Government, industry warn of mass hacker attacks on July 6
By Ted Bridis
Date: July 03, 2003
The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated "contest" that could disrupt Internet traffic.
Organizers established a Web site, defacers-challenge.com, which was shut down early Wednesday evening. Before it was removed, the site listed in broken English the rules for hackers who might participate. It cautioned that "deface its crime" -- an apparent acknowledgment that vandalizing Internet pages is illegal.
"The FBI is taking this very seriously," FBI spokesman Bill Murray said. "Hacking is a crime and those who participate in this activity will be investigated and brought to justice."
The Department of Homeland Security said Wednesday it was aware of the hackers' plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned U.S. agencies and instructed experts to tighten security at federal Web sites.
"Frankly, hacker challenges occur frequently, and we don't think they all rise to the level of a warning," Homeland Security spokesman David Wray said.
Affinity Internet Inc. of Fort Lauderdale, Fla., which operated through a subsidiary the computer servers where the hacker Web site was located, shut down the site for violating a service agreement, Affinity spokeswoman Laura Weir said. The company declined to identify the Affinity customer who set up the Internet site, citing privacy restrictions. Records show the Web address was registered June 21.
Murray said the FBI was trying to identify who set up the Web site.
Home Internet users, who typically do not operate Web sites, probably would not be affected directly, said Oliver Friedrichs, the senior manager for security response at Symantec Corp.
An early-warning network for the technology industry, operating with Homeland Security, notified companies that it received "credible information" about the planned attacks and already has detected surveillance probes by hackers looking for weaknesses in corporate and government networks.
"We emphasize that all Web site administrators should ensure that their sites are not vulnerable," wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.
Friedrichs, though, said Symantec's global monitoring network wasn't detecting unusual probes.
"We really haven't seen any of that activity," he said. "We're certainly going to keep watching and looking."
Separately, the New York Office of Cyber-Security and Critical Infrastructure Coordination warned Internet providers and other organizations that the goal of the hackers was to vandalize 6,000 Web sites in six hours.
New York officials urged companies to change default computer passwords, begin monitoring Web site activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft Corp.
Chris Rouland, director of the X-force security team at ISS, said researchers monitoring underground chat rooms and other Internet activity detected a drop in the numbers of vandalized Web sites recently and an increase in the types of surveillance scans that typically precede computer break-ins.
"It's kind of a sandbagging period," said Rouland, who predicted that hackers were quietly breaking into computers and waiting to vandalize them on Sunday.
The purported "prize" for participating hackers was 500-megabytes of online storage space, which made little sense to computer experts. They said hackers capable of breaking into thousands of computers could easily steal that amount of storage on corporate networks.
Original article: http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/07/02/financial1239EDT0109.DTL&type=tech
^macro[showdigestcomments;^uri;Government, industry warn of mass hacker attacks on July 6]