Information Security News mailing list archives
The cyberwars of the Middle East have spread to Washington.
From: William Knowles <wk () C4I ORG>
Date: Fri, 3 Nov 2000 02:36:30 -0600
http://washingtonpost.com/wp-dyn/articles/A4288-2000Nov2.html Defaced site at: http://www.attrition.org/mirror/attrition/2000/11/02/www.aipac.org/ By John Lancaster Washington Post Staff Writer Friday, November 3, 2000; Page A31 As widely reported last week, the violence raging between Israelis and Palestinians has infected the Internet, as computer hackers on both sides of the conflict have launched sophisticated sneak attacks on opponents' Web sites originating in the region. Victims have included Hezbollah, the militant Lebanese group, and the Israeli Foreign Ministry, to name a few. This week, it was the American-Israel Public Affairs Committee's turn. On Wednesday afternoon, a group calling itself the Pakistani Hackerz Club seized control of the Web site belonging to the powerful pro-Israel lobby and replaced its home page with one containing anti-Israel slurs. The hackers also broke into several AIPAC databases--including one containing the credit card numbers of some supporters--and sent out e-mails to about 3,500 AIPAC members boasting of their feat. As described by AIPAC officials, the hack attack was less than catastrophic: The Web site was shut down within 15 minutes and those whose personal or credit card data may have been compromised--about 700 people--were promptly notified of the intrusion. Contrary to the hackers' claims, they did not penetrate AIPAC's main members' database, the officials added. Still, the episode underscores the degree to which political and military conflicts are increasingly spilling into cyberspace. It also emphasizes the continuing vulnerability of electronic data to unauthorized snoops. AIPAC officials, for their part, felt sufficiently violated by Wednesday's intrusion that they notified the FBI, which is investigating the crime, said AIPAC spokesman Ken Bricker. The FBI, in fact, already had anticipated such an attack. In an Oct. 26 advisory, the bureau's cybercrime unit, the National Infrastructure Protection Center, warned: "Due to the credible threat of terrorist acts in the Middle East region, and the conduct of these Web attacks, [Internet users] should exercise increased vigilance to the possibility that U.S. government and private-sector Web sites may become potential targets." The Pakistani Hackerz Club had made its debut long before its assault on AIPAC. On Oct. 8, CNN.com reported that the "club" had defaced scores of Web sites, including several government sites in China and one promoting mildew-removal products. Though its choice of targets may have seemed haphazard, its intent was generally the same: promoting the cause of Muslim separatists in Kashmir, sometimes by posting photographs of charred bodies and Kashmiri children allegedly wounded by Indian troops. The club allegedly consists of two Pakistani students who go by the nicknames "Dr. Nuker" and "Mr. Sweet." This week they jumped into the Arab-Israeli fray. "This is to inform you that the web site server is hacked . . . the web site defaced and all of their users database is compromised," said their message greeting visitors to AIPAC's Web site on Wednesday afternoon. "The hack is to protest against the atrocities in Palestine by the barbarian Israeli soldiers and their constant support by the U.S. government." Visitors also were treated to a selection of anti-Israel invective culled from another AIPAC database penetrated by the hackers, this one containing e-mails to the Web site's "webmaster." (The AIPAC webmaster sometimes receives hate mail, some of which had not been deleted.) Links directed visitors to sites depicting Palestinian victims of the 1948 Arab-Israeli war, among other things. More disturbing was the hackers' ability to penetrate AIPAC databases relating to members. One contained the e-mail addresses of 3,500 members who receive regular "crisis alerts" from the lobby; they were the ones who received e-mails from "Dr. Nuker." The other database contained personal information--including credit card numbers--from about 700 people who had recently become AIPAC members or registered for an AIPAC event. The latter group was immediately informed of the security breach, Bricker said. AIPAC President Tim Wuliger said in an e-mail to members that his staff discovered the Internet intrusion "within 10 minutes" and immediately contacted the independent company that hosts the Web site, which then shut it down. "We have disabled our site, removed all lists and contacted the FBI, which is currently investigating the matter," he wrote. "We are also currently reviewing various security issues to determine where and how we can house our site to maximize its security to the greatest extent possible. The company that hosts our site is working to determine how the site was penetrated." *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- The cyberwars of the Middle East have spread to Washington. William Knowles (Nov 04)