http://www.themonitor.com/SiteProcessor.cfm?Template=/GlobalTemplates/Details.cfm&StoryID=4697&Section=Local December 11,2004 Alma Walzer The Monitor EDINBURG - The official Hidalgo County Web site fell victim last weekend to an international computer hacking group known by the names of Dead_c0 de and Kernel_Attack, believed to be based in Brazil. The hackers defaced the county's main page on or about Dec. 5 and posted an obscene message directed at President George W. Bush, Osama bin Laden, Saddam Hussein and the United States of America. Using Portuguese and English, the group said "we are not kiddies, nor are we nerds, much less hackers," according to the message on the Web site's main page. "Kernel_Attack ownZ you." It is not known exactly how long the message remained on the county Web site, said county information technology director Renan Ramirez. "Once we noticed it on Sunday night, about 10 p.m., we fixed it right away," Ramirez said. "They creamed the main page and replaced it with a "You've been hacked page." "It didn't affect functionality, all we had to do was repair the main page," Ramirez said. "By Monday morning, we were already posting jobs and we really didn't even consider it a very big deal until we read the message and realized it slandered the president." The county's Web site doesn't have transactional capabilities, therefore, there was no real threat to data, Ramirez said. "We have hack attacks all the time," Ramirez said. "The Web site allows the public to view the county phone directory, job postings the commissioners court agenda and provides links to related sites. No county data was compromised." Hidalgo County is not alone. A similar message appeared Friday on a Texas Southern University Web site. The Department of Transportation Studies at TSU, located in Houston, bore the same message without the obscenities to Bush, bin Laden, Hussein and the United States. A news service in the Philippines reported that the Philippine Airlines Web site was hacked by a group that left the same signature line "Kernel_Attack ownZ you " in November. The site used by air travelers to reserve flights with their credit cards was crippled for days. Ramirez said he's required by county policy to report the issue to the proper authorities. The proper authorities include the FBI and the Secret Service. Rosalie Savage, spokeswoman for the McAllen bureau of the FBI, said she personally wasn't familiar with Dead_C0 de or Kernel_Attack. The FBI's San Antonio office has a cyber crime squad that would investigate the situation, Savage said. "If it's valid information then FBI would look at it - and the Secret Service as well, not just us," Savage said. Meanwhile, Ramirez is working hard to make sure the Web site isn't compromised again. "We got approval on some requested equipment for next year," Ramirez said. "We are specifically targeting these threats and getting some detection equipment and a secondary firewall, and we're changing the service provider. "There are five or six different steps we're taking to prevent this from happening again," Ramirez said. Ramirez could have his work cut out for him, as no system is ever considered 100 percent secure. "Nothing is perfect," said Martin Streicher, editor in chief of Linux Magazine. Linux is a computer operating system similar to Windows. The hacker's message made a reference to Linuxmail.org. "There are varying levels of vulnerability depending on what kind of computer you use - its more of a software problem, but there are some hardware problems as well." Streicher pointed to previous cases of "war driving" in San Francisco, Calif., where individuals drive around with laptops and wireless internet access, looking for systems which are unsecure. "Effectively, they open to door to anyone who wants to come in," Streicher said. "There are tons of well known vulnerabilities in Windows. Your Web server alone lets them know what your system is vulnerable to," Streicher said. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Mon Dec 13 2004 - 03:01:47 PST