An interesting article from when this type of defacement activity made the news almost every week. They became so commonplace, even attrition.org couldn’t stand to keep up with the activity.
Hackers vandalize 26 government sites
Source – United Press International
A hacker group calling itself Pentaguard left its mark this past weekend on 26 government Web pages in three different countries. The simultaneous, coordinated attack replaced the content on those sites with a rambling message that included disparaging remarks about computer security on government sites, as well as jocular demands to make those sites more useful and fun.
The group’s message urged government Web administrators to “[m]ake a few free porn sites,” and asked, “why can’t I order beer from .gov sites? or whisky? These sites really suck…”
The volunteer-driven Web watchdog group Attrition.org first detected and reported the attack. The non-profit group said that the attack was remarkable in so far as it simultaneously targeted official sites in three nations – the U.S., U.K. and Australia. “[T]his was not a mass defacement of a series of government Web sites within an agency or even within a country,” the watchdog group wrote on its Web site. Rather, the vandals struck three different nations “in different time zones all at the same time, with all sites remaining defaced for a period longer than 15 minutes.”
The targets of the attack varied. In the United States, for instance, Pentaguard defaced the home page of the Republican Caucus for the California Legislature, as well as the Alaskan Office for the Department of Interior Web site. In the United Kingdom the group took down a government Web site dedicated to disseminating information on Bovine Spongiform Encephalopathy, or “Mad Cow Disease.”
Australian targets included a government search application that makes available legislative documents, similar to the Thomas archive operated by the U.S. Library of Congress.
The motivation for the attack is unclear. “Some defacers do it for the power trip, some for a practical joke,” said an Attrition.org spokesman. Given that Pentaguard has been defacing Web sites for at least the past two years, he added, “I think it very likely they will continue.”
Security experts say the success of the attack was most likely due to poor preventive maintenance on the target Web sites. “In most of these cases there is a known vulnerability that exists in the system software, and the administrators of these sites simply have not implemented the patch to solve that vulnerability,” said Matt Devost, director of operations at Security Design International, Inc., an Annandale, Va. security consulting firm serving government and private industry clients.
Under such circumstances, he suggested, future attacks could easily be forestalled. “It is just an issue of being diligent and following industry best practices to make sure you update and maintain your systems accordingly,” he said.
Attrition.org credits Pentaguard with 48 other defacement attacks. The group’s strikes have all targeted systems running Microsoft’s Window NT operating system.
The coordinated timing of this attack is somewhat unusual, according to Devost. “There are groups defacing Web sites every night. What this shows is that this particular group had some patience,” he said. The vandals probably could have hit these sites individually, “but instead they waited in order to do it simultaneously.”
That kind of hacker grandstanding does not come as much of a surprise to Devost, who noted that the motivation behind these attacks is such that it might drive the hackers to ever more daring stunts.
“A lot of it is just ego,” he said. “They like to see their name in the lights.”