Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

[defaced-commentary] Deceptive Duo in the news again

From: InfoSec News <isn () c4i org>
Date: Mon, 6 May 2002 02:29:41 -0500 (CDT)
---------- Forwarded message ----------
Date: Sun, 5 May 2002 20:59:18 -0400 (EDT)
From: security curmudgeon <jericho () attrition org>
To: defaced-commentary () attrition org
Subject: [defaced-commentary] Deceptive Duo in the news again


Earlier today (May 5, 2002), the defacing group "Deceptive Duo" struck
again changing the home page of three gov/mil systems.

Website: asp.navair.navy.mil (198.97.72.28)
Mirror: http://defaced.alldas.org/mirror/2002/05/05/asp.navair.navy.mil/
OS: Windows

Website: www.export.gov (170.110.104.25)
Mirror: http://defaced.alldas.org/mirror/2002/05/05/www.export.gov/
OS: Windows

Website: www.fhfb.gov (204.94.175.5)
Mirror: http://defaced.alldas.org/mirror/2002/05/05/www.fhfb.gov/
OS: Windows

Despite only defacing 9 machines (5 .gov, 2 .mil, 2 .com), they have
received media attention because of their "objective" and "mission".

From one of their defacements:


  Objective:
  Alert all National Security threats. Specifically the critical 
  infrastructures(government agencies, banks, environmental system 
  controls, airport/airlines, corporations) within The United States 
  of America

  Mission Outline:
  Locate and scan critical cyber-components of The United States of 
  America for vulnerabilities creating a foreign threat, while 
  remaining undetected. 

  Once located, publicly inform those who deserve to know the extent of 
  incompetence that lies between foreign lines and the United States 
  Administration.

While this sounds noble, one has to wonder if they are sincere about
their desire, or if this is nothing more than a means for publicity.
If they are sincere about improving the security of the national
infrastructure, several questions come to mind.

* With the recent events of 9-11, the FBI is overtasked with tracking
down leads related to terrorists and potential threats. How is taking
federal agents off those tasks to investigate domestic computer crime
helping?

* If they are so interested in improving security, why are their
targets only Windows machines? Defacing a single type of operating
system typically points to script kiddies who are abusing the latest
vulnerability, not people competant at computer security.

* Why are they exposing personal information such as home phone
numbers and addresses of people affiliated with the sites? These are
not people that are responsible for the security of the systems being
compromised. Sharing this personal information with a recognized
journalist would serve the same purpose and protect their personal
information.

So far, these defacements don't seem to show a real concern for
national security.  Media attention seems to be a higher priority.

--

Deceptive Duo defacements:
http://defaced.alldas.org/?attacker=The+Deceptive+Duo

FAA Confirms Hack Attack
By Kevin Poulsen, Apr 25 2002  4:52PM
http://online.securityfocus.com/news/378

Computerworld > News > Saturday, 4 May, 2002
Hacker duo say they hack for sake of national security
"We must take drastic means for them to take this seriously"
Linda Rosencrance, FRAMINGHAM
http://www.computerworld.com/securitytopics/security/story/1,10801,70728,00.html


-
The information and commentary is Copyright 2002, by the individual author.
Permission is granted to quote, reprint or redistribute provided the text is not
altered, and the author and attrition.org is credited. The opinions expressed
in this mail are not necessarily the opinion of all Attrition staff members.

Commentary Archive: http://www.attrition.org/security/commentary/
The Attrition Mirror: http://www.attrition.org/mirror/attrition/
Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html
Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html
Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html

Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html
Contacting Attrition Staff: staff () attrition org

To subscribe to Defaced Commentary, send mail to majordomo () attrition org
with "subscribe defaced-commentary" in the BODY of the mail (without
quotes). To unsubscribe, include "unsubscribe defaced-commentary" in
the BODY of the mail.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: