Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

U.S. Navy caught hacking into British marine charity Web site

0 views
Skip to first unread message

Tim May

unread,
May 9, 1998, 3:00:00 AM5/9/98
to

At 5:48 AM -0700 5/9/98, Spam the President wrote:
>http://www.infoworld.com/cgi-bin/displayStory.pl?98058.winavy.htm
>
> U.S. Navy caught hacking
> into British marine
> charity Web site
>
> By Kristi Essick
> InfoWorld Electric
>
> Posted at 3:07 PM PT, May 8, 1998
> The U.S. Navy has been caught attempting to
> break in to secure areas of a World Wide Web
> site sponsored by a U.K. marine-mammal
> preservation charity, according to officials at the
> organization.
....
> incoming attempt to breach security by a user
> identified as donhqns1.hq.navy.mil.

Hence the need for onion routers and Web proxies!

Seems to me the spooks need Cypherpunks technology more than we do.

--Tim May


"The tree of liberty must be watered periodically with the blood of
tyrants...."
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.


Steve Schear

unread,
May 9, 1998, 3:00:00 AM5/9/98
to

>http://www.infoworld.com/cgi-bin/displayStory.pl?98058.winavy.htm
>
> U.S. Navy caught hacking
> into British marine
> charity Web site
>
> By Kristi Essick
> InfoWorld Electric
>
> Posted at 3:07 PM PT, May 8, 1998
> The U.S. Navy has been caught attempting to
> break in to secure areas of a World Wide Web
> site sponsored by a U.K. marine-mammal
> preservation charity, according to officials at the
> organization.

If this attempt was supposed to remain undetected, its likely the perps
didn't know of their sponsored CROWDS and ONION work.

--Steve

---------------------------------------------------------------------
reply to schear - at - lvcm - dot - com ---

PGP mail preferred, see http://www.pgp.com and
http://web.mit.edu/network/pgp.html

RSA fingerprint: FE90 1A95 9DEA 8D61 812E CCA9 A44A FBA9
RSA key: http://keys.pgp.com:11371/pks/lookup?op=index&search=0x55C78B0D
---------------------------------------------------------------------


Bill Frantz

unread,
May 9, 1998, 3:00:00 AM5/9/98
to

At 4:48 AM -0800 5/9/98, Spam the President wrote:
>http://www.infoworld.com/cgi-bin/displayStory.pl?98058.winavy.htm
>
> U.S. Navy caught hacking
> into British marine
> charity Web site
>
> By Kristi Essick
> InfoWorld Electric
>
> Posted at 3:07 PM PT, May 8, 1998

> ...
>
> "I think whoever it was within the U.S. Navy
> facility would have better things to do rather than
> try and hack into our computers," said Chris
> Stroud, the organization's director of campaigns,
> in a statement. "If they were seeking reports on
> the Black Sea, we shall be freely publishing these
> in the near future anyway."

Consider the possibility that someone hacked into the Navy's computer and
then used it as a base to hack the Marine Mammal Charity site.


-------------------------------------------------------------------------
Bill Frantz | If hate must be my prison | Periwinkle -- Consulting
(408)356-8506 | lock, then love must be | 16345 Englewood Ave.
fra...@netcom.com | the key. - Phil Ochs | Los Gatos, CA 95032, USA

Spam the President

unread,
May 9, 1998, 3:00:00 AM5/9/98
to

http://www.infoworld.com/cgi-bin/displayStory.pl?98058.winavy.htm

U.S. Navy caught hacking
into British marine
charity Web site

By Kristi Essick
InfoWorld Electric

Posted at 3:07 PM PT, May 8, 1998

The U.S. Navy has been caught attempting to
break in to secure areas of a World Wide Web
site sponsored by a U.K. marine-mammal
preservation charity, according to officials at the
organization.

The Whale and Dolphin Conservation Society
(WDCS) -- which operates an online shopping
site aimed at generating money for the welfare of
the animals at http://www.wdcs-shop.com --
said it was alerted to the attempted break-in last
week by its site-hosting company, Merchant
Technology Ltd.

"We were working late one night, and a
command line request came in wanting to access
unauthorized areas of the site," said Andy Fisher,
marketing manager for Merchant. "We were
amazed to find out it was the Pentagon."

Merchant built and manages the secure
electronic-commerce site for the conservation
society and routinely keeps an eye on who visits.
If users attempt to gain access to unauthorized
areas, the company is alerted to the source of the
incoming request.

At 9:45 p.m. GMT on April 28, Fisher said,
workers at Merchant were shocked to see an


incoming attempt to breach security by a user
identified as donhqns1.hq.navy.mil.

Merchant got in touch with WDCS immediately,
only to find out that the charity had been
contacted by the Navy a few weeks earlier. The
Navy was interested in obtaining a report the
group is working on that details the efforts of
Russian animal experts to train dolphins in the
Black Sea for military tasks, such as finding and
attaching probes to submarines, Fisher said.

A WDCS representative said that there is
nothing secret about the Russian government's
activities in this area but that the document does
contain information about the export of the
trained dolphins to foreign countries. The group
declined to give the Navy a copy of the report
only because it was not complete at the time.
Once it is made final, the report will be published
and the Navy can then examine it, the
representative said.

The WCDS said that it is confused about why the
Navy would attempt to break in to its Web site.

"I think whoever it was within the U.S. Navy
facility would have better things to do rather than
try and hack into our computers," said Chris
Stroud, the organization's director of campaigns,
in a statement. "If they were seeking reports on
the Black Sea, we shall be freely publishing these
in the near future anyway."

The WCDS previously has commented
unfavorably on Navy activities such as its
low-frequency sonar trials off Hawaii and on
ship collisions with endangered whales, the
group said.

Merchant says it is "100 percent sure" the
hacking attempt originated from the Navy.
WDCS has notified the U.S. Embassy in London
and the relevant U.K. authorities, the
organization said.

"We hope that the U.S. authorities have some
rational explanation for this incident," Stroud
said.

"The Navy has not yet received a formal
complaint on the issue," said a Navy official, who
declined to be named. "Until the Navy receives a
formal complaint with details, there's not much
we can do to proceed further."

Merchant Technology Ltd., in Bath, England, can
be reached at 44 (1225) 481 015. The Whale and
Dolphin Conservation Society, also in Bath, can
be reached at 44 (1225) 334 511 or
http://www.wdcs.org.

Kristi Essick is a London correspondent for the
IDG News Service, an InfoWorld affiliate.


Spam the President

unread,
May 10, 1998, 3:00:00 AM5/10/98
to

On Sat, 9 May 1998, Bill Frantz wrote:

> At 4:48 AM -0800 5/9/98, Spam the President wrote:

> >http://www.infoworld.com/cgi-bin/displayStory.pl?98058.winavy.htm
> >
> > U.S. Navy caught hacking
> > into British marine
> > charity Web site
> >
> > By Kristi Essick
> > InfoWorld Electric
> >
> > Posted at 3:07 PM PT, May 8, 1998

> > ...


> >
> > "I think whoever it was within the U.S. Navy
> > facility would have better things to do rather than
> > try and hack into our computers," said Chris
> > Stroud, the organization's director of campaigns,
> > in a statement. "If they were seeking reports on
> > the Black Sea, we shall be freely publishing these
> > in the near future anyway."
>

> Consider the possibility that someone hacked into the Navy's computer and
> then used it as a base to hack the Marine Mammal Charity site.
>
> -------------------------------------------------------------------------
> Bill Frantz | If hate must be my prison | Periwinkle -- Consulting
> (408)356-8506 | lock, then love must be | 16345 Englewood Ave.
> fra...@netcom.com | the key. - Phil Ochs | Los Gatos, CA 95032, USA

It wouldn't make any sense. Why would a hacker use a military
site that is actively monitored to hack into a site with less security?

And why the requests to get the document originating from the same
source?

Also, from what I have read, the DoD needs come first in everything,
especially Defence Security related issues. No holds barred when they
want something.

This sounds exactly like the kind of information that they would
want and consider essential, and could thus justify themselves to
get it by any means available.

Of course, if this was a hacker playing tricks to the US military,
then I'm sure we can expect the military will publish this serious
a security breach, in order to get more money to protect themselves
against any Internet terrorist attacks in the future.

But I bet there will be no public comments or explanation given.
-----
pentagon-gw-e0.nci.net (198.253.200.2)
donhq-gw.nci.net (198.253.203.11)
donhqns1.hq.navy.mil (164.224.250.80)

Trying 164.224.250.80...
Connected to 164.224.250.80.
Escape character is '^]'.
W A R N I N G W A R N I N G W A R N I N G W A R N I N G

USE OF THIS OR ANY OTHER DOD INTEREST COMPUTER SYSTEM CONSTITUTES A
CONSENT TO MONITORING AT ALL TIMES

This is a Department of Navy (DON) interest computer system. All DON
interest
computer systems and related equipment are intended for the
communication,
transmission, processing, and storage of official U.S. Government or
other
authorized information only. All DON interest computer systems are
subject
to monitoring at all times to ensure proper functioning of equipment
and
systems including security devices and systems, to prevent unauthorized
use
and violations of statutes and security regulations, to deter criminal
activity, and for other similar purposes. Any user of a DON interest
computer
system should be aware that any information placed in the system is
subject
to monitoring and is not subject to any expectation of privacy.

If monitoring of this or any other DON interest computer system reveals
possible evidence of violation of criminal statutes, this evidence and
any
other related information, including identification information about
the
user, may be provided to law enforcement officials.

If monitoring of this or any other DON interest computer system reveals
violations of security regulations or unauthorized use, employees who
violate
security regulations or make unauthorized use of DON interest computer
systems are subject to appropriate disciplinary action.

USE OF THIS OR ANY OTHER DOD INTEREST COMPUTER SYSTEM CONSTITUTES A
CONSENT TO MONITORING AT ALL TIMES

W A R N I N G W A R N I N G W A R N I N G W A R N I N G

Username:


Bill Frantz

unread,
May 11, 1998, 3:00:00 AM5/11/98
to

At 3:11 PM -0800 5/9/98, Spam the President wrote:
>It wouldn't make any sense. Why would a hacker use a military
>site that is actively monitored to hack into a site with less security?

Consider the wonderful irony of hacking into some site and having the blame
go somewhere else.

Consider a somewhat different circumstance. I was recently in Organ Pipe
Cactus National Monument. The southern border of the monument runs across
the US/Mexico border. One of the stops on the tourist drive around the
monument is a parking lot 40 feet from a broken gate in the fence that
marks the border. There is a large sign there suggesting that people not
leave their cars because of recent breakins. There was also broken auto
glass on the ground.

Now, if I were breaking into cars, I would pick that parking lot, rather
than others further north, in hopes that everyone would blame the Mexicans.
Don't think I am sure that the Mexicans are not responsible, just that I
see a chance for some US lowlifes to deflect the blame.

I see the same opportunity in using a hacked Navy computer to hack a marine
mammal site. It may be the Navy, or it may be a hacker with a polished
sense of irony.

0 new messages