UPDATE - Internet Security Blames ISP for Hacking Snafu

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread
[Fair Use: For Educational and Research Purposes Only]

Title: Internet Security Blames ISP for Hacking Snafu

Source: Chinaonline.com

(8 June 2000) At 8 a.m. on June 7, after having called Sina.com to disclose his intentions, a hacker penetrated the Chinese-language Web site of Internet Security Systems (China) (ISSC). ISSC is the subsidiary of the U.S.-based Internet Security Systems (ISS), which is a provider of e-commerce security services.

ISSC then issued the following press release, which discussed the hacking incident:

ISSs major purpose in establishing its Chinese Web site was simply to provide a Chinese-language description of its products and information about these. The detailed content about ISSCs relevant products is all linked to ISSs U.S. Web site.

ISSs Chinese Web site is only a promotional interface that offers, using the Chinese language, services to Chinese users. It is not a professional Web site.

The invaded Chinese Web site uses a virtual host (the Web site is temporarily closed down) and has been entrusted to an Internet service provider, which is totally responsible for the security and performance of the virtual host. ISSC does not have responsibility for security or control over the virtual host.

The ISPs servers provide simultaneously virtual hosting services to a dozen companies. The ISP has never installed any relevant security products made by ISS.

Considering the above situation, ISSC does not regard this incident as a real invasion of ISS. The hacker has actually attacked a domestic ISP.

However, ISSC believes the real meaning of this incident is that it has enabled the domestic ISP/Internet print protocol to realize the importance of network security and to reinforce their own security measures, as well as to optimize services to safeguard the interests of their users. ISS is willing to help this ISP and other ISPs to reinforce their network security.

ISSC is constructing a brand-new Chinese Web site, www.isschina.com, which soon will be operational. ISSC is willing to pay an ample reward to anyone who can find any security loophole in this new Web site.

http://www.chinaonline.com/topstories/000608/1/c00060705.asp

=====================

-- (Dee360Degree@aol.com), June 09, 2000

Moderation questions? read the FAQ