---------- Forwarded message ---------- Date: Tue, 29 Jan 2002 21:47:04 -0500 (EST) From: security curmudgeon <jerichoat_private> To: defaced-commentaryat_private Subject: [defaced-commentary] Washington Post's Tech site hacked http://www.washingtonpost.com/wp-dyn/articles/A51403-2002Jan28.html By Nicholas Johnston Washington Post Staff Writer Tuesday, January 29, 2002; Page E05 Computer hackers attacked the Web site Washtech.com yesterday evening, replacing content on the news site's home page with taunts to the site's administrators and greetings to fellow hackers. The attack occurred around 6 p.m., and the bogus content on the home page was visible for about 20 minutes before administrators could shut the site down. As of last night, officials at Washtech, a Web site for technology news that operates alongside washingtonpost.com, did not know how the attack was conducted or when the Web site would be back online. At about 8:20 p.m., the main page of Washtech was rudimentarily rebuilt with a few headlines and links. "As soon as we learned about it, we took the site down," said Valerie Voci, Washtech's publisher. "We're still assessing what the security breach was." The Washington Post's main news site, washingtonpost.com, runs on separate computers from the Washtech site and was not affected by the attack, Voci said. Both Web sites are run by Washingtonpost.Newsweek Interactive, the Internet arm of The Washington Post Co. "It's a dangerous neighborhood out there," said Alan Paller, director of research at the SANS Institute, an Internet security research and education organization in Bethesda. "There are certain attacks that nobody can block. . . . If your people aren't absolutely, all the time on the latest patches, you're going to get hit." The message on the Web site included names tied to a group known as aCid fAlz Group. The group's Web site said the group defaces Web pages only as a means of exposing security holes in server software. It does this by changing a site's index file, the first page displayed on a site. That was the file altered on the Washtech Web site. E-mails sent to members of the group were not returned; a phone number listed for the administrator of the aCid fAlz Web site was not in service. Under the National Information Infrastructure Protection Act of 1996, unauthorized access of a computer that results in damages in excess of $5,000 can result in a fine or imprisonment of up to five years. A recent study found there were 52,658 network security breaches last year. Another study found that 41 percent of companies surveyed by a local Internet security firm reported a security breach that compromised their computer system. "This happens on the Internet," Voci said. "Unfortunately it's happened to us." - The information and commentary is Copyright 2001, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. Commentary Archive: http://www.attrition.org/security/commentary/ The Attrition Mirror: http://www.attrition.org/mirror/attrition/ Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html Contacting Attrition Staff: staffat_private To subscribe to Defaced Commentary, send mail to majordomoat_private with "subscribe defaced-commentary" in the BODY of the mail (without quotes). To unsubscribe, include "unsubscribe defaced-commentary" in the BODY of the mail. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Jan 30 2002 - 05:19:03 PST