Web vandalism is becoming rampant thus highlighting the poor state of global IT Security.
Recently, the owner of a popular site says that his site has had over 400 separate attacks per day and to over 1000 per day during weekends. This is a worrying trend and IT Security Managers should make note of this, mainly because if crackers (also known as malicious hackers) get access to a web server, there is all the likelihood of them controlling the entire network.
It is also known that the pentagon has spent over 100 million dollars in a period of 6 months, just to counter web vandalism and cyber attacks on their multiple systems.
In the last few years, there has been the gradual rise of a new wave of hackers (otherwise known as crackers) who have been attracted to the underground movement and its politics, which are indications that more defacements and web server attacks would be forthcoming. Some of these “crackers” have very little or no knowledge of computer programming and are popularly known as neophytes or script kiddies or n00bs. Their objective is to cross viruses with vandalism and create a simple easy to use self duplicating website defacement tool.
They thrive on posting obscene and nude images on popular websites or sending their girlfriends notes through federal government website pages. In short, they want to get noticed and the easiest way to do it is through web vandalism. The more expert crackers have gone a step further by developing a virus type program to automatically spread defacements across the net. Hence, it is certain that we would be seeing more technologically advanced worms that could be devastating in terms of web vandalism the future.
However, the script kiddies are usually malicious teenagers with very little skill in programming whose sole objective is to disrupt net traffic. They do this by setting their customized worms on the loose thereby affecting a whole lot of web servers with their personal messages and spreading defacements. Some of the script kiddie messages go like this - "Hi, ma name is Yuri and I am from Russia. I have 10 years and i want ot bo a hacker, because i vey like it much and i need someone to tch me. Some of them could be politically oriented as they like to break into government sites and leave their calling card which could be a tirade against that government.
Recently a group calling themselves PHC broke into the Indian Government’s nuclear plant network site and supposedly stole plans for India’s atomic energy consumption rates for the next couple of years. They then claimed that they passed this information on to the Al Qaeda Alliance which it is believed has since been officially disbanded. The group consisted of a group of hackers, many of whom who were pro-Palestinian and pro-Al Qaeda.
Some time defacements could be a little more than web vandalism with hard messages or the crackers political agenda. Sometime in the past the RIAA, otherwise known as the Recording Industry Association of America was the attack of a high profile defacement, which also drew a lot of public attention.
The new tool in the script kiddie bag to hit Linux based servers recently is a variation of the Ramen worm. The worm tapped in to holes in the Red Hat Linux 6.2 and 7.0 operating systems and replaced website pages displaying a message stating hackers love noodles. This worm has gone ahead and hit a lot of sites, some of them which included websites run by the NASA and Texas A&M. According to global research firms, Red Hat is a free operating system and is widely recognized as the most popular variant of Linux and is used on 30 percent of the world’s public servers.
It is said that Ramen identifies the three known weaknesses in a server, which is in the printer software, file sharing package and the other in the FTP file server. Although Ramen comes forth as a piece of sophisticated software that clubs together several existing cracking tools, it is now freely available for any amateur vandal to change the graphics and the hackers love noodles text to his own message.
Generally, vandals who intend to deface sites, do not use their own machines, but instead use a zombie computer or try and locate vulnerable computers to do so. However, as the Ramen worm is self duplicating, and the infected machine searches for another machine to vandalize and then closes the hole once it does so. This makes the web vandals very difficult to trace, and enforcement agencies would have to depend on script kiddies who brag about their skills in chat rooms.
Although Ramen is known to affect only Linux systems, virus writers would love to distribute their ware in consumer windows systems as well. This would mean system security managers must keep their security systems up to date or they could face a similar problem that Yahoo and Facebook faced sometime last year, where the automatic tools where used for denial of service attacks.
Bottom line is that the IT Security Managers need to wake up on the threat of web vandalism and find out first hand how much of a problem, it really is.
No comments:
Post a Comment