Re: [ISN] Italian Police Nab Hacker Group

From: InfoSec News (isnat_private)
Date: Sat Jan 19 2002 - 20:58:13 PST

Next message: InfoSec News: "[ISN] Low-Tech Humans Subvert High-Tech Information Assurance"

Previous message: InfoSec News: "[ISN] Alert preceded Indian trust hacker breach"
Maybe in reply to: InfoSec News: "[ISN] Italian Police Nab Hacker Group"
Next in thread: InfoSec News: "RE: [ISN] Italian Police Nab Hacker Group"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Robert G. Ferrell <rferrellat_private>

At 01:10 AM 1/18/02 -0600, you wrote:
> Website defacements are no more than graffiti in digital form.
> Should their entire lives be ruined because they did this?  how
> about if they were doing it with a can of spray paint on the side
> of your office building?  and exactly what are the monetary
> damages?

The reason this analogy is not entirely accurate is that most graffiti
is applied in public areas; i.e., on spaces that can be legally
accessed by members of the public.  A Web page is more akin to a
window display than an exterior wall. The attackers must break into
the building first, then leave their graffiti in an area to which they
had no legal access. It is the action of compromising the system which
does the real damage, not the actual Web defacement.  If all that was
required to address a defacement was to replace the defaced page(s),
the damage would be trivial.  However, once a box is compromised, any
admin with even a vestige of a clue will be forced to consider the
entire system tainted, with all the work that implies.

Of course, the mechanism of compromise is relevant here, as well.  If
the exploit merely replaces the index page via an HTTP-based buffer
overflow or something of that nature, the potential for system-wide
damage is obviously considerably reduced over, say, a full rootkit
install. Unfortunately, the mechanism of compromise is often not clear
until some digging into logs and examination of other system
components has been achieved, and by then the cost of recovery is
already non-trivial.

My real point is simply that, while I agree that digital graffiti
itself is little more than an annoyance, the costs of recovering from
attacks of this nature are sometimes disproportionately large.  It's
important to keep in mind the psychological impact of intrusions on
the peace of mind of both the victim companies and their customers.
These costs are difficult to quantify, but no less real for it.

Cheers,

RGF

Robert G. Ferrell
rferrellat_private
http://rferrell.home.texas.net/rgflit.html 

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] Low-Tech Humans Subvert High-Tech Information Assurance"
Previous message: InfoSec News: "[ISN] Alert preceded Indian trust hacker breach"
Maybe in reply to: InfoSec News: "[ISN] Italian Police Nab Hacker Group"
Next in thread: InfoSec News: "RE: [ISN] Italian Police Nab Hacker Group"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jan 20 2002 - 01:19:07 PST