Government officials say they've discovered the security flaw exploited by the vandals, but expressed little hope of catching the perpetrators
Hackers who defaced the Web site of the U.S. General Accounting Office earlier this week say they acted to protest the U.S. war in Afghanistan as well as the plight of Palestinians and Kashmiris. Meanwhile, government officials say theyve discovered the security flaw exploited by the vandals, but expressed little hope of catching the perpetrators.
A group claiming to be part of a large hacker organization known as the Alqaeda Muslim Alliance compromised a server belonging to the U.S. General Accounting Office in Washington on Monday.
The Anti India Crew apparently breached the security of at least one mail server, an FTP server and two Web servers, according to data on the Alldas.de defacement archive.
"What got us all together were the recent attacks on Afghanistan, the fake and totally made up propaganda of Indian media against the Muslim nation," said someone claiming to be one of the attackers in an unsigned response to an e-mail from an address posted on the defaced site. "They can bomb and destroy a whole country or a whole nation which is actually killing people who cant even afford to buy new clothes for themselves and we cant even protest? We cant even ask for peace? We cant even modify htmls [sic] in this cyberworld? It wont harm humans , it wont be as bad as killing the innocent. It shouldnt be considered as a terrorism act."
Instead of the normal GAO information, users going to listserv.gao.gov saw a message, instead, left by the hackers. In it, the AIC admonishes other hackers for using the Alqaeda Muslim Alliance name and warns that there will be more attacks against Indian, Israeli and U.S. Web sites.
"We warned already we will hit us/in/il government servers until [sic] there is peace around us! Long live Kashmir and Palestine," part of the defacement read.
Indeed, the Alldas site, which archives defaced Web pages, lists dozens of sites, many of them with Indian or Israeli domain names, which the AIC has defaced.
While GAO officials said they are "99.9 percent" sure about how the attackers got into the system, they are less enthusiastic about the prospsects of tracking the crew down. "Were working with the FBI, but they need more information. Were sharing all of our information with them and there are a few other things to track down, but its a neverending story. [The hackers] are pretty smart," said Tony Cicco, chief information officer of the GAO in Washington.
Cicco said his staff is currently rebuilding the listserv logs, which AIC deleted during its break-in. That work could take until Tuesday. As close as Cicco can tell at this point, the attack occurred at about 3:45 a.m. Monday.
The GAO is the federal governments investigative arm and is responsible for keeping tabs on Congress as well as other government agencies.
AIC claims to be one member of the hacking triumvirate calling itself the Alqaeda Muslim Alliance. The other members are Gforce Pakistan and Pakistan Hackerz Club.