SA sites hit by hacker

[InfoSec News <isn () c4i org>]

http://196.30.226.221/sections/internet/2002/0210210703.asp

BY STAFF WRITER
ITWEB
21 October 2002  

[Johannesburg, 21 October 2002] - A hacker is reported to have
targeted at least 20 South African Web sites last week, 14 of the
attacks occurring in a single day. This is according to Internet law
firm Buys Attorneys, which routinely tracks the behaviour of hackers.

Reinhardt Buys of Buys Attorneys says last week saw a sharp increase
in the number of hacker attacks on local Web sites. "During the past
week, a hacker who refers to himself only as 'r00t3rs' hacked into
more than 20 sites."

Buys says the hacker defaced 14 sites on 16 October, making it the
worst hacking attack in SA's history. He says the hacker appeared to
have focused on sites operating on Windows NT and bearing a .co.za
domain name. "The hacker defaced the sites simply by deleting pages
and replacing them with a blank page featuring his, or her, name. The
successful attacks occurred in the early hours of Tuesday morning.

"Since we started monitoring hackers that target South African sites
in 2000, we never saw one hacker deface so many local sites in one
day," says Buys.

The Web sites successfully hacked by this hacker were:  
www.mytimesheet.co.za, www.betaconsulting.co.za,
www.sunshinecompany.co.za, www.mobilcell.co.za, www.iciniso.co.za,
www.hbt.co.za, www.ggates.co.za, www.futurefin.co.za, www.fomi.co.za
and www.ek.co.za.

Three hackers defaced six other local Web sites last week. A hacker
called "ATH" defaced www.audiospectrum.co.za and www.voigtlab.co.za.  
"Suicide Pig" defaced Maserati's South African Web site. The Grey
College Web site was hacked by a group called "Fatal Error". Visitors
to the Audiopectrum site saw a dragon and cryptic message from the
hacker: "Special greetz to: Nikom 13 - Rage Against".

Spiritual World's Web site at www.spiritualworld.co.za was hacked on
the same day by "ATH", who even placed a contact e-mail address of the
defaced site. The e-mail address indicates a Brazilian e-mail account.

"Until a few months ago hacking was basically legal in SA as no law
addressed it. If the police succeeded in arresting a suspected hacker,
prosecutors had to rely on common law crimes such as housebreaking or
malicious damage to property. It was very difficult to obtain the
necessary evidence to prosecute hackers successfully. In some cases,
however, a hacker may be liable for copyright infringement because he
or she adapts or destroys another person's content without the
necessary permission.

"However, in terms of section 86 of the new Electronic Communications
and Transactions [ECT] Act, hacking is now a statutory offence in SA.  
The crime is defined as the intentional access to, modification or
destruction of data without any authority to do so. The crime carries
a fine or a prison sentence of between one and five years."

Buys says this section is basically useless if the hacker operates
from another country as the law applies only if the hacker commits the
offence in SA. If a Brazilian hacker hacks into local Web sites and
the South African police succeed in tracing down such a hacker, the SA
government will have to ask the host country to extradite the hacker.

"The hacking law also applies to any South African citizen or
permanent resident, notwithstanding the fact that such a person is not
in SA and hacks into non-South African Web sites. An interesting
clause in the law states that the hacking law also applies to people
on ships or aircraft coming to or leaving SA, should the hacking take
place from such a ship or aircraft."

There has not been criminal prosecution of a hacker in SA in terms of
the new ECT Act and it is still uncertain what kind of evidence will
be necessary to secure a conviction.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.