The US government and private technology experts warned that hackers plan to attack thousands of websites on Sunday in a loosely coordinated ”contest” that could disrupt internet traffic.
Organisers established a website, defacers-challenge.com, which was shut down early on Wednesday evening. Before it was removed, the site listed in broken English the rules for hackers who might participate. It cautioned that ”deface its crime” — an apparent acknowledgment that vandalising internet pages is illegal.
”The FBI is taking this very seriously,” FBI spokesperson Bill Murray said. ”Hacking is a crime and those who participate in this activity will be investigated and brought to justice.”
The Department of Homeland Security said on Wednesday that it was aware of the hackers’ plans but did not expect to issue any formal public warnings. The Chief Information Officers Council, part of the Office of Management and Budget, cautioned US agencies and instructed experts to tighten security at federal websites.
”Frankly, hacker challenges occur frequently, and we don’t think they all rise to the level of a warning,” Homeland Security spokesperson David Wray said.
Affinity Internet Inc. of Fort Lauderdale, Florida, which, through a subsidiary, operated the computer servers where the hacker website was located, shut down the site for violating a service agreement, Affinity spokesperson Laura Weir said.
The company declined to identify the Affinity customer who set up the internet site, citing privacy restrictions. Records show the web address was registered on June 21.
Home internet users, who typically do not operate websites, probably would not be affected directly, said Oliver Friedrichs, the senior manager for security response at Symantec Corporation. An early warning network for the technology industry, operating with Homeland Security, notified companies that it received ”credible information” about the planned attacks and has already detected surveillance probes by hackers looking for weaknesses in corporate and government networks.
”We emphasise that all website administrators should ensure that their sites are not vulnerable,” wrote Peter Allor of Internet Security Systems Inc., the Atlanta-based company that runs the Information Technology Information Sharing and Analysis Center.
Friedrichs, though, said Symantec’s global monitoring network wasn’t detecting unusual probes.
”We really haven’t seen any of that activity,” he said. ”We’re certainly going to keep watching and looking.”
Separately, the New York Office of Cyber Security and Critical Infrastructure Coordination warned internet providers and other organisations that the goal of the hackers was to vandalise 6 000 websites in six hours.
New York officials urged companies to change default computer passwords, begin monitoring website activities more aggressively, remove unnecessary functions from server computers and apply the latest software repairs from vendors such as Microsoft.
Chris Rouland, director of the X-force security team at ISS, said researchers monitoring underground chat rooms and other internet activity detected a drop in the numbers of vandalised websites recently and an increase in the types of surveillance scans that typically precede computer break-ins.
”It’s kind of a sandbagging period,” said Rouland, who predicted that hackers were quietly breaking into computers and waiting to vandalise them on Sunday.
The purported ”prize” for participating hackers was 500-megabytes of online storage space, which made little sense to computer experts. They said hackers capable of breaking into thousands of computers could easily steal that amount of storage on corporate networks. ‒ Sapa-AP