ad info

 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE



(MORE HEADLINES)
*
 
CNN Websites
Networks image


’Crime Boy’s’ go on hack spree

Federal Computer Week

March 20, 2000
Web posted at: 1:54 p.m. EST (1854 GMT)

(IDG) -- A hacker group known as "Crime Boy’s" launched cyberattacks over the past two weeks against World Wide Web pages maintained by the Interior Department and the Army, and several times tried to hack into a NASA system.

The hackers, believed to work from Brazil, last week defaced the main Web pages maintained by the Bureau of Land Management’s National Training Center and the Army’s Reserve Officer Training Corps Command. The group also attempted a third series of attacks against NASA’s Jet Propulsion Laboratory, forcing the agency to block all Internet traffic from Brazil.

  MESSAGE BOARD
 

Reports also surfaced last week that the National Postal Mail Handlers Union site, which is accessible through the U.S. Postal Service’s intranet, had been attacked, but it was unclear who tried to carry out the attack.

The Crime Boy’s broke into the National Training Center site, which is part of the BLM, at 8 p.m. March 12, and replaced the agency’s Web page with a page protesting what the group called a "corrupt" Brazilian government.

The message they left was jumbled: "Hello, Crime Boys [sic] entered in your server for two reasons, for him to be badly configured, or better, very badly configured, and to protest against the Brazilian government, a corrupt government, that nothing does for Brazil to improve."

The hackers launched a second attack March 16, replacing the page a second time. "We went in to make some corrections, and they came in right on our heels," a BLM spokesman said.

Although the spokesman said the damage was limited to two Web pages, BLM officials said they are working with federal authorities on patches to "inherent vulnerabilities" in Microsoft Corp.’s Internet Information Server Version 4.0.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Federal Computer Week home page
  Free Subscriptions to Federal Computer Week
  IDG.net's personal news page
 
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  TechInformer
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletters
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Security officials at NASA’s JPL detected a "fairly substantial number of attacks" that originated in Brazil, said Frank O’Donnell, spokesman at the Pasadena, Calif.-based laboratory. The agency restricted almost the entire country of Brazil from viewing the agency’s Web sites and also installed security patches, O’Donnell said. JPL removed the block at noon EST on March 17.

Philip Loranger, chief of the Command and Control Protect Division at the Army’s Information Assurance Office, announced March 14 that the Crime Boy’s had threatened to take down the main Army home page. However, sources say that page was too difficult to crack because it is based on the Apple Computer Inc.’s Macintosh WebStar platform.

"The main [Army] site was switched to a server that was practically un- hackable," said Alex McCombie, co-founder of New World Media Inc. and one of more than 30 witnesses to the attack on the ROTC site.

A hacker known as "-artech" and who claims to have hacked into the Army’s deputy chief of staff for training Web page, said the Crime Boy’s are a new group that use unsophisticated attack methods, including exploiting vulnerabilities in Microsoft Corp.’s FrontPage and Active Perl. "If they do hack a site, it will just be a small FrontPage hack, which isn’t a problem to stop," the hacker said. Steven Aftergood, an intelligence specialist with the Federation of American Scientists, said although the attacks do not mean federal systems are helplessly vulnerable, "this suggests that even the most elementary of security protections were not in place."

As of late Friday, agencies had yet to file a report on the incidents, said Dave Jarrell, program manger for the Federal Computer Incident Response Capability. "I have noticed some unusual traffic patterns and have been wondering if something is going on, but I have not heard from any federal agencies," Jarrell said.



RELATED STORIES:
National Fraud Center: Internet is driving identity theft
March 20, 2000
Sites lose credit-card data to cracker
March 8, 2000
Meet the real victims of Internet fraud
March 2, 2000
Insufficient computer security threatens doing business online
February 23, 2000
FTC issues warning on fraudulent cyberauctions
February 16, 2000
How do e-retailers manage to stay one step in front of the scam artists?
November 22, 1999
Online cons to watch for
June 4, 1999
Web scam: How one ISP took the money and ran
April 28, 1999
Widespread panic about Net fraud ignores common sense
March 26, 1999

RELATED IDG.net STORIES:
Hackers break into Interior, Army Web sites
(FCW)
Mac servers withstand attack on Army site
(MacCentral)
Army on hacker alert
(FCW)
Cracker charged with gov't break-in
(Computerworld)
Cyberdefense alarms ring on Capitol Hill
(FCW)
'Coolio' charged with hacking police site
(The Industry Standard)
College student accused of cracking NASA, defense computers
(Computerworld)
Hackers hit the airwaves
(Computerworld)

RELATED SITES:
US Army

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 Search   

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.