http://199.97.97.16/contWriter/cnd7/1999/11/04/cndin/8860-0353-pat_nytimes.html

Hackers Deface U.S. Air Force Web Site

SIG CHRISTENSON

c.1999 San Antonio Express-News

SAN ANTONIO The Internet site at Lackland Air Force Base in San Antonio was defaced last weekend by a group of Pakistani-based hackers whose members vow to target U.S. government and military Web sites in a bid to win independence for Kashmir.

The Pakistan Hackerz Club's founder, identifying himself as ``Doctor Nuker,'' said in an exchange of e-mail messages with the San Antonio Express-News that his group also had hacked into the Internet site at Ingleside Naval Base near Corpus Christi, Texas, along with 11 others as it battles on behalf of Kashmir, a territory between India and Pakistan.

By one estimate, the group has struck some 85 sites since it first began its hacking spree, hitting a variety of civilian and military in numerous nations.

``We will deface more government and military sites,'' he warned.

The Air Force said the Lackland attack occurred Friday. The Ingleside attack took place Saturday.

The Pakistan Hackerz Club, said by one local expert to be the most prolific of 50 individual and group ``Web defacers'' worldwide, left its initials, PHC, in yellow over both Web sites.

A rambling diatribe against Indian ``repression'' in Kashmir followed on the Lackland Web page, with a similar message appearing on the Ingleside site.

``The champions of human rights, who were propelled into action because of ethnic cleansing of the Kosovars, have chosen to disregard the even more serious repression in Kashmir,'' Doctor Nuker wrote.

The Lackland site, used to provide public information about the installation, its commanders and activities, was taken offline, said Lt. Denise Kerr, a base spokeswoman. It was back online Wednesday.

The group defaced yet another site run by the Energy Department in Albuquerque, N.M., on Monday night.

The intrusion into the Energy Department's operation's office took place sometime after 6 p.m. The department initially appeared unaware of the attack, but by 6:35 p.m. was reinstalling the Web site.

``It's the online equivalent of spray-paint tagging,'' said David McGroty, a programmer and Web master with Sahara Digital, an Alamo City firm that tests computer systems' vulnerability to hackers.

``It's just a matter of finding that virtual underpass and spraying your message there so as many people as possible can see it,'' he added.

FBI spokeswoman Debra Weierman said she had no information on the recent hacking incidents at the San Antonio and Ingleside military Web sites.

She said FBI and Justice Department policy forbids discussing any ongoing investigation.

But computer hacking and network intrusion, a federal crime, has sharply increased. Michael Vatis, director of the FBI's National Infrastructure Protection Center, last month told a Senate panel that his agency's caseload has doubled in each of the past two years.

The FBI, he told the Senate Judiciary Committee, has more than 800 pending investigations.

Malicious and intentional hacking that causes more than $5,000 damage is punishable by a maximum of five years in federal prison, Justice Department spokesman John Russell said.

Those involved in accidental intrusions which leave no damage can be jailed for up to six months, he said.

Hackers also can be charged with violating federal wiretap laws, a crime with a 10-year prison term.

Deputy Defense Secretary John Hamre said in February that the Pentagon is detecting 80 to 100 potential hacking events daily.

Hacking, though, plagues a host of other countries and regions as well, particularly Asia.

In a recent commentary headlined ``Nerd World War,'' the Economist magazine cited a report indicating 72,000 ``cyberspace attacks'' were launched from China against Taiwan in August. Taiwanese hackers struck back, cracking Web sites operated by the Chinese tax and railway agencies.

Closer to home, such high-profile organizations as the Johnson Space Center in Houston, ABC, the Drudge Report and George Magazine were attacked by two groups, hackingforgirliez and unitedloangunmen.

The attack on George Magazine came Oct. 26, a few months after the death of its founder, John F. Kennedy Jr.

The message, ``Remember me for I was murdered,'' contained the date of Kennedy's death with another message, ``Unitedloangunmen points the finger at the Bush administration of the Illuminati and Committee of 300.''

The word ``murdered'' turns crimson when a computer mouse crosses it, and leads to a link containing theories about the plane crash that claimed the lives of Kennedy, his wife and a sister-in-law.

While it's hard to know what the message is, or if the message is a joke, that isn't the case with Pakistan Hackerz Club, said McGroty, who noted the group puts a new missive on each web site it hacks some including photos of apparently dead and injured people.

``They obviously have a real cause to support,'' he said.

-- Uncle Bob (UNCLB0B@Tminus56&counting.down), November 05, 1999

Answers

Bright. Like ticking off the US Air Force is going to win independence for Kashmir?

-- Mad Monk (madmonk@hawaiian.net), November 05, 1999.

Those involved in accidental intrusions which leave no damage can be jailed for up to six months, he said ... so...

Becarefull where you visit??? That is a scary thought. Honestly, is intrusion just visiting a web site where you are not supposed to have access? What exactly constitutes this 'itrusion' they are saying can net you six months? I don't feel good about this sort of nebulous description of a crime. I think the criteria should be willfully writing ANY file to a web server where you have no account. That seems pretty reasonable to me.

-- (...@.......), November 05, 1999.

Ok, what I meant to say was... writing a file to any server which is not public access AND on which you do not have authorized access.

-- (...@.......), November 05, 1999.