CNN.com Chat With President Clinton
Infiltrated by 'Prankster'
Updated 10:45 p.m. ET (0345 GMT) February 14, 2000
NEW YORK � Someone claiming to be President Clinton on Monday afternoon infiltrated a chat he was giving to CNN.com and gave a phony answer to a question, White House sources told FOX News.
"Personally, I'd like to see more porn on the Internet, Wolf how about you?" the FOX News Channel quoted the impersonator as writing, before the answer was deleted by a chat moderator. The answer was in response to a question about Clinton's thoughts on the Internet.
The president did not see the response, the White House said. CNN sent an e-mail statement to the White House insisting the chat had not been hacked, but that someone had been able to bypass the electronic filters in place to prevent such disruptions.
"We weren't hacked and anybody who says we were doesn't know what they're talking about," the FOX News Channel quoted CNN as writing in the e-mail.
CNN is not calling this a hacking, according to spokesman Edna Johnson. She told FOX News that a "prankster" was able to type in the answer as though they were the president.
"It wasn't a hacker. We were not hacked into. Have you ever participated in an online chat? Anyone can come in and register and participate on site. This person was registered and participating in the chat. He was a prankster. They give themselves a user name," Johnson said.
"The prankster typed in President Clinton in brackets. User name was President Clinton. We have a filtering system that works quite well," Johnson said. "There was a 20 second glitch and this is when the person came in and typed. We booted the person out."
"Under any circumstance, we are not pleased when a prankster participates in chats," she acknowledged.
Several experts, however, said the disruption was almost certainly a hack. The experts said it would have been impossible for anyone to give a false answer for Clinton without deliberately bypassing chat room security measures.
The interview was touted by CNN as making media history because Clinton became the first sitting president to give an interactive, online interview that allowed Web surfers to ask him questions.
Latest Incident in a Wave of Pranks
The incident Monday was the latest in a recent wave of cyber-vandalism that has already targeted CNN.com once before, as well as major commercial sites such as eBay, Amazon.com, and Yahoo!
As federal agents investigating last week's computer attacks focus on two known hackers, the FBI on Monday identified another computer used as a "zombie" or middleman in the attacks, an official said.
An official who requested anonymity said the FBI believes a computer in Oregon was used in the attacks, but the official declined to say exactly where. The U.S. Attorney's office in Portland confirmed that federal law officials had begun an investigation in Oregon in connection with the recent hacker attacks, which disrupted traffic on some of the Web's most popular commercial sites.
"There is an investigative lead in the district of Oregon," said Michael Brown, chief of the criminal division at the U.S. Attorney's office in Portland. "I do have information, but I can't impart it," he said.
Portland-based FBI spokesman Gordon Compton declined to comment other than to say no arrests had been made in the case.
Financial Institutions Received Warnings
At least eight times before last week's hack attacks against major Web sites, computer experts at some of the nation's largest financial institutions received detailed warnings of impending threats.
Banking officials never passed their detailed warnings to the FBI or other law enforcement agencies, even as alerts escalated from the first assault against the Yahoo! Web site and subsequent attacks against eBay, Amazon, Buy.Com, CNN and others.
The urgent alerts, by e-mail and pager, began fully four days before Yahoo! fell under electronic assault Feb. 8. They cautioned that dangerous attack software had been discovered implanted on powerful computers nationwide. The messages ultimately identified specific Internet addresses of attacking machines.
Participating banks weren't allowed to share the warnings with government investigators under rules of an unusual $1.5 million private security network created in recent months for the financial industry. The Treasury Department said mandated disclosures might hamper banks and others from being forthcoming about attacks by rogue employees, software bugs, viruses or hackers.
The industry said such guarantees helped ensure it was protected.
"Everybody felt comfortable sharing information," said William Marlow, executive vice president for Global Integrity Corp., which runs the network. "The government wasn't involved, everything was anonymous. The private sector can help each other without additional regulation."
Strains of Hacker Tools Detected
Meanwhile, a Silicon Valley Internet security firm reported Monday it has detected on its system each of the same three major "zombie" agents that had overwhelmed Amazon.com and Yahoo!
The Santa Clara, Calif., firm Network Associates said the company's computer security product, CyberCop Zombie Scan, detected strains of the hacker tools Tribal Flood Network, Trinoo and Stacheldraht on several systems in the United States and Europe, in both educational and non-educational networks.
The Wall Street Journal reported Monday that the investigation into the attack was focusing on two suspects, a hacker believed to be responsible for the first of the assaults, the Yahoo! attack, and a less skilled copycat living in Canada. But law enforcement officials told the Journal they haven't come up with hard suspects. So far, the two potential suspects have been identified only by their online pseudonyms, the newspaper said.
Although many in the Internet security community initially described the attacks as unsophisticated, it now appears that at least one of the attackers may have been far more skilled than the apparent subsequent copycats. David Brumley, a system-software developer in Stanford University's information-technology department, told the Journal that the hacker believed to be responsible for the Yahoo! attack mounted a complex operation using highly customized tools.
Brumley declined to reveal the hacker's online pseudonym, citing concerns about jeopardizing the investigation, the Journal said.
A second, Canadian-based hacker is being looked at as a copycat, Michael Lyle, chief technical officer of Internet security firm Recourse Technologies Inc., told the Journal.
That hacker, known online by the pseudonym "mafiaboy,' allegedly was recorded in an Internet hacking channel soliciting orders to shut down Time Warner Inc.'s Cable News Network and E-Trade Group Inc.
High-School Drop-out Changes Grades
Meanwhile, other kinds of hacking continue. State police have charged 17-year-old high school drop-out Joshua Granger of Ithaca, N.Y., of using a home computer to tap into the records of a vocational school near Syracuse. Troopers say Granger altered grades and teacher comments on more than a thousand report cards, just to prove he could do it. Authorities were alerted when school secretaries noticed the teacher comments on the report cards were "vulgar" and "R-rated."
Granger was arrested Friday
http://www.foxnews.com/vtech/021400/hack.sml
-- Martin Thompson (mthom1927@aol.com), February 15, 2000