Re: [ISN] Italian Police Nab Hacker Group

From: InfoSec News (isnat_private)
Date: Sat Jan 19 2002 - 20:58:13 PST

  • Next message: InfoSec News: "[ISN] Low-Tech Humans Subvert High-Tech Information Assurance"

    Forwarded from: Robert G. Ferrell <rferrellat_private>
    At 01:10 AM 1/18/02 -0600, you wrote:
    > Website defacements are no more than graffiti in digital form.
    > Should their entire lives be ruined because they did this?  how
    > about if they were doing it with a can of spray paint on the side
    > of your office building?  and exactly what are the monetary
    > damages?
    The reason this analogy is not entirely accurate is that most graffiti
    is applied in public areas; i.e., on spaces that can be legally
    accessed by members of the public.  A Web page is more akin to a
    window display than an exterior wall. The attackers must break into
    the building first, then leave their graffiti in an area to which they
    had no legal access. It is the action of compromising the system which
    does the real damage, not the actual Web defacement.  If all that was
    required to address a defacement was to replace the defaced page(s),
    the damage would be trivial.  However, once a box is compromised, any
    admin with even a vestige of a clue will be forced to consider the
    entire system tainted, with all the work that implies.
    Of course, the mechanism of compromise is relevant here, as well.  If
    the exploit merely replaces the index page via an HTTP-based buffer
    overflow or something of that nature, the potential for system-wide
    damage is obviously considerably reduced over, say, a full rootkit
    install. Unfortunately, the mechanism of compromise is often not clear
    until some digging into logs and examination of other system
    components has been achieved, and by then the cost of recovery is
    already non-trivial.
    My real point is simply that, while I agree that digital graffiti
    itself is little more than an annoyance, the costs of recovering from
    attacks of this nature are sometimes disproportionately large.  It's
    important to keep in mind the psychological impact of intrusions on
    the peace of mind of both the victim companies and their customers.
    These costs are difficult to quantify, but no less real for it.
    Robert G. Ferrell
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Sun Jan 20 2002 - 01:19:07 PST