News
News
3/4/2003
02:07 PM
Connect Directly
RSS
E-Mail
50%
50%

Internet Security Systems' Web Site Defaced

Hacker group splatters site with antiwar rhetoric.

Remember those Internet Security Systems Inc. television ads that featured hackers targeting unsuspecting corporate networks? On Monday, ISS became the target of attack from a group of hackers calling themselves "Unix Security Guards."

The hackers attacked the site where ISS runs its X-Force Internet Watch program, in which ISS provides free BlackIce personal firewall software to college students and hosts a medium for students to discuss information about BlackIce and how they can protect themselves from hacker attacks. ISS also offers free analysis of trends to the students about attacks against their systems.

The site, which is not ISS's homepage, is located at http://xfiw.iss.net/.

Apparently, the site wasn't secure. According to Zone-h.org, a site that tracks Internet attacks, the Unix Security Guards took advantage of the now well-known Microsoft WebDAV vulnerability to splatter anti-war rhetoric on the site. On March 17, ISS posted an alert about the WebDAV vulnerability, labeled the vulnerability "very serious," and said because the company had spotted a tool available on the Internet that made it easier for hackers to attack this vulnerability, "fixes or temporary workarounds should be applied immediately."

As of Tuesday morning the site was not available.

"ISS has confirmed that one Web page that was a part of a research project was modified on a noncritical server on an isolated network that provides free copies of BlackIce PC Protection to university students. No further attacks have occurred," ISS said in a statement Tuesday.

However, in a new twist, the security company later said the Web site, while being a legitimate site to exchange security information and download free copies of security software was also an ongoing experiment. "It was a honeypot," an ISS spokeswoman said. "We, as most security companies, have many honeypots for research purposes. It was bait to be hacked," she says.

Honeypots are common security tools in very large organizations and universities. They are placed on the Internet to attract and study hackers in a controlled environment where no critical information is in jeopardy.

ISS's X-Force security research group is well known and highly regarded in security circles. Its researchers have discovered flaws in many common applications. Most recently the group discovered a vulnerability in the popular Sendmail software which is estimated to handle more than 70% of the world's E-mail.

Not surprisingly, security companies and related organizations are popular targets for hackers. Late last month, one member of the hacker group known as Fluffi Bunni dug himself his own hole when he showed-up at the InfoSecurity 2003 conference in London, where British authorities arrested him for his potential involvement in a string of Web-site attacks, including some big names in security.

Fluffi Bunni kicked dirt on a few prominent names in information security when the group defaced the Web sites of security vendor SecurityFocus (now owned by Symantec Corp.), as well as the security training and education organization The SANS Institute and the security-awareness group Attrition.org

Fluffi Bunni, which uses a pink rabbit as its logo, caught the attention of law enforcement shortly after the Sept. 11 terrorist attacks when the group defaced thousands of Web sites with the ominous message: "Fluffi Bunni Goes Jihad."

The group also demanded $5 million in a brown paper bag and "Mr. Bin Laden" to be handed over "If you want to see the Internet again."

Also, last year, the federally funded CERT Coordination Center's Web site was knocked offline by a massive distributed denial of service attack.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July10, 2014
When selecting servers to support analytics, consider data center capacity, storage, and computational intensity.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.