RealTime IT News

Navy Brass Latest Hacking Victim

Two weeks ago, the hacker known as the Deceptive Duo broke into the Web server of one of the U.S. Navy's databases, publishing materials never meant to see the light of day. Last Friday, a Navy server database housing e-mail addresses and phone numbers of top Navy and White house brass was breached using the same vulnerability and posted on a Web site.

A roster containing the classified and unclassified e-mail addresses -- as well as contact phone numbers of Navy admirals, vice admirals and even the attending physician to Congress were published on one of the defaced pages of a Navy supporting Web site.

Pentagon officials were unavailable for comment.

Like previous defacements and database cracks, the hackers used the now-popular "default password" vulnerability in Microsoft SQL servers. IIS comes with a default password, with the warning to change the password upon installation. As many administrators are finding out after the fact, the password hasn't been changed on all their Web servers.

The hackers left a message for Pentagon network administrators, telling them many of their Web servers are still vulnerable.

"A portion of the U.S. Pentagon is extremely vulnerable. Please contact us by e-mail so that we can inform you of the other networks that remain susceptible to attack. Classified documents have been acquired. This webserver is only ONE of the multiple computers compromised throughout Task 14.

The Deceptive Duo has come under attack from security analysts, network administrators and many others in recent weeks for their self-described mission to make the public aware of the government's Internet vulnerabilities.

First coming to light for accessing and defacing the U.S. Space and Naval Warfare Systems Command home page and the database of Milwaukee-based Midwest Express airlines April 22, the Deceptive Duo has been on a romp through military, banking and government Web servers throughout the U.S.

Responding to their many critics, Deceptive Duo told Internetnews.com the attacks aren't meant to make a name for themselves, nor to sell their own brand of security services. According to the hackers, by focusing on them and not the networks hacked, they are overlooking the more serious problem of America's insecure networks.

"It is obvious that the military is aware of our recent actions and yet we are still uncovering vulnerabilities left and right," they said. "The extent of insecurity that lies upon the U.S. government is truly scary."

They also point out the vulnerability they employ is only one of many possible ways to enter a network illegally.

According to Richard Mogull, research director at analysis firm Gartner, security flaws with known fixes or preventable counter-measures will cause 90 percent of cyberattacks through 2005.

Incidentally, the same day the report was published, the Deceptive Duo hacked into and defaced one of Gartner's Australian Web sites.