'Friendly' hacker spotlights security flaws

A computer hacker using a Polish address has defaced up to 50 Australian Web sites in the past week as part of a campaign to expose a lack of IT security by local business.

The defaced Web sites, which are listed on the German public service site www.alldas.de, have been hacked into and defaced with messages criticising the state of online security in Australia.

The attacks began last week when the hacker, who goes by the name L4m4, defaced the Web site of Adelaide law firm Moloney and Partners and left the threat that unless businesses improved their security, they would be next.

"Your IT guy who you have trusted for so many years has no idea when they told you that your Web server is 'safe as houses, mate'," the message said.

Since then another 46 sites have been defaced, including Sky Channel, legal firm Blake Dawson Waldron and allegedly Dymocks, according to the German Web site archiving the successful attacks.

Before these attacks, fewer than 100 Australian Web sites have been defaced in the last two years.

Sky Channel Internet site manager Alex Harradine said the defacement of its Web site, the first ever, was fixed in a matter of 10 minutes.

Harradine said the hacker could have done some serious damage "but he's quite friendly. He even backed up some of our files".

Sky Channel's Web site page was replaced with "Owned by L4m4. Once again really bad Australian server security. Pick up your act or I will have your job".

Peter Coroneos, Internet Industry Association chief executive, said while the attacks appeared to be relatively harmless, it was possible hackers could go further into the system and steal data and even credit card details.

"Everyone recognises security is looming as an issue for the Internet. It's something we've got to work hard to resolve," he said.

Coroneos said the intention of the defacements, which were basically online graffiti, seemed to be to warn the sites of their weaknesses.

Carlton Duston, technical manager of Websecure Technologies, a Sydney-based Internet security company, said the level of security in Australia was not high.

He said businesses that had been hacked needed to audit their Web site and find how the hacker got in, work out the impact of the information that had been compromised, and raise security levels.

Greg Kowalski, technical director of Biko, the webmaster for Dymocks, denied the site had been defaced, although the bookseller had been listed on www.alldas.de.

- AAP

More about: AAP, Blake Dawson Waldron, Blake Dawson Waldron, Dymocks, Internet Industry Association, WebSecure Technologies

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/20/adawarefree/

Lavasoft Ad-Aware Free

Ad-Aware Free has long been one of the most popular spyware killers on the planet, and with good reason. It's simple to use, does an ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia