Advertisement
  1. Archive

Hacker "challenge' hopes to deface 6,000 Web sites

Computer hackers plan to deface thousands of Web sites worldwide Sunday as part of a nefarious game being coordinated over the Internet.

The anonymous organizers of the "Defacers Challenge" claim on a Web site that the goal will be to deface 6,000 Web sites in six hours. Winners will purportedly get prizes such as Web hosting space and Internet domain names.

Web site defacement usually is more of a nuisance than a financial or operational problem for organizations that are attacked, security experts said Wednesday. Home Internet users shouldn't be affected.

Most big companies and organizations that already use Internet firewall software and take other standard precautions with their Web servers shouldn't have much to worry about, the experts said.

And because the supposed contest is limited to Web site defacement, there shouldn't be widespread Web slowdowns and other Internet problems that come with more egregious hacking attacks involving viruses and worms.

"This does seem a little more ambitious, but these sorts of things happen all the time," said David Wray, spokesman for the Department of Homeland Security's cybersecurity division. The department warned an organization of government computer managers to be vigilant with Web security, but issued no formal warnings to the public.

Some private security companies, however, urged clients to take precautions such as adding firewalls and security software, backing up files and limiting access to their Web servers to prevent hacking.

"The problem is now, and you shouldn't wait until Sunday to address it," said Pete Allor of Internet Security Systems Inc., an Atlanta company that runs a cyber-threat detection database and service that's widely known among computer professionals and government agencies.

Allor said his company has seen a substantial increase in Web scanning across the Internet in recent days, which would indicate that hackers are looking for new holes into organizations' Web servers.

Also, he said, there has been a general decrease in Web site defacements recently, which could indicate hackers are waiting for the contest to begin. He said his company also has had contact with hackers who are interested in the contest.

"We looked at this with a little jaundiced eye at first, but what we've found since then is that there's enough information to make this appear credible," Allor said.

Other computer security experts, however, accused Internet Security Systems and others of causing undue hype about the contest.

"Nobody at all was talking about this until ISS started," said David Kennedy, director of research services for TruSecure Corp., a security firm based near Dayton, Ohio.

Kennedy said that by publicly discussing the hacker contest, ISS _ along with the media and the Department of Homeland Security _ could drive interest in it and make a widespread hacking attack a "self-fulfilling prophecy."

"This was a sleeping dog that would've died a peaceful death if it had been allowed," Kennedy said. "The people responsible for waking this dog up should be ashamed."

But "the FBI is taking this very seriously," FBI spokesman Bill Murray said. "Hacking is a crime and those who participate in this activity will be investigated and brought to justice."

Affinity Internet Inc. of Fort Lauderdale, whose subsidiary operates the computer servers on which the hackers had established a Web site, shut down the site for violating a service agreement, Affinity spokeswoman Laura Weir said. The company declined to identify the Affinity customer who set up the Internet site, citing privacy restrictions. Records show the Web address was registered June 21.

Murray said the FBI was trying to identify who set up the Web site.

E-mails to the supposed organizers of the contest were not returned Wednesday.

On their Web site, organizers detail in broken English how contestants will earn points (for example, defacing sites designed with Windows-based systems earn 1 point; sites designed with Macintosh systems earn 5 points) and other information.

"My hope is this being first of many defacers-challenge!" the site claims.

Tracking the origination of the Web site is tough, but Allor of Internet Security Systems said he believes the contest's organizers are in either Asia or South America.

_ Information from the Associated Press was used in this story.

YOU MIGHT ALSO LIKE

Advertisement
Advertisement