Hackers Attack Public, Private Sectors

'Deceptive Duo' hit Gartner, government, bank sites; say U.S. cyber-security at stake.

A crew of hackers who claim an interest in protecting national security remained at large last week after a round of high-profile defacements that included government and bank Web sites as well as a site belonging to Gartner Inc.

The Deceptive Duo early this month hit the Stamford, Conn., IT research companys site, mocking the kind of pronouncements with which Gartner and other research companies make their living.

"Many recent cyber-attacks could have been avoided if enterprises were more focused on their security efforts, but users seem not to learn from their mistakes," read a line atop the defaced site, which is attributed to Richard Mogull, a Gartner analyst. The line appears to be taken from a United Kingdom trade publication paraphrasing Mogulls conclusions in a recent report.

The Gartner hack marked a rare departure for the Deceptive Duo, which primarily targets U.S. government and financial sites as part of a campaign that the hackers say is aimed at alerting officials to the inherent vulnerability of the countrys IT infrastructure.

Earlier in the week, the crew posted a lengthy portion of a database apparently taken from a U.S. Geological Survey computer, which included employees full names and passport numbers, as well as a bank database that shows names, phone numbers, e-mail addresses, account numbers, partial home addresses and Social Security numbers.

In addition, the Deceptive Duo recently hit the National Institute of Standards and Technology, Sandia National Laboratories and the California Department of Transportation, as well as more than a dozen banks, according to a list maintained by Zone-H. org, a security site that mirrors Web defacements.

Attacks against government sites are certainly nothing new. But, historically, many of the defacements of U.S. government sites have been the work of foreign attackers with an ax to grind about American policies or actions abroad. A U.S.-based crew going after high-profile U.S. sites is rare.

The pair identify themselves as "two U.S. citizens that understand how sad our countrys cyber-security really is" and say their mission is to "locate and scan critical cyber-components of the United States of America for vulnerabilities creating a foreign threat, while remaining undetected."

The message left on the defaced sites warns Web site operators to "tighten the security before a foreign attack forces you to."

Contacted by e-mail, the Deceptive Duo said they will continue their attacks as long as critical federal sites remain vulnerable.

"We have received a positive response. We have seen the system administrators increase the security of the servers that we targeted. We are receiving thanks from employees at the government and other system administrators," they said. "We work closely with those who e-mail us for help, we cooperate fully with them—otherwise, our mission would be incomplete.

"With our defacements, we hope to show our nation that we are still in a vulnerable state. We are not only forcing the system administrators of our targets to take stronger action with their security, but we are also showing the people who witness this that they must act as well."