Public institutions' Web sites target of cyber-attacks

[InfoSec News <alerts () infosecnews org>]

http://www.yomiuri.co.jp/dy/national/20080702TDY03305.htm

The Yomiuri Shimbun
July 2, 2008

Since March, many Web sites of public institutions such as municipal 
governments have been altered by cyber-attacks using the method called 
SQL injection, it has been learned.

The attacks are conducted ingeniously by hacking into the server that 
manages the Web site and setting up a program that infects the site with 
computer viruses.

The National Police Agency is investigating such attacks, concerned that 
cyberterrorism targeting public institutions might occur before the 
Group of Eight summit meeting in Toyakocho, Hokkaido, which starts 
Monday.

On May 29, an official in charge of managing the Internet server of the 
Takamatsu municipal government found a suspicious log showing that one 
of the city hall's computers had connected to a Chinese Web site.

The municipal government found that when another official tried earlier 
in the day to visit the city's Web page announcing the date when 
recyclable products are collected, the computer automatically connected 
to the Chinese Web site without the official knowing it.

[...]


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com