Ed Note: In April, a cracker group known as World of Hell defaced the Web site of the Colorado Department of Tourism. Over the weekend of June 9 and 10, the group defaced a Virginia Web site run by the states Department of Information Technology. That same weekend, the group also hit Clearwater, Fla.s Web site - twice. A couple of days later, World of Hell cracked Vermonts home page and the Texas Lotterys Charity Bingo Divisions Web site. Web sites of the departments of transportation in Georgia and Idaho were hit on June 13.
According to Safemode.org, a Web site that mirrors defaced Web sites and pages, World of Hell has been linked to 160 defacements at press time.
When the Virginia site was hit, World of Hell left both a Web site address and an e-mail address. Government Technology then e-mailed the group to raise the idea of an e-mail interview, and several members of the cracking group, who identified themselves only by their screen names, ultimately agreed to answer a series of questions about what they do, their rationale and their perspective on computer security. Government Technology also contacted another cracking group, PoizonB0x, which was in the news at the same time as World of Hell. PoizonB0x zapped a handful of Internet-security Web sites to make the point that security experts fall victim to crackers, too. The interviews were done via e-mail and comments are printed exactly as they were received.
Despite popular belief, World of Hell member Dawgyg said his cracker team isnt looking for personal information when they hit a government site.
"I am doing this to show how insecure Windows NT and [Suns Solaris] are," he said.
Up|4|grabs, the World of Hell member who wrote the HTML script that defaced Virginias site, said most crackers, although engaging in criminal activity, dont like to run the risk of stealing information.
"For the most part, little damage is done," said up|4|grabs. "If people are after data like credit cards, they usually decide not to deface the site, because then it is more likely for the system admin to know that data was taken."
PoizonB0xs leader, DC, also expressed little interest in the information on government Web sites.
"I remember the first time I owned a .gov site; a really long time ago," DC said. "I looked through all the texts there and I remember I even uploaded something. Then, after that, I tried to download something, but that info wasnt very interesting."
The crackers interviewed said they crack sites merely because its possible, and government sites are often more vulnerable than private-sector sites.
"[Governments] dont take the time to secure their sites," Dawgyg said. "I have owned some gov sites with exploits that have been public for over two years and the admins still did not secure for this exploit. Generally, private computers are better secured because the people are paranoid."
Its all a matter of what interests crackers, said Shawn Hernan, team leader of the CERT Coordination Centers
"There are large numbers of intruders who scan the Internet more or less indiscriminately looking for any vulnerability they can find, or systems that are vulnerable to well-known exploits," Hernan said. "If you have a system on the Internet that contains a vulnerability thats known to the intruder community, you will eventually be compromised - they dont care what box they compromise; theyre just interested in gaining access to some computer."
Battening the Hatches