Man pleads `self defense' after hacking

[InfoSec News <isn () C4I ORG>]

http://www.taipeitimes.com/news/2001/02/21/story/0000074560

Wednesday, February 21st, 2001
By Jou Ying-cheng
STAFF REPORTER

The Criminal Investigation Bureau (CIB) yesterday referred to
prosecutors a computer engineer who allegedly hacked into a computer
server in what he called "self-defense."

The Hsinchu computer engineer, surnamed Fan (S), said he thought that
the other side attacked his computer first, while the truth was that
the other side was an innocent party which had been attacked by a
so-called Trojan horse program, a special type of computer virus, the
police said.

A man last year reported to the police that a Web site which teaches
magic and is run by him, had been hacked. He said some Web pages had
been altered and some registered users' access to the Web site
blocked.

The CIB investigated the case and traced Fan. During questioning Fan
told the police that last year his computer had been hacked several
times and he detected the source of the attacks as the server of the
magic-teaching Web site.

He therefore decided to take revenge and counter-attacked, to warn the
other side to stop the hostile actions, the police said.

But the police found out that the server of the magic-teaching Web
site had actually been attacked by NetBus, a kind of Trojan horse
program, and it had been used as a stepping-stone to launch further
attacks. The police said the hackers were very likely from abroad and
therefore difficult to catch.

The CIB says it is treating Fan as a suspect in a case of criminal
damage.

The CIB stressed yesterday that it was more concerned that another
Internet nuisance, Internet scanning, which is less serious than Fan's
offense but still harmful, remained unpunishable under the current law
in Taiwan.

Since Internet scanning -- scanning others' servers to detect system
holes or test security -- does not cause damage, people who do it
cannot be charged, Eric Lee (), Director of the CIB's Information
System Office and Computer Crime Squad, said.

Lee said the CIB recently received a series of complaints from various
foreign institutions that Taiwan's Internet users had intruded on or
harassed their servers with Internet scanning.

Such Internet scanning is usually a preparation for hacking attacks,
although people's real intentions may be multiple -- sometimes
criminal and sometimes involving academic research, Lee said.

Lee said such Internet scanning is outlawed in many countries but in
Taiwan there is still no law against it, and this causes a lot of
trouble.

Lee said that the Pentagon last year sought the CIB's assistance in
investigating a case in which the Internet attacks came from Taiwan.

Lee said the CIB found out the source of the attacks was a computer in
a university, but the university's network administrator replied that
such domain name system scans were commonplace in Taiwan.

The CIB says most of the Internet scan victims are computer companies,
followed by universities.

The countries in which these companies and universities are based
include the US, Germany, France, the United Kingdom, the Czech
Republic, Holland, Sweden, Canada and Australia.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".