Monday, 14 September 2009

Rudd hackers escalate threats against .gov.au websites

as posted here

The hackers who brought down the Prime Minister's website this week have already outlined their plans for round two, signalling a marked escalation in their attacks.

A new message posted on their website, which has been used to rally supporters of their anti-internet filtering hacking campaign, outlines plans to attempt to break into back-end government systems rather than simply knocking government websites offline by flooding them with traffic.

A security consultant, who declined to be named, said: "It won't take them long to get to a more dangerous and annoying skill level, which enables them to perform more successful and damaging attacks on the .gov.au domain space.

"Hope the Government has been performing their own penetration testing of their systems."

The website zone-h.org details a slew of government websites that have been hacked and defaced in the past few years, including 68 so far this year. Evidence of each attack is included.

But the hackers, who say they belong to a group called Anonymous, are now taking their attempts further underground after this website yesterday revealed embarrassing chat discussions between them, which occurred while they were carrying out the attacks on pm.gov.au on Wednesday night.

The chat logs revealed that the hackers considered their attacks to be a failure as they brought down Kevin Rudd's website for only a few minutes.

The logs also showed that their main aim was to achieve publicity for their campaign against Communications Minister Stephen Conroy's internet censorship policy.

They are calling for the policy to be dropped and for Senator Conroy to resign.

"It seems the Government isn't afraid of us and the media thinks we are a joke. We need to fix this," the call-to-arms message posted by the hacker reads.

Wednesday night's attacks are known as distributed denial of service (DDoS) attacks and involved them flooding government sites including pm.gov.au with traffic.

However, now the hackers have signalled an attempt to move beyond DDoS and to start attacking government back-end systems in an effort to retrieve data such as usernames and passwords.

This could be achieved by using a method called "SQL injection", which exploits security vulnerabilities in websites' databases.

"DDoS is like trying to break into a building by making hundreds of people run into its walls," the hackers wrote.

"I'm talking trying to sql inject any gov.au page or just get into the back end and retrieve data aka Usernames and Passwords.

"If you do find anything do not talk about it in the IRC [internet relay chat] due to spais [spies] and the AFP being in there and they blocked us out from accessing a previous exploit found."

Yesterday, a spokeswoman for the Attorney-General's Department said the Cyber Security Operations Centre in the Defence Signals Directorate was providing IT security advisers in each of the targeted Australian government agencies to assist with monitoring and responding to the threats.

Today, the department refused to comment on the escalation in threats or whether the matter had been referred to police.

The Australian Federal Police also refused to comment, referring all queries to the Attorney-General's Department.

as posted here

No comments:

Post a Comment

comments will be moderated before posting, allow some time before they appear if they are accepted ...