FTSE gets hacked

[InfoSec News <isn () C4I ORG>]

http://www.theregister.co.uk/content/6/15345.html

By: Lucy Sherriff
Posted: 08/12/2000 at 18:09 GMT

The FTSE web site at FT-SE.co.uk has been hacked by a group calling
themselves "kat krew."

The FTSE confirmed that the front page had been hacked in the early
hours of this morning, at around four AM.

A spokeswoman for FTSE said: "The home page is more of a marketing
tool, and we don't have the same security in place so it would have
been quite easy, we are aware of that."

She said that FTSE was talking with its "external consultants" and was
reviewing the security procedures. She also emphasised that the
business critical information was on different servers which were not
hacked.

The capacity of the hacking community to embarrass the corporate world
should not be underestimated. This was not a particularly malicious
attack and the hackers even left a note explaining that no damage had
been done.

However, as Chris MacNab of security specialists MIS Corporate Defense
Solutions pointed out, this is yet another example of a big
multinational corporation not taking the issue of security seriously
enough.

"A good 99 per cent of these defacements are just opportunistic hacks.
They are done by 15 or 16 year-old kids, using their parents PC to
scan the net for vulnerabilities," he said.

"Companies need to take the isse more seriously because security is
all about accountability and control. There may not have been any
critical data on the server, but a defacement can undermine a brand's
credibility."

[Defacement archived at:
http://www.attrition.org/mirror/attrition/2000/12/07/www.ft-se.co.uk/ ]

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".