-Caveat Lector- http://year2000.dallasnews.com/1229millen3cyber.htm Attack on computer systems feared New year provides opportunity, say officials and some hackers 12/29/99 By Allen Pusey / The Dallas Morning News While Y2K-wary Americans ring in the new year with champagne and flashlights, computer hackers are set to celebrate with what security experts fear will be an unprecedented assault on computer systems around the globe. The potential assault, as described by hackers and federal law enforcement officials, is likely to include cybermischief as elemental as Web site defacement or the planting of prank programs. But far more destructive actions may take place as well. Security experts and hackers say those bent on crippling computer systems have the tools to copy sensitive data or to destroy sophisticated programs and essential information. The attacks, if they occur, aren't expected to affect consumers and their personal computers so much as businesses and their computer networks. Still, average Americans could feel the effects if, say, their banks or Internet service providers were targeted. Even hackers are wary of the expected onslaught. "I don't think there is any doubt on anyone's mind that New Year's Eve/Day is going to be a mesh of [computer system] chaos," said a hacker known as "rain.forest.puppy" in an e-mail interview with The Dallas Morning News. The well-known hacker said corporate managers' failure to understand how vulnerable most computer networks are has made potential disruption "a self-fulfilled prophecy." "What better time to creep into a network than amidst all the bustle? And the fact that January 1 is a worldwide 'landmark in time' gives people a common motivation - to ring in the new year," the hacker said. According to a variety of sources, the prospect of widespread hacking is made possible by the convergence of two relatively new developments: the ready availability of easy-to-use hacking tools and the increased organization of computer intrusion. The new tools, capable of penetrating even highly secure networks, are spawning a new generation of "push-button kiddies," hackers capable of doing serious damage without highly refined programming skills. Hackers such as rain.forest.puppy, who have invested years of effort and knowledge to decipher arcane programming language, are finding their complicated and innovative work reduced to "point-and-click" kits. Users need only download the kits, as they would a computer game, then choose the targets they wish to invade. Moreover, recent monitoring of computer chat rooms frequented by young hackers suggests that political organizations hoping to capitalize on Y2K anxieties have been distributing the point-and-click kits and recommending targets in an attempt to create the semblance of an organized worldwide assault. "This is the equivalent of handing out cyber-submachine guns to young kids and telling them to take out their aggressions," said Russell Fish, a Dallas-based computer security specialist. "This is like using a 14-year-old as a bag man in a drug deal. They don't know what they're doing, and the adults guiding them don't care." 'Scary' tools Mr. Fish said he has been examining tools that are available over the Internet. "These things are scary. Even without special knowledge, a very average hacker can target a sophisticated network and walk right through," he said. Chris Klaus, CEO of Internet Security Systems Inc., agrees. A number of recently published intrusion techniques make even large-scale, sophisticated networks - such as those employed by government agencies, banks and large media companies - vulnerable, he said. And the growing organization of hacking is something to be reckoned with, he said. "Traditionally, hackers have been fiercely individual. But they are beginning to polymorph into fully blown organizations," he said. "Some explore for the sake of exploring. But some are joining in for criminal purposes or political reasons. It's the evolution of hacking." Last month, a hacker defaced several Web sites operated by Texas state agencies. His exploits were displayed for verification on a hacker Web site, www.attrition.org. Security specialists familiar with this hacker's vandalism said it was accomplished with surprisingly little expertise, using some of the widely available hacking tools. Unrefined or not, the hacker was able to penetrate and deface not only Texas government Web sites but also some associated with the Defense Contract Audit Agency, Honda of Korea, the National Aeronautics and Space Administration and an early-warning system operated by the North Atlantic Treaty Organization. Hard to predict Because of the wide variety of tools available to hackers, experts say, there is no way to predict the precise nature of a Y2K hacking threat. Many e-mail-borne viruses are well-known to systems administrators. But widespread system vulnerabilities, particularly those discovered in such widely used programs as BackOffice 2000 and Windows NT, have not been addressed properly by many users, even where program patches are available. "Now throw into the mix all the 'push-button kiddies' that can download the latest and greatest . . ." said the hacker known as rain.forest.puppy. "With very little resource, including intelligence, they can find exposed systems and compromise them." Ironically, many of the hacking tools are available on Web sites maintained by Internet security firms. Packet Storm packetstorm.securify.com for instance, is operated by Kroll-O'Gara Inc., a long-standing security firm with operations worldwide. The belief, one shared by many hackers, is that publishing security breaches helps create a more secure system. Once hackers get past computer system security arrangements -"fire.walls" - they can install programs that allow them to manipulate or reprogram system files. Some programs allow hackers to designate themselves as "system administrators" capable of reading and manipulating many of a system's most sensitive files. "Since there are less people around during the holidays, there are fewer people who might detect the intrusion," said Mr. Klaus. "And because of holiday vacations, there are also more hackers hacking." Mr. Klaus said he did not expect the threat to end Sunday. "Hackers aren't going to hack a couple of sites and say, 'Hey, that was fun,' then walk away." Vulnerability One Dallas-based hacker, whose hacking handle is REB, demonstrated the efficiency of these programs. Using "macros," or previously programmed files, he was able to breach a highly secure system within five minutes, then run a program that helped identify hundreds of unsecured machines. "Yes, it's easy," said Jason Ott.well, a Dallas-based computer security consultant, when showed a computer log of the hacking. "I don't think that most [computer system] administrators appreciate the fact that this 'insta-hacking' can be done with such ease." Hacker tools are not only more widely accessible, according to security experts; they are also becoming more potent. Mr. Klaus' firm, for instance, recently warned its clients of "Tribe Flood Network," a technique that can jam Internet connections with billions of repetitions of remotely controlled computer traffic signals known as "pings." A ping is a coded electronic signal, like the ringing of a telephone, bounced by one remote computer off another to see whether the second computer is capable of answering. Through the use of well-known computer-intrusion devices, vulnerable computers can be set to ping a single target over and over, Mr. Klaus said. "It's a familiar technique that, when directed at a modem, can shut down access," he said. "What is new is the ability to set up hundreds, even a thousand of these remote signals set to ping flood against the same client server, filling up the pipe" and jamming even high-traffic Internet connections. Though they are predicting widespread intrusions, neither hackers nor security experts are predicting widespread damage to computer systems. Generally, they say, young hackers, particularly the "push-button kiddies," are more interested in establishing access than in wrecking data. Comprehension "Kids don't care about your data," said the hacker rain.forest.puppy. "Most likely they'll deface your Web site, maybe use your system as a jumping-off point to other systems." Only in unusual cases, he said, are they likely to destroy or misuse data. "Many kids' comprehension is beyond corporate espionage," he said. " 'Precious data' is not a part of the kids' game. You think the kids realize they're sitting on a . . . database of 30,000 credit-card numbers?" Mr. Ott.well agrees. He thinks political or personal messages will be posted on most hacked sites and that little other damage will be done. The most serious hacking may occur in ways and places not yet imagined, he said. "There is talk about government and military Web sites. There's also banking and financial institutions and big media companies. A lot of these have apparently been mentioned. "But the ones I really fear [for] are the ones that are not being talked about." ©1999 The Dallas Morning News . DECLARATION & DISCLAIMER ========== CTRL is a discussion and informational exchange list. Proselyzting propagandic screeds are not allowed. Substance—not soapboxing! These are sordid matters and 'conspiracy theory', with its many half-truths, misdirections and outright frauds is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credeence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
