AOH :: ISN-3009.HTM

Hacker erases files from Barrington town website




Hacker erases files from Barrington town website
Hacker erases files from Barrington town website



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-630844985-1158313848=:29865
Content-Type: TEXT/PLAIN; charset=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE

http://www.eastbayri.com/story/287578433919942.php 

By Scott O'Connell
September 14, 2006

BARRINGTON - An international computer hacker erased an entire database 
of town documents from the Barrington town website last Tuesday. Instead 
of a list of links to archived meeting minutes and agenda files, web 
surfers on the "town documents" page found a repeated message that 
morning: "HACKED BY ENO7 (TURKISH) (NOWAR)."

The online prank was apparently the work of a Turkish hacker who has 
also infiltrated the databases of several other websites around the 
globe in the past few months. Apart from the vague message on the 
Barrington website, the hacker has elaborated in past hacks that he or 
she is organizing a cyber protest of the Lebanon-Israeli conflict of 
this summer.

According to Adam Kyle of Intap, the Providence-based Internet provider 
that hosts Barrington's online file database, the hacker used a 
procedure called SQL injection that automatically searched the world 
wide web for loopholes in database code.

"It's not one person doing this =C2=97 it's an automated process," he said, 
adding that the hacker did not target Barrington's site specifically nor 
gain access to any information that wasn't already available to the 
public.

"It's an everyday thing you have to look out for," Mr. Kyle said of 
eno7's hacking technique. "It's fairly common, but it's also easy to 
protect against."

According to town webmaster Joe Shansky, the hack was apparently 
localized to the "town documents" page and did not affect the rest of 
the website, which he said was html-based and thus not prone to code 
hacks. Barrington Finance Director Dean Huff, who alerted Mr. Shansky to 
the hack Tuesday morning, added that it did not affect the town hall's 
computers and databases either.


First time hit

Mr. Shansky, who quickly fixed the page last Tuesday, said this was the 
first year in which the public database was featured on the town 
website.

"That's what you get for going modern," he quipped. "This was really 
just a malicious thing."

On Thursday, Mr. Huff said the town was in the process of uploading 
files back onto the database. Internet users can in the meantime go to 
the Rhode Island Secretary of State's website to access most town 
meeting agendas and minutes.

Mr. Shansky said that Intap would adjust the database code to close up 
the loophole that led to the hack. He also stated that this incident was 
the first such hack to affect Barrington's website in his nine years as 
town webmaster.

Mr. Kyle said that Intap, which has been Barrington's provider since 
1997, had not received any other reports of eno7 hacks from the 
company's other clients. He mentioned that this particular hacker had a 
worldwide notoriety, however.

"[Eno7's] agenda ... has a lot to do with the conflict in the Middle 
East," he said. In order to reach a worldwide audience, Mr. Kyle said 
the hacker built a "bot" program that automatically sends out messages 
to Internet databases that detect breaks in code.

In the past two months, eno7 has hijacked hundreds of web pages 
throughout the Internet, from government pages on Denver's city website 
to the electricity information page on Cape Town, South Africa's 
website. In most cases, the hacker used the same repeated message in the 
Barrington website hack, but occasionally issued a more detailed 
explanation.

On the website www.eyesofeurope.org, for example, the hacker replaced 
the main home page with a black screen and white type outlining his 
group's modus operandi on July 29. That hack also revealed that two 
other international hackers (or hacking groups) were involved in the 
prank: Byond crew of Chile and XTech Inc of Argentina.

"Lebanon-Israel ... STOP! No war - peace, that's all," the hacker wrote. 
"Hey admin, don't worry not just your page was defaced. This is just a 
cyber-protest ...! Join us!!"

Under U.S. federal law, a convicted hacker can face up to 20 years in 
prison and/or fines of thousands of dollars, depending on the severity 
of the crime (computer hacking is covered under Fraud and False 
Statements).

The hacker apparently did not worry about being caught - he included his 
e-mail address at the bottom of that page in July.


Hacked! Town's site hit

Barrington's town website - www.ci.barrington.ri.us - lost an entire 
page's worth of town meeting minutes and agenda files last week to a 
Turkish hacker. The rest of the site remained unaffected, and as of 
Friday the town was in the process of uploading agendas back onto the 
hacked page.

* The affected page was www.ci.barrington.ri.us/government/documents.asp 
  - the website's online database for archived meeting and agenda files. 
  On Thursday, these were all erased from the main page, probably due 
  to a glitch in the coding that enabled the hack.

* The hack did not affect the website's other pages, which were 
  html-based and therefore not vulnerable, nor did it affect the town 
  hall's computers and databases, according to town officials.

* According to a representative from Intap, Barrington's web service 
  provider, the hacker randomly targeted the town website, and did not 
  steal any information not already available to the public.

* The database feature, installed on the town website earlier this year, 
  was an "additional service," said town financial director Dean Huff. 
  Residents can also access online meeting postings at the Secretary of 
State's website at www.state.ri.us. 


--1457021584-630844985-1158313848=:29865
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_________________________________
HITBSecConf2006 - Malaysia 
The largest network security event in Asia 
32 internationally renowned speakers 
7 tracks of hands-on technical training sessions. 
Register now: http://conference.hitb.org/hitbsecconf2006kl/ 
--1457021584-630844985-1158313848=:29865--

Site design & layout copyright © 1986-2014 CodeGods