withstand hacker attack on Army site
by Dennis Sellers, email@example.com
March 15, 2000, 7:00 am ET
The US Army
switched to using Mac G3 Web servers running WebSTAR to host its main site, citing
security concerns with Microsoft servers. But yesterday the army's servers were attacked
by Brazillian hackers.
The hackers were from
a group called Crime Boys. The Web sites hacked were http://www.cpma.apg.army.mil
The Mac servers withstood
the attack, but two Windows NT servers running Microsoft-IIS/4.0 were broken into.
site has already
been removed. There's also a story about the hack at http://www.securenet.com.br/http://www.lmms.lmco.com/cgi-bin/nexus/news?query=13030003, but it's not in English.
As we reported
on Sept. 10, the http://www.army.mil Web site has undergone so many
successful hacker attacks on its NT servers that it's now running on Mac OS servers,
per the direction of Lt. General Campbell, the Army's CIO. Following is a Sept. 1
Army News Service release that confirms this: "Working from information provided
by the U.S. Army's Criminal Investigation Command, FBI agents arrested a 19-year-old
Wisconsin man Aug. 30 for malicious altering of a U.S. Army Web page.
"The agents identified
the Green Bay man as the co-founder of a hacker organization known as 'Global Hell.'
"The arrest capped
a two-month investigation led by Army CID agents, after an unidentified intruder
gained illegal access to the Army Home Page June 28 and modified its contents. The
intruder also gained access to an unclassified Army network and removed and modified
computer files to prevent detection.
"Since the case
is still ongoing, Christopher Unger, web site administrator for the Army Home Page,
didn't want to talk about specifics of what the hacker did to the web page or what
the Army is doing to protect its sites from future hackers. However, he said the
Army has moved its web sites to a more secure platform. The Army had been using Windows
NT and is currently using Mac OS servers running WebSTAR web server software for
its home page Web site.
"Unger said the
reason for choosing this particular server and software is that according to the
World Wide Web Consortium, it is more secure than its counterparts. According to
the Consortium's published reports on its findings, Macintosh does not have a command
shell, and because it does not allow remote logins, it is more secure than other
platforms. The report also said the Consortium has found no specific security problems
in either the software or the server.
is a worldwide group of representatives from more than 350 organizations that provide
the infrastructure for a global interoperable World Wide Web. Membership is open
to any organization.
are inviting to hackers because of their high profile," Unger said. However,
the Department of Defense is laying the groundwork now for more secure Internet sites
that will prevent unauthorized access to information, he said.