http://www.eastbayri.com/story/287578433919942.php By Scott O'Connell September 14, 2006 BARRINGTON - An international computer hacker erased an entire database of town documents from the Barrington town website last Tuesday. Instead of a list of links to archived meeting minutes and agenda files, web surfers on the "town documents" page found a repeated message that morning: "HACKED BY ENO7 (TURKISH) (NOWAR)." The online prank was apparently the work of a Turkish hacker who has also infiltrated the databases of several other websites around the globe in the past few months. Apart from the vague message on the Barrington website, the hacker has elaborated in past hacks that he or she is organizing a cyber protest of the Lebanon-Israeli conflict of this summer. According to Adam Kyle of Intap, the Providence-based Internet provider that hosts Barrington's online file database, the hacker used a procedure called SQL injection that automatically searched the world wide web for loopholes in database code. "It's not one person doing this it's an automated process," he said, adding that the hacker did not target Barrington's site specifically nor gain access to any information that wasn't already available to the public. "It's an everyday thing you have to look out for," Mr. Kyle said of eno7's hacking technique. "It's fairly common, but it's also easy to protect against." According to town webmaster Joe Shansky, the hack was apparently localized to the "town documents" page and did not affect the rest of the website, which he said was html-based and thus not prone to code hacks. Barrington Finance Director Dean Huff, who alerted Mr. Shansky to the hack Tuesday morning, added that it did not affect the town hall's computers and databases either. First time hit Mr. Shansky, who quickly fixed the page last Tuesday, said this was the first year in which the public database was featured on the town website. "That's what you get for going modern," he quipped. "This was really just a malicious thing." On Thursday, Mr. Huff said the town was in the process of uploading files back onto the database. Internet users can in the meantime go to the Rhode Island Secretary of State's website to access most town meeting agendas and minutes. Mr. Shansky said that Intap would adjust the database code to close up the loophole that led to the hack. He also stated that this incident was the first such hack to affect Barrington's website in his nine years as town webmaster. Mr. Kyle said that Intap, which has been Barrington's provider since 1997, had not received any other reports of eno7 hacks from the company's other clients. He mentioned that this particular hacker had a worldwide notoriety, however. "[Eno7's] agenda ... has a lot to do with the conflict in the Middle East," he said. In order to reach a worldwide audience, Mr. Kyle said the hacker built a "bot" program that automatically sends out messages to Internet databases that detect breaks in code. In the past two months, eno7 has hijacked hundreds of web pages throughout the Internet, from government pages on Denver's city website to the electricity information page on Cape Town, South Africa's website. In most cases, the hacker used the same repeated message in the Barrington website hack, but occasionally issued a more detailed explanation. On the website www.eyesofeurope.org, for example, the hacker replaced the main home page with a black screen and white type outlining his group's modus operandi on July 29. That hack also revealed that two other international hackers (or hacking groups) were involved in the prank: Byond crew of Chile and XTech Inc of Argentina. "Lebanon-Israel ... STOP! No war - peace, that's all," the hacker wrote. "Hey admin, don't worry not just your page was defaced. This is just a cyber-protest ...! Join us!!" Under U.S. federal law, a convicted hacker can face up to 20 years in prison and/or fines of thousands of dollars, depending on the severity of the crime (computer hacking is covered under Fraud and False Statements). The hacker apparently did not worry about being caught - he included his e-mail address at the bottom of that page in July. Hacked! Town's site hit Barrington's town website - www.ci.barrington.ri.us - lost an entire page's worth of town meeting minutes and agenda files last week to a Turkish hacker. The rest of the site remained unaffected, and as of Friday the town was in the process of uploading agendas back onto the hacked page. * The affected page was www.ci.barrington.ri.us/government/documents.asp - the website's online database for archived meeting and agenda files. On Thursday, these were all erased from the main page, probably due to a glitch in the coding that enabled the hack. * The hack did not affect the website's other pages, which were html-based and therefore not vulnerable, nor did it affect the town hall's computers and databases, according to town officials. * According to a representative from Intap, Barrington's web service provider, the hacker randomly targeted the town website, and did not steal any information not already available to the public. * The database feature, installed on the town website earlier this year, was an "additional service," said town financial director Dean Huff. Residents can also access online meeting postings at the Secretary of State's website at www.state.ri.us. _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
This archive was generated by hypermail 2.1.3 : Fri Sep 15 2006 - 02:57:46 PDT