View Full Version : got a website? It could be hacked tomorrow...
07-05-2003, 06:41 PM
I have my doubts, but it's interesting anyway.
News article: http://www.eweek.com/article2/0,3959,1174366,00.asp
Their homepage: http://www.defacers-challenge.com/
07-06-2003, 08:04 AM
Our site here seems to be okay. Wise.
07-06-2003, 09:47 AM
Here is the Federal circular http://www.infowarrior.org/rforno/fedcirc-070103.txt concerning the contest.
It is interesting that the web site that is supposed to announce the results of the defacing has come under denial of service attack and cannot be accessed. The practice of "defacing" differs from hacking, an internet form of graffiti. They do it for the publicity. "High profile defacements" get the most attention. For example, the White House or Microsoft web pages get the most attention.
Hacking contest affects UAE Internet
By Anupama V. Chand
7 July 2003
ABU DHABI - Internet users in the UAE had a fairly rough time accessing the Web due to the International Hacking Competition yesterday, although no undue damage was reported by companies, thanks to the stringent precautionary checks put in place by the country's ISP, Emirates Internet and Multimedia (EIM), a subsidiary of Etisalat.
Many Internet users in the capital reported difficulties and slowing down of their systems yesterday during the six-hour long hacking competition.
According to Syed Faheem Jafar, System Engineer and Customer Support Services official at a multinational computer manufacturer, the company experienced a slowing down of its Intranet facilities, and also found logging on to the Internet difficult.
Abdulla Hashim, Acting General Manager of EIM, told Khaleej Times: "In line with the recently issued alert from The Information Technology - Information Sharing and Analysis Center (IT-ISAC), pertaining to the global 'Defacers Challenge', EIM/ Etisalat has taken every measure to ensure the UAE's Internet community has been made aware of the potential threat as well as providing a list of actions organisations should take to reduce the risk of attack."
He pointed out that internally EIM/Etisalat has taken all necessary steps to further step up its security, raising the frequency and intensifying its normal internal security vulnerability testing procedures.
He noted that in line with these efforts, the company had devised an action plan, which would be implemented in the event of an attack.
Mr Hashim added that as part of its community support endeavour, EIM had also posted a warning on its web site to caution the UAE's Internet community. EIM said in its message that the IT-ISAC, which monitored the Web for possible threats had announced that hackers were planning a so-called 'Web site defacement challenge', the goal of which was for participants to deface as many sites as possible within a six-hour time limit.
EIM had also cautioned individuals and corporations hosting their own web site on the contest and urged them to ensure that their Web servers were secured.
He suggested that companies should take extra vigilance and make sure they updated all critical Internet facing servers with the latest patches and server software to avoid previously identified vulnerabilities.
He urged them to change and/or disable default and/ or vendor-set passwords, and closely monitor web site activities. For companies hosting their web sites with EIM, he advised them to change their FTP passwords regularly, and make sure it is different from their user ID or domain name.
All those facing problems were also urged to contact EIM's Operation Support Team on Tel: 04-2217570.
Globetechnology.com, an Internet web site dedicated to technology updates, reported that the main purpose of the six-hour global challenge was to determine "who is the best one of all."
The challenger's web site, www.defacers-challenge.com, (http://www.defacers-challenge.com,) set up by someone calling themself Eleonora , said so many people had signed up for the contest that they had given up registering contestants via e-mail. Access to this web site, however, was blocked in the UAE by EIM.
Globetechnology.com sources noted that although organisers planned to keep the competition under wraps, it had become the subject of international media attention. Although hacking competitions are not unusual, this one prompted warnings in New Zealand, Hong Kong and throughout Europe.
The aim of the competition was to hack 6,000 sites in the six-hour period, which commenced approximately at 10am UAE time (2am EDT).
07-09-2003, 06:58 AM
sites that were hacked:
Sunday Hack Attack Not So Bad Reuters
Story location: http://www.wired.com/news/technology/0,1282,59538,00.html
09:16 AM Jul. 06, 2003 PT
LONDON -- Computer hackers vying in a global contest on Sunday defaced a slew of websites, but the damage was confined to the Internet's backwater of small, unsecured sites, security officials said.
The "Defacer's Challenge" got off to a quick start on Sunday with 300 attacks reported minutes after the 2 a.m. EDT official start, said Roberto Preatoni, founder of Estonia-based Zone-H.org, a site that tracks hack attacks.
"There were no big names," he said. But he added his own site, www.zone-h.org, (http://www.zone-h.org,) was knocked offline for much of the day because of a high volume of legitimate visitors and apparent attempts by hackers to bog down his computer servers.
According to the contest website (www.defacers-challenge.com), (http://www.defacers-challenge.com),) which was taken offline last week, hackers were urged to prove their skills by defacing as many websites as possible during a six-hour span on Sunday.
Points were awarded for the number and type of computer servers they infiltrated, the rules stated.
Concern grew among cyber security organizations last week that the competition would cripple countless websites, but by Sunday afternoon as the event was drawing to a close there was no sign of damage among the Web's most popular sites.
The Web's largest websites, including Amazon.com and Yahoo.com, were functioning as normal on Sunday.
"It seems to be a damp squib," said Graham Cluley, spokesman for UK-based security firm Sophos.
Via.Networks, a U.S.-Dutch Internet service provider and website-hosting firm that manages websites for over 50,000 clients in America and Western Europe, also reported no incidences.
"None of our customers have called to report any problems. It's all quiet on the Western Front," said Joanne Hughes, a spokeswoman for Via Networks.
Hacking activities have been on the rise for years as the expertise behind compromising a website's vulnerable computer server is freely passed around the Internet in chat areas and is posted on websites dedicated to the activity.
Hack attacks range from outright defacement to flooding a server with data requests, knocking a site offline. In the former case, hackers replace the contents of a Web page with their own message, often a political rant written in the signature style of broken English.
With hackers sending out challenges regularly, security officials expressed bewilderment that this contest received so much press attention, fearing it would only encourage more elaborate events in the future.
But Via.Network's Hughes saw something of a silver lining in the fact she and her team were on the ready this weekend for a possible showdown with hackers. "If it makes people more aware about security then that's a good thing," she said.
Note: Ads will not appear when the page is printed
Wired News: Staff | Contact Us | Advertising
We are translated daily into Spanish, Portuguese, and Japanese
© Copyright 2003, Lycos, Inc. All Rights Reserved.
Note: You are reading this message either because you can not see our css files (served from Akamai for performance reasons), or because you do not have a standards-compliant browser. Read our design notes for details.