com/getjuno.html
    or call Juno at (800) 654-JUNO [654-5866]
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:42 PDT