Hackers taunt EC with site defacement

Dutch hackers on Tuesday evening defaced SaferInternet.org, a Web site sponsored by the European Commission that promotes a safer Internet. Security at the site had been increased just last week after other hackers raised a red flag about possible vulnerabilities.

The cyber vandals left a message taunting the server administrators and law enforcement: "This is our world! We are god and we make the rulezzzzz Happy finding us! The Netherlands is tha place!"

The hackers also inserted two hyperlinks, one to a Web site for Hackers at Large 2001, an event to be held in the Netherlands in August, and one to a database elsewhere on SaferInternet.org. The database, which can be downloaded by following the link, contains about 475 e-mail addresses of people who subscribe to the SaferInternet.org mailing list, according to a security expert who examined the database, who requested anonymity.

Since the defacement some names of subscribers to the list have been posted on Security Database (http://www.securitydatabase.net/), a Dutch online security discussion forum.

The hack is a slap in the face to the Commission and its contractor, Ecotec Research and Consulting Ltd. of Birmingham, England. Hackers last week identified two holes in the site's security, which were acknowledged by Ecotec and swiftly patched. The holes were linked to known vulnerabilities in Microsoft Corp.'s Internet Information Server, software that's widely used to serve Web sites. The Web site was restored around 9:00 AM local time in Brussels Wednesday morning. Ecotec is contemplating its next move, as it has now been hit twice in a short period of time.

"We might actually pull the site until we get proper security in place. We have been reviewing security and have been trying to implement better security this week, but the hackers are quicker than us," said Tara Morris, project manager for SaferInternet.org and a consultant at Ecotec.

Morris said the hackers replaced the site's front page but didn't do any other damage. The database with e-mail addresses is a bit of a mystery. Morris said he hasn't seen it before and thinks the hackers could have created it from data elsewhere on the site.

Ecotec is considering reporting the hacking incident to the authorities.

"It is an option. This is obviously very serious," said Morris.

SaferInternet.org was launched last month by the Brussels-based Commission, which functions as the executive body of the 15-member European Union. The Web site is part of a broad campaign to make the Internet safer for European citizens and businesses, and is specifically aimed at helping to eradicate Internet content that's illegal or considered harmful.

Earlier last week the Commission said it was drafting an anti-hacking law as part of a series of proposals meant to increase the level of information security in Europe.

Join the newsletter!

Or
Error: Please check your email address.

More about Ecotec Research and ConsultingEuropean CommissionMicrosoftSaferInternet.org

Show Comments