Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hacker modifies NPA-operated site

From: William Knowles <wk () C4I ORG>
Date: Mon, 11 Dec 2000 14:08:44 -0600
http://www.yomiuri.co.jp/newse/20001212wo23.htm

Yomiuri Shimbun

The National Public Safety Commission's Web site, run by the National
Police Agency, fell victim last week to a hacking attack, the agency
said.

The hacker replaced parts of the site with images of women--some
scantily clad, according to agency officials.

The agency has been updating its software and a system designed to
prevent unlawful access to government sites following a series of
intrusions into ministry and agency Web sites in February.

At about 10:45 p.m. on Friday, an agency official noticed the
alterations to the site, the agency said.

Part of the site outlining the commission's activities had been
replaced with an unclear image of a woman's face. A link on the page
was replaced with an image of the lower half of a woman in her
underwear. Also, a link on the site had been modified to redirect
viewers to yet another image of a woman.

The agency immediately closed down the site's server. However, at
about 1:30 a.m. the following day, the site suddenly returned to
normal. The agency said there was no longer any changes to the Web
site's content, neither could it trace any record of illegal access to
its computer network.

Although how the deed was perpetrated remains a mystery, it is
believed that a bogus "commission" Web site was set up to which
visitors were redirected when they tried to access the real Web site
run by the agency's service provider.

The police agency's Web site is run on a different server and no
irregularities were reported.

Following illegal access to ministry and agency Web sites in February,
the National Police Agency installed a firewall system, designed to
prevent intrusions, on computers serving its own sites.

According to the agency, it had found no trace that the firewall had
been penetrated in Friday's attack. Thus, the agency said it would
further investigate the case in cooperation with its service provider.



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: