The cyberwars of the Middle East have spread to Washington.

[William Knowles <wk () C4I ORG>]

http://washingtonpost.com/wp-dyn/articles/A4288-2000Nov2.html

Defaced site at:
http://www.attrition.org/mirror/attrition/2000/11/02/www.aipac.org/


By John Lancaster
Washington Post Staff Writer
Friday, November 3, 2000; Page A31

As widely reported last week, the violence raging between Israelis and
Palestinians has infected the Internet, as computer hackers on both
sides of the conflict have launched sophisticated sneak attacks on
opponents' Web sites originating in the region. Victims have included
Hezbollah, the militant Lebanese group, and the Israeli Foreign
Ministry, to name a few.

This week, it was the American-Israel Public Affairs Committee's turn.

On Wednesday afternoon, a group calling itself the Pakistani Hackerz
Club seized control of the Web site belonging to the powerful
pro-Israel lobby and replaced its home page with one containing
anti-Israel slurs. The hackers also broke into several AIPAC
databases--including one containing the credit card numbers of some
supporters--and sent out e-mails to about 3,500 AIPAC members boasting
of their feat.

As described by AIPAC officials, the hack attack was less than
catastrophic: The Web site was shut down within 15 minutes and those
whose personal or credit card data may have been compromised--about
700 people--were promptly notified of the intrusion. Contrary to the
hackers' claims, they did not penetrate AIPAC's main members'
database, the officials added.

Still, the episode underscores the degree to which political and
military conflicts are increasingly spilling into cyberspace. It also
emphasizes the continuing vulnerability of electronic data to
unauthorized snoops. AIPAC officials, for their part, felt
sufficiently violated by Wednesday's intrusion that they notified the
FBI, which is investigating the crime, said AIPAC spokesman Ken
Bricker.

The FBI, in fact, already had anticipated such an attack. In an Oct.
26 advisory, the bureau's cybercrime unit, the National Infrastructure
Protection Center, warned: "Due to the credible threat of terrorist
acts in the Middle East region, and the conduct of these Web attacks,
[Internet users] should exercise increased vigilance to the
possibility that U.S. government and private-sector Web sites may
become potential targets."

The Pakistani Hackerz Club had made its debut long before its assault
on AIPAC. On Oct. 8, CNN.com reported that the "club" had defaced
scores of Web sites, including several government sites in China and
one promoting mildew-removal products. Though its choice of targets
may have seemed haphazard, its intent was generally the same:
promoting the cause of Muslim separatists in Kashmir, sometimes by
posting photographs of charred bodies and Kashmiri children allegedly
wounded by Indian troops.

The club allegedly consists of two Pakistani students who go by the
nicknames "Dr. Nuker" and "Mr. Sweet."

This week they jumped into the Arab-Israeli fray. "This is to inform
you that the web site server is hacked . . . the web site defaced and
all of their users database is compromised," said their message
greeting visitors to AIPAC's Web site on Wednesday afternoon. "The
hack is to protest against the atrocities in Palestine by the
barbarian Israeli soldiers and their constant support by the U.S.
government."

Visitors also were treated to a selection of anti-Israel invective
culled from another AIPAC database penetrated by the hackers, this one
containing e-mails to the Web site's "webmaster." (The AIPAC webmaster
sometimes receives hate mail, some of which had not been deleted.)
Links directed visitors to sites depicting Palestinian victims of the
1948 Arab-Israeli war, among other things.

More disturbing was the hackers' ability to penetrate AIPAC databases
relating to members. One contained the e-mail addresses of 3,500
members who receive regular "crisis alerts" from the lobby; they were
the ones who received e-mails from "Dr. Nuker." The other database
contained personal information--including credit card numbers--from
about 700 people who had recently become AIPAC members or registered
for an AIPAC event.

The latter group was immediately informed of the security breach,
Bricker said.

AIPAC President Tim Wuliger said in an e-mail to members that his
staff discovered the Internet intrusion "within 10 minutes" and
immediately contacted the independent company that hosts the Web site,
which then shut it down.

"We have disabled our site, removed all lists and contacted the FBI,
which is currently investigating the matter," he wrote. "We are also
currently reviewing various security issues to determine where and how
we can house our site to maximize its security to the greatest extent
possible. The company that hosts our site is working to determine how
the site was penetrated."



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".