Net survives mass-defacement contest
We're lucky to be alive
The Internet is still up and running thanks to the diligence of government agencies like FedCIRC and commercial fearmongers like mi2g (which will let you read the free FedCIRC advisory on their Web site for a mere £29.38), who warned us about a massive defacement contest scheduled for this weekend past.
Or thanks to the fact that the defacement hackathon was a hoax from the beginning, which it almost certainly was. But the interesting question is, whose hoax was it?
The first likely suspect is an outfit called Zone-H.org, which archives defaced pages since those RevCo lads at Attrition.org tired of the drudgery and moved on. Zone-H said they were pretty skeptical of the whole affair, and doubted anything would happen, but made reference to shutting down their site for safe keeping in a lengthy, irrational statement to the media.
"Shutting down Zone-H during the contest day (we were thinking by ourself about doing it) won't solve the problem as we forecast that all the possible targets have been already conquered and they will be attacked anyway. Putting a blindfold on Zone-H is also the way we would render a bad service to the ITsec community," the statement read in part.
Interestingly, a similar difficulty with the English language can be found in the original defacers-challenge Web site where the whole thing started. The similarity in linguistic style has led some to suspect a unified approach here.
Meanwhile, Zone-H was taken off the Net either by its nervous (or crafty) admins, or by malicious script kiddies for most of Sunday, so they were apparently unable to monitor the carnage that never materialized.
Of course the contest never made much sense in the first place, offering a top prize of 500MB of free Web hosting, an amount of storage I recall having been pleased with on a PC I bought in 1988. Also, claiming a prize like that is a a pretty good way of getting busted, and besides, any decent journeyman cracker should be able to 'arrange' a hundred times that much free hosting without breaking a sweat.
So there's that. And then there's more. A number of Web sites that reliably exhibit skepticism towards hacker stunts and the insatiable appetite for them among the mainstream press, the 'security community' and the national-security bureaucracy, mock-defaced their own home pages with a message of hope reading, "I panicked over the Defacement Challenge scare and all I got was this lousy defacement."
The idea was to ridicule the challenge as well as the journos and bureaucrats who bought into it. The altered homepages list examples of hacker FUD and alarmist sincerity among the press, security vendors and government bureaux.
The sites include Attrition.org, InfoWarrior.org. Kumite.com and Treachery.net, and the greeting was the same. In other words, it was well-coordinated, as if planned for some time.
And this leads one to wonder if the skeptic lobby didn't have a hand in the mass defacement hoax. Could it have been a tutorial in FUD propagation? Were the press and the bureaucrats being taught a lesson about their lack of skepticism? It would hardly tax the imagination to design some ridiculous kiddie project, wait for the media to inflate it, and then lower the boom with a smirk.
An interesting possibility, and well worth keeping in mind, but then Zone-H came back with another of its press releases, pretty much begging to be placed under suspicion.
"Nothing would have happened, if only the media didn't pay so much attention turning a non-case into something useful to fill the empty summer newspapers.
The hype turned so much high, that the same cracker panorama started to broke apart about participating to the challenge. Even worse, half of the defacers (crackers who deface web pages) decided to boycott the challenge, some of them in a passive way (not participating) while some other in an active way (generating a denial of service attack against Zone-H that is known to be a neutral cyber crime observatory, designated *against its will*, to be witness of this competition)."
Evidently there's a good deal more to this story, but we hope we've cleared things up for now. ®
Sponsored: Customer Identity and Access Management