Feeds

Internet security firm RSA's Web site hacked

We feel safer already

  • alert
  • submit to reddit

Bridging the IT gap between rising business demands and ageing tools

RSA Security has suffered the embarrassment of having its home page "defaced" by an intruder. The original defaced page can be found http://www.2600.com/hacked_pages/2000/02/www.rsa.com Now it get's complicated: there is a second defaced RSA home page, in which the company's site appears to be "owned" by the an intruder. This is a plain white page bearing a simple message. However, the IP address of RSA.com (205.181.76.22) and the IP address of the second "hacked" page (200.24.19.252) -- are not the same. The hacked page, a computer security firm employee writes, is on a "computer in the University of Antigua - (http://bachue.udea.edu.co). So what happened? One theory put forward by a very knowledgeable reader is that "the nameserver was hacked and the www.rsa.com IP forwarded to another hacked box which was used to host the defaced page. This box must have been hacked again, by someone else and a new page put up". The Register found the following text on the new defaced page (we've deleted part of the phone number for obvious reasons), "Wat up whats up to all my nigs ya know who ya are n #2600 and whats up all my #sesame nigs and call rigger if ya come here bc he is the gayest fuck ;) 718-815-**** all chans are on a irc server lol -tek pBK > * also irc.segments.org ;)" For those not fluent in h4x0r dialect, the gentleman or lady who hacked the RSA page wishes to offer warm salutations to all of his or her colleagues from the IRC channels #2600 and #sesame, and further invites all concerned to place nuisance phone calls to a gentleman or lady known as rigger ( a notorious hacker, apparently) , either as a friendly prank, or for malicious purposes. The overall tone suggests the former is intended. Additionally, we note that "nigs" should not be construed to express any racist sentiments, but is best understood as a term of fraternal affection along lines expressed by the familiar "homies". In the interests of investigative journalism we visited the #2600 and #sesame channels on irc.segments.org, following the message's reference to that network, but found ourselves alone with a bot which advised us, "Welcome to #2600 sit down and shuddup or fear a nice /kill or /kline." A subsequent visit to the same two channels on the more h4x0r-friendly efnet.org yielded the expected result, two rooms chock full of quiet, paranoid hackers and eager, chatty wannabes. No one volunteered any information which The Register felt was up to its impeccable standards of journalistic dependability, so we must refrain from passing along speculation proffered by anonymous strangers. The hack follows closely on the heels of RSA's boastful announcement last week that it was developing some new magic bullet to thwart DDoS attacks. The idea behind it is clever, we must allow: a cryptographic technique using so-called "client puzzles" which would accompany connection requests. "During an attack, legitimate clients would experience only a small degradation in connection time, while the attacking party would require vast computational resources to sustain an interruption of service. As a result, the subsequent burden of numerous requests placed back on the attacking party would severely limit its ability to continue the attack," RSA says. Of course the selection of RSA's home page for a graffiti attack could be a mere coincidence, or it could be a reply from the hacking underground meant to remind the company, and the rest of us by extension, that, all boasting aside, if you are connected to the Internet, you can be hacked, one way or another. A worthwhile reminder for all of us, we must add. ®

The Power of One Brief: Top reasons to choose HP BladeSystem

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.