Security threats Toolkit

NASA sites hit by anti-war hackers

Tags:
Hack Attack,
Hacktivism,
Nasa,
Anti-war

Patrick Gray ZDNet Australia

Published: 18 Dec 2003 10:15 GMT

The maintainers of an online archive of defaced Web sites say 13 NASA sites have been modified by anti-war protesters from Brazil.

The defacement archive, Zone-H, listed the 13 sites, which include NASA's Computing, Information and Communications Technology Program site and the Mars Exploration Program Landing Sites pages. The archive captured the content placed on the sites by the attackers. It includes a link to what appears to be CNN footage of American soldiers shooting an injured Iraqi in the back and then cheering. The link is titled "The war in iraq, kill is a play!". (The footage is graphic and may upset some readers.)

A security engineer from NASA, who spoke on the condition of anonymity, told ZDNet Australia the attackers aren't necessarily out to champion any cause save for their own notoriety. "It's not 'hacktivism'. It's punk kids defacing NASA, which has nothing to do with any war, and putting up something shocking that they hope will get them free ink. And lo, the press is doing just that. Surprise of all surprises," the source said.

The upside, according to the security specialist is that the defacement "has an unintended consequence of making NASA security folks like myself look one hell of a lot less paranoid ... I am compelled to admit that sometimes it takes very large public embarrassment for any government agency to take security seriously".

As for the severity of the attack, "I've seen worse, and it ain't pretty," the engineer said. The US government is unlikely to take the attack lying down, the source added. "Considering that he broke into government systems, he's likely going to get the royal what-for. Regardless of the content of the defacement, breaking into commercial systems is one thing ... breaking into government systems is quite another. It wouldn't matter if he put up a picture of a dancing Bugs Bunny. He's still going to get the reaming of his life if or when he gets caught."

Co-founder and former maintainer of the Attrition.org defacement mirror, Brian Martin, agrees with the notion that this type of action is not necessarily an effective means of promoting a political cause or ideology. "It's only 'Hacktivism' if people see it. Be it through visiting the Web page, or reading about it in the news. If NASA brought the pages down quickly, who would have seen it other than the [defacement] mirrors?" he said by email. "This is a point that always crept into our talks while running the mirror on Attrition."

Electronic attacks have increasingly been used to deliver political messages. During the height of the Iraq conflict this year the English language site of Arab news agency Al-Jazeera was taken offline in a series of denial of service (DoS) attacks. When al-Jazeera managed to get the site back online, it was hijacked by a US national and re-directed to a page which displayed an American flag with the caption "Let Freedom Ring".

Authorities eventually caught up with the attacker, a 24-year-old Californian named John William Racine II. He pleaded guilty to the charges levelled at him, and was fined and forced to undertake community service.

Another Attritionite and research lead for the Hacker Foundation, which is "a non-profit organisation dedicated to establishing ... a research and service organisation to promote and explore the creative use of technological resources," B. K. DeLong, agrees with NASA's security staffer -- authorities are unlikely to take the defacement lying down. "It's the US government ... not some random 'I ownz' you -- its hosting a video that allegedly shows a member of the US military clearly killing a defenceless person who appears to already be wounded -- then cheering. It totally puts us in a horrible light," he said.