Anti-Metallica Hackers Hit DC Metro Web Site By Phuong Ly, Washington Post WASHINGTON, DC, U.S.A., 30 May 2000, 6:14 AM CST A computer hacker vandalized the DC Metro's Web site for at least five hours Monday by replacing transit information with an X-rated message lashing out at recording artists who have filed lawsuits to stop people from swapping music files over the Internet.

The attack, the first for Metro, illustrated how vulnerable many public Internet sites have become to being exploited by vandals.

Murray Jacobson, manager of Metro's information technology division, said that it was unclear how many users saw the obscene message but that the effect on Metro customers probably was minimal because it occurred on a holiday.

On a typical weekday, Metro's Web site records about 200,000 visits, some from people accessing the site more than once, according to Cheryl Johnson, a Metro spokeswoman. The site includes a ride guide with maps to help people plan their commutes, and it also allows passengers to buy "smart cards" that store up to $200 in parking and fares. Jacobson said there appeared to be no security breach enabling the hacker to obtain credit card numbers.

"It did not seem like they were out to destroy a computer system," Jacobson said. "They knew what they could get away with quickly."

Metro transit police and D.C. police will investigate the incident, which also will be reported to the FBI, Jacobson said.

Like many Web sites, Metro might have been hit simply because the hackers - whether youths fooling around on a home computer or people who wanted to make a political statement - thought the site could be disrupted, said Mark Rasch, a former federal prosecutor and security consultant with Reston-based Global Integrity.

About 30 to 50 Web sites are hacked each week, he said. "It's just a site of opportunity," Rasch said of the attack on Metro. "Even if you're not doing anything particularly controversial with your Web site, it may be used to make a political statement."

In February, some of the Web's most prominent sites - including Yahoo, eBay and Amazon.com - were paralyzed. In April, a 15-year-old Canadian computer whiz known online as "Mafiaboy" was the first person charged in those cyber-strikes.

Metro's hackers identified themselves as "Idk2k," or "immortal daemon killers," and started their message with "welcome to the year of knowledge." They called the practice of vandalizing Web sites "lame" but necessary because musicians were suing Napster, a popular computer program that allows people to download music. The profanity-filled message berated the rapper Dr. Dre and the heavy metal band Metallica, who have sued Napster and have been particularly outspoken against the company.

Recently, in chat rooms and message boards, hackers have been seething about the lawsuits, Rasch said. But no other attacks concerning Napster have been reported over the weekend, said representatives at the federally funded CERT Coordination Center at Carnegie Mellon University, which monitors hacker attacks and helps develop responses to them.

Metro officials discovered that their site had been vandalized about 9:30 a.m. Monday and called in tech support staff to change passwords and restore the site, Jacobson said.

By 3 p.m., Metro's site was running properly and the focus turned to finding the culprits and preventing another attack, Jacobson said.

Yesterday, Jacobson tried to find a silver lining in the attack. "It's kind of good to know these things happen every once in a while," he said. "It educates our internal users because you know people out there are doing malicious attacks. It's never pleasant, but you want to prepare for the future."

Copyright (C) 2000, The Washington Post. Reprinted with permission.

http://www.newsbytes.com/pubNews/00/149769.html

-- Martin Thompson (mthom1927@aol.com), May 30, 2000