Politech mailing list archives

Previous By Date Next
Previous By Thread Next

FC: Governments panic over missing hacker "defacement" threat

From: Declan McCullagh <declan () well com>
Date: Tue, 08 Jul 2003 00:14:15 -0400
First, see how Fed and state governments fretted about the purported threat:
http://www.cscic.state.ny.us/advisories/july03/7_01.htm
http://www.infowarrior.org/rforno/fedcirc-070103.txt

Then look at Symantec's statement:
Symantec Security Response has been tracking for any unusual activities associated with the hacker's Web site defacement challenge by monitoring activities through the Symantec Security Operations Centers and the Symantec DeepSight Threat Management System.
The challenge aims to award the first individual or group to deface 6,000 Web sites within a six-hour timeframe on July 6, 2003. The deadline for the challenge was extended to midnight Estonian time.
Here's a recap of what Symantec's experts have monitored throughout the day on July 6, 2003: Although there was a slight increase in Port 80 activities, it was not statically significant Symantec's security experts continue to see no sign of any increased Web attack activities. There have been reports of several hundred Web defacements; however, with hundreds of Web sites being defaced every day, this number is not significant.
And read some of the more critical news coverage from today, reminding us that (surprise) not much of anything happened, and, besides, the premise of the contest was pretty suspicious to begin with: 
http://www.theregister.co.uk/content/55/31591.html
http://washingtontimes.com/business/20030706-104805-7900r.htm
http://money.cnn.com/2003/07/06/technology/hacking_contest.reut/

-Declan

---

http://www.attrition.org/

  Reading the news of late is like witnessing all security issues being
   reduced to a "Rocking Chair" modality. Everyone's put a helluva lot of
   energy and effort into this mess, but we are still going nowhere fast!

   Talking Points for the Media (drafted by several well-known and
   published security professionals)

                               July 3rd, 2003

     * Web attacks occur at all hours of the day and night. If it's
       convienient to attack, a scriptkiddy will...and they won't
       announce it. We should be more concerned with the serious
       attackers who do not broadcast their intentions.
     * The "prize" is 500 megs of online storage space? I have a
       decade-old PC with more hard disk space than they're allegedly
       "awarding" in this contest. Hell, my MP3 player has more than 40
       times that amount of storage. Besides, any cracker with a modicum
       of "skill" could easily amass far more storage using systems
       they've breached.  Finally, who in their right mind would want to
       risk getting caught for that paltry reward?
     * Symantec (owner of SecurityFocus) has not issued an alert on this
       matter; that alone shows how seriously they view this "threat."
     * Massive attacks on the Internet are like conspiracy theories:
       those that are predicted don't occur and those that occur were
       never predicted.  To illustrate:  in the immediate wake of
       9/11/2001, NIPC held a much-publicized forum about looming threats
       to the Internet. None of that grandstanding did ANYTHING to
       predict or blunt the impact of Nimda which occurred a mere six
       days later.  The same is true for the massive Distributed Denial
       of Service (DDoS) that struck 6 of the 13 root servers a few
       months ago.
     * Should we be concerned about our system security this weekend?
       YES! But no more so than any other weekend or workday. There's no
       excuse for not having properly-configured, secured, and
       administered systems 24/7/365.  Scrambling to patch systems in
       advance of a "threat" like this is foolhardy and not the way to
       enact meaningful security.
     * The guidance issued in the New York Cybersecurity Alert mentioned
       above is a joke. The recommendations are not anything beyond "good
       security measures" that should be taken each and every day by
       competent system administrators.  The fact this organization
       released such generic guidance tells us that people still don't
       implement lasting IT Security...and if they did, such "threats" of
       web defacements wouldn't cause the mass hysteria it has over the
       past several days.

                          0WN3D BY ISS, B4BY!@#$%^
       GR33TZ TO: TR34CH3RY UNL1M1T3D, 1NF0W4RR10R, R3ZN0R::D0T::C0M,
              UN1XG33KZ, 4TTR1T10N, 4ND 0UR H0M13Z 4T N1PC!@#

                           [Okay, joke's over...]




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
-------------------------------------------------------------------------
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
Like Politech? Make a donation here: http://www.politechbot.com/donate/
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: