http://www.eastbayri.com/story/287578433919942.php
By Scott O'Connell
September 14, 2006
BARRINGTON - An international computer hacker erased an entire database
of town documents from the Barrington town website last Tuesday. Instead
of a list of links to archived meeting minutes and agenda files, web
surfers on the "town documents" page found a repeated message that
morning: "HACKED BY ENO7 (TURKISH) (NOWAR)."
The online prank was apparently the work of a Turkish hacker who has
also infiltrated the databases of several other websites around the
globe in the past few months. Apart from the vague message on the
Barrington website, the hacker has elaborated in past hacks that he or
she is organizing a cyber protest of the Lebanon-Israeli conflict of
this summer.
According to Adam Kyle of Intap, the Providence-based Internet provider
that hosts Barrington's online file database, the hacker used a
procedure called SQL injection that automatically searched the world
wide web for loopholes in database code.
"It's not one person doing this it's an automated process," he said,
adding that the hacker did not target Barrington's site specifically nor
gain access to any information that wasn't already available to the
public.
"It's an everyday thing you have to look out for," Mr. Kyle said of
eno7's hacking technique. "It's fairly common, but it's also easy to
protect against."
According to town webmaster Joe Shansky, the hack was apparently
localized to the "town documents" page and did not affect the rest of
the website, which he said was html-based and thus not prone to code
hacks. Barrington Finance Director Dean Huff, who alerted Mr. Shansky to
the hack Tuesday morning, added that it did not affect the town hall's
computers and databases either.
First time hit
Mr. Shansky, who quickly fixed the page last Tuesday, said this was the
first year in which the public database was featured on the town
website.
"That's what you get for going modern," he quipped. "This was really
just a malicious thing."
On Thursday, Mr. Huff said the town was in the process of uploading
files back onto the database. Internet users can in the meantime go to
the Rhode Island Secretary of State's website to access most town
meeting agendas and minutes.
Mr. Shansky said that Intap would adjust the database code to close up
the loophole that led to the hack. He also stated that this incident was
the first such hack to affect Barrington's website in his nine years as
town webmaster.
Mr. Kyle said that Intap, which has been Barrington's provider since
1997, had not received any other reports of eno7 hacks from the
company's other clients. He mentioned that this particular hacker had a
worldwide notoriety, however.
"[Eno7's] agenda ... has a lot to do with the conflict in the Middle
East," he said. In order to reach a worldwide audience, Mr. Kyle said
the hacker built a "bot" program that automatically sends out messages
to Internet databases that detect breaks in code.
In the past two months, eno7 has hijacked hundreds of web pages
throughout the Internet, from government pages on Denver's city website
to the electricity information page on Cape Town, South Africa's
website. In most cases, the hacker used the same repeated message in the
Barrington website hack, but occasionally issued a more detailed
explanation.
On the website www.eyesofeurope.org, for example, the hacker replaced
the main home page with a black screen and white type outlining his
group's modus operandi on July 29. That hack also revealed that two
other international hackers (or hacking groups) were involved in the
prank: Byond crew of Chile and XTech Inc of Argentina.
"Lebanon-Israel ... STOP! No war - peace, that's all," the hacker wrote.
"Hey admin, don't worry not just your page was defaced. This is just a
cyber-protest ...! Join us!!"
Under U.S. federal law, a convicted hacker can face up to 20 years in
prison and/or fines of thousands of dollars, depending on the severity
of the crime (computer hacking is covered under Fraud and False
Statements).
The hacker apparently did not worry about being caught - he included his
e-mail address at the bottom of that page in July.
Hacked! Town's site hit
Barrington's town website - www.ci.barrington.ri.us - lost an entire
page's worth of town meeting minutes and agenda files last week to a
Turkish hacker. The rest of the site remained unaffected, and as of
Friday the town was in the process of uploading agendas back onto the
hacked page.
* The affected page was www.ci.barrington.ri.us/government/documents.asp
- the website's online database for archived meeting and agenda files.
On Thursday, these were all erased from the main page, probably due
to a glitch in the coding that enabled the hack.
* The hack did not affect the website's other pages, which were
html-based and therefore not vulnerable, nor did it affect the town
hall's computers and databases, according to town officials.
* According to a representative from Intap, Barrington's web service
provider, the hacker randomly targeted the town website, and did not
steal any information not already available to the public.
* The database feature, installed on the town website earlier this year,
was an "additional service," said town financial director Dean Huff.
Residents can also access online meeting postings at the Secretary of
State's website at www.state.ri.us.
_________________________________
HITBSecConf2006 - Malaysia
The largest network security event in Asia
32 internationally renowned speakers
7 tracks of hands-on technical training sessions.
Register now: http://conference.hitb.org/hitbsecconf2006kl/
Received on Sep 15 2006
Intro
