Feeds

Mass hack takes out govt sites

IIS flaws used to bring down sites on three continents

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

A hacking spree last weekend saw military and government Web sites defaced on three continents in what its perpetrators claimed was the largest mass defacement in the history of mankind.

The graffiti artists, known as Pentaguard, took out government Web sites in the United Kingdom, Australia, and the United States and defaced them with the same message. This consisted a profane rant full of hacker in-jokes, bragging and references to beers, sexual desire for female hackers and Ferraris (a copy of which can be seen here.

Staff at Attrition.org, a Web site which tracks defacements, said it was highly unusual for hackers to deface a large number of sites in different nations in different time zones all at the same time. Attrition.org backed up the claims of hackers about the scale of the attack and said it was one of "the largest, most systematic defacements of worldwide government servers on the Web" it had ever seen.

Paul Rogers, a security consultant at MIS Corporate Defence, said that the attack was well planned. He said it was likely a number of people were involved and that the attacks were automated and carried out against sites whose security was found to be lax.

"All the UK sites were running NT and Microsoft IIS [web server] and were hosted by ISPs - which raises the question of who's responsible for the security of hosted sites," said Rogers, who said that all the other sites were running similar configurations using IIS4.

"It's not difficult to retrieve list of government servers and look for weaknesses with them using automated scanners," he added.

US sites targeted included the Republican Caucus for the California Legislature, whose Web site has recently been shutdown because of the Californian power crisis. The Alaskan Office for the Department of Interior Web site was also hit, which points towards an overt political motive for the defacements. This is because Bush nominee Gale Norton, who favours oil prospecting in the Arctic National Wildlife Refuge, is set to be confirmed as the US Secretary of the Interior.

The British defacements consisted of a series of small municipalities as well as city and county governments - including a Web site set up by the UK Government to spread information on mad cow disease.

Australian targets were mostly local authorities with the exception of one attack, which took down a legislative search application for the entire Commonwealth of Australia.

Pentaguard is well known in security circles and even prior to this attack was the largest defacer of government and military Web sites, previous targets included Nasa and government Web sites in China, Kuwait, Georgia, and even Vietnam. A sampler of Pentaguard's work can be seen here. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.