Web Vandals Hit Government Sites

A new crew of Web vandals that has taken to defacing government and bank Web sites has hit several new, high-profile targets.

The crew has posted a lengthy portion of a database apparently taken from a U.S. Geological Survey computer, which includes employees full names and passport numbers, as well as a bank database that shows names, phone numbers, e-mail addresses, account numbers, partial home addresses and Social Security numbers.

Calling themselves the Deceptive Duo, the pair recently hit the National Institute of Standards and Technology, Sandia National laboratories and the California Department of Transportation as well as more than a dozen banks, according to a list maintained by Zone-H.org, a security site that mirrors Web defacements.

Earlier this week the Deceptive Duo cracked a database at the Department of Defenses Defense Logistics Agency and posted a portion of its contents to the DLAs site as part of a defacement. They have also attacked a site operated by the Federal Aviation Administration.

A defacement crew attacking government sites is certainly nothing new. But, historically, many of the defacements of U.S. government sites have been the work of foreign attackers with an ax to grind about American policies or actions abroad.

A U.S.-based crew going after high-profile U.S. sites is rare.

The pair identify themselves as “two U.S. citizens that understand how sad our countrys cyber-security really is,” and say their mission is to “locate and scan critical cyber-components of the United States of America for vulnerabilities creating a foreign threat, while remaining undetected.”

The message left on the defaced sites warns Web site operators to “tighten the security before a foreign attack forces you to.”

Contacted by e-mail, the Deceptive Duo said they will continue their attacks as long as sites such as the FAA, DLA and others remain vulnerable.

“We have received a positive response. We have seen the system administrators increase the security of the servers that we targeted. We are receiving thanks from employees at the government and other system administrators. We work closely with those who e-mail us for help, we cooperate fully with them otherwise our mission would be incomplete,” they said. “With our defacements, we hope to show our nation that we are still in a vulnerable state. We are not only forcing the system administrators of our targets to take stronger action with their security, but we are also showing the people who witness this that they must act as well.”