Cracker vows to continue defacement campaign

[InfoSec News <isn () C4I ORG>]

http://www.zdnet.co.uk/news/2000/37/ns-17941.html

Mon, 18 Sep 2000 13:05:41 GMT
Will Knight

Prominent UK cracker Herbless says campaign will continue after
getting response to site defacements

Politically motivated cracker Herbless intends to continue his
campaign of UK Web page defacements, having successfully spread his
message in recent weeks.

The prolific cracker successfully defaced over 100 corporate Web sites
last week in protest of the government's stance on petrol prices in
the UK. He has also targeted a number of government Web sites to
express disillusionment at government policy on smoking and curiously
even attacked Legoland over the DeCSS DVD decoding legal conflict.

In an email message to ZDNet UK Herbless said that people are
apparently taking notice of his Web site vandalism. "I have received
over 190 emails of support for the petrol protest and more are coming
in hourly," says Herbless. "This means that people are seeing my
messages and also taking the time to read them."

Asked whether this would inspire more defacement over political
issues, Herbless said: "Watch this space." The cracker explained why
his particular brand of Internet graffiti invariably has a political
edge. "If I wanted to scrawl my name all over the place, I would have
trashed thousands of servers by now and written 'H3r8l3ss 0wn3z U
5uCk3rz' or some such nonsense all over their main pages. I treat my
defacements as a form of non-violent yet public protest about things
that I feel are wrong."

Herbless has typically exploited a password configuration oversight
with the SQL databases powering a Web site to carry out page
defacements. The cracker has not erased vital data or deliberately
damaged systems and believes that the most harmful aspect of these
defacements may be drawing attention to this security blunder.

"Such ignorance of elementary server configuration issues can only be
damaging to an online company, and deservedly so. This is something
that could be avoided by simply reading the manual, the Read Me files
that come with the software or subscribing to the Microsoft security
bulletin list," says Herbless.

Security professionals, on the other hand, argue that Herbless could
be spending his or her time more productively. "Obviously he's playing
a dangerous game," says vice president of E-Security Kevin Black.
"There's no doubt that what he is doing is illegal." Black also says
that, while they may not particularly malicious in themselves, these
attacks could leave systems vulnerable to others. "He may well have
inadvertently opened up the network to others who have more sinister
motives," adds Black. "The most valuable commodity to a hacker is a
zero day [or unfixed] exploit."

Although Herbless sees defacing Web sites as a legitimate means of
protest, the cracker is also aware of the inherent risks. "Sometimes I
get a little paranoid... which is a good thing I suppose. If I keep
defacing though, the odds are that I'll make a mistake and that's all
it takes -- one mistake and I'm caught."

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".