After Hacking, Freedom Moves to Protect Web Sites.

[William Knowles <wk () C4I ORG>]

http://www.mediainfo.com/ephome/news/newshtm/stories/101700n4.htm

[Place your bets if this 'Will' happen again! The masses of Internet
web defacers will now be trying to compromise ocregister.com  -WK]


Tuesday, October 17, 2000
By: Joel Davis

In the aftermath of the most ominous "hacking" incident yet involving
a newspaper Web site, The Orange County (Calif.) Register has "moved
the whole server behind a firewall," spokeswoman Nancy Souza said.
"It's not going to happen again."

The Register's parent company, Freedom Communications Inc., has
information-systems personnel monitoring company sites on a 24-hour
basis, both through electronic alarms and staff vigilance, she added.
Whether other newspaper sites are adequately on guard is another
question.

Cyber vandals registered a direct hit Sept. 29 on the Register's Web
site in what is believed to be the first true alteration of content at
a U.S. media Web site. "It's supposedly the first time hackers edited
copy as opposed to replacing a whole home page with their own
gobbledygook," said Souza.

The Santa Ana-based daily's Web site, ocregister.com, was altered for
about 45 minutes on a Friday night. As many as 10 Freedom
Communications sister papers were targeted in separate invasions Sept.
25.

While the motive behind the attacks isn't known for certain,
speculation at the Register is that they somehow are linked to anger
at stories about the arrest of Jason Diekman, 20, of Mission Viejo,
who allegedly hacked into computers operated by the National
Aeronautics and Space Administration and several large universities.
The invaders fiddled with a story about Diekman, mocking neighbors who
were interviewed while adding insults and sexual remarks, and
inserting a fake photo of the suspect.

One revised article identified Microsoft Corp.'s Bill Gates as
admitting in court papers that he had hacked into "hundreds, maybe
thousands" of computers, and falsely claimed he had been sentenced to
jail for grand larceny in an "unrelated" case. "We don't know why the
hacker did it, but this was a local story for us, as opposed to most
media that covered it," Souza noted.

The invaders broke through via a Freedom file transfer protocol (FTP)
port made by SGI. "They hacked into the system through an open port,
so to speak," Souza explained, adding that this particular server is
seldom attacked because it is too expensive for most hackers to
acquire and deconstruct. While editorial content was manipulated,
there were no reader complaints or financial damage, Souza said.

Other Freedom papers hit by hackers included the Marysville
Appeal-Democrat, a small Northern California daily. Publisher Olaf
Frandsen said the site's regular content was dumped in favor of lyrics
of heavy-metal music and "teen-speak."

"Somebody in the newsroom saw it and went and told an editor,"
Frandsen said, adding that the problem took about two to three hours
to fix. "The only thing that came out of it all was a note of caution.
We were lucky. Next time, it could be more dramatic or costly."

While the intruders' work in these instances was fairly blatant, the
fact that they were able to manipulate editorial content on the
Register site is worrisome. "With The Orange County Register attack,
the idea that you can never trust what you read in the paper takes on
an entirely new meaning,'' B.K. DeLong of Attrition.org, which
monitors computer crime, told Inside.com. Statistics, quotes, or other
facts could easily be altered.

"This hacker didn't do a very good job of editing it's very juvenile,"
Souza said. "The ethical issue is: what if someone more subtle gets in
and changes the perception of the public?"


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".