Navy Brass Latest Hacking Victim

Two
weeks ago
, the hacker known as the Deceptive Duo broke into the Web
server of one of the U.S. Navy’s databases, publishing materials never
meant to see the light of day. Last Friday, a Navy server database housing e-mail addresses and phone numbers of top Navy
and White house brass was breached using the same vulnerability and posted
on a Web site.

A roster containing the classified and unclassified e-mail addresses — as
well as contact phone numbers of Navy admirals, vice admirals and even the
attending physician to Congress were published on one of the defaced pages
of a Navy supporting Web site.

Pentagon officials were unavailable for comment.

Like previous defacements and database cracks, the hackers used the
now-popular “default password” vulnerability in Microsoft SQL servers. IIS
comes with a default password, with the warning to change the password upon
installation. As many administrators are finding out after the fact, the
password hasn’t been changed on all their Web servers.

The hackers left a message for Pentagon network administrators, telling
them many of their Web servers are still vulnerable.

“A portion of the U.S. Pentagon is extremely vulnerable. Please contact
us by e-mail so that we can inform you of the other networks that remain
susceptible to attack. Classified documents have been acquired. This
webserver is only ONE of the multiple computers compromised throughout Task
14.

The Deceptive Duo has come under attack from security analysts, network
administrators and many others in recent weeks for their self-described
mission to make the public aware of the government’s Internet vulnerabilities.

First coming to light for accessing and defacing the U.S. Space and Naval
Warfare Systems Command home page and the database of Milwaukee-based
Midwest Express airlines April 22, the Deceptive Duo has been on a romp
through military, banking and government Web servers throughout
the U.S.

Responding to their many critics, Deceptive Duo told Internetnews.com the
attacks aren’t meant to make a name for themselves, nor to sell their own
brand of security services. According to the hackers, by focusing on them
and not the networks hacked, they are overlooking the more serious problem
of America’s insecure networks.

“It is obvious that the military is aware of our recent actions and yet we
are still uncovering vulnerabilities left and right,” they said. “The
extent of insecurity that lies upon the U.S. government is truly scary.”

They also point out the vulnerability they employ is only one of many
possible ways to enter a network illegally.

According to Richard Mogull, research director at analysis firm Gartner,
security flaws with known fixes or preventable counter-measures will cause
90 percent of cyberattacks through 2005.

Incidentally, the same day the report was published, the
Deceptive Duo hacked into and defaced one of Gartner’s Australian Web sites.

News Around the Web