Hackers deface EC Web site in 2nd incident

From...

By Joris Evers

AMSTERDAM, The Netherlands (IDG) -- Dutch hackers on Tuesday defaced the Safer Internet Exchange, a Web site sponsored by the European Commission that promotes a safer Internet. Security at the site had been increased last week after other hackers raised a red flag about possible vulnerabilities.

The cybervandals left a message taunting the server administrators and law enforcement and inserted two hyperlinks, one to a Web site for Hackers at Large 2001, an event to be held in the Netherlands in August, and one to a database elsewhere on SaferInternet.org. The database, which can be downloaded by following the link, contains about 475 e-mail addresses of people who subscribe to the SaferInternet.org mailing list, according to a security expert who examined the database and requested anonymity.

IDG.net INFOCENTER Computerworld main page Computerworld's topic-oriented communities Computerworld's IT career center Free daily newsletters Related IDG.net Stories European 'safer Internet' site hit by hackers Europe eyes antihacking law, other security measures California hack points to possible IT surveillance threat Features Cool gifts for cool nerds Mastering e-commerce by degrees Fast-track training puts nontechies in IT jobs Visit an IDG site Choose a site: IDG.net CIO Computerworld Darwin Dummies.com GamePro.com The Industry Standard ITWorld.com InfoWorld.com JavaWorld LinuxWorld Macworld Online Network World Fusion PC World Publish.com UnixInsider

Since the defacement, names of some subscribers to the list have been posted on Security Database, a Dutch online security discussion forum.

The hack is an embarrassment to the commission and its contractor, Ecotec Research and Consulting Ltd. in Birmingham, England. Hackers last week identified two holes in the site's security, which were acknowledged by Ecotec and quickly patched (see "European 'safer Internet' site hit by hackers," link below). The holes were linked to known vulnerabilities in Microsoft Corp.'s Internet Information Server software, which is widely used to serve Web sites.

The Web site was restored at approximately 9 a.m. local time in Brussels but was down at 10:30 a.m. EDT time. Tara Morris, project manager for the SaferInternet.org Web site and a consultant at Ecotec, said the site might be taken down to get appropriate security in place. "We have been reviewing security and have been trying to implement better security this week, but the hackers are quicker than us," Morris said.

Ecotec is considering its next move, since it has been hit twice in less than a week, Morris said. The company might report the hacking incident to law enforcement authorities. "It is an option. This is obviously very serious," he said.

Morris said the hackers replaced the site's front page but didn't do any other damage. The database with e-mail addresses is a mystery, Morris said, because he hasn't seen it before and thinks the hackers could have created it from data elsewhere on the site.

SaferInternet.org was launched last month by the Brussels-based European Commission, which functions as the executive body of the 15-member European Union. The Web site is part of a broad campaign to make the Internet safer for European citizens and businesses and is specifically aimed at helping to eradicate Internet content that's illegal or considered harmful.

Last week, the commission said it was drafting an antihacking law as part of a series of proposals intended to increase the level of information security in Europe (see "Europe eyes antihacking law, other security measures," link below).