Army denies reports that Web site was hacked
March 21, 2003
A U.S. Army spokesman denied media reports that a computer hacker attacked an Army Web server recently, supporting a Department of Defense claim that there have been no successful assaults on any military computer as a response to the pending war with Iraq.
On Monday, MSNBC reported that a computer intruder armed with a new attack tool took over an Army Web server.
Microsoft issued a warning that a flaw was exposed in Microsoft IIS 5.0, a program used to run Internet servers.
“Any attacker who can reach a vulnerable web server can gain complete control of the system and execute arbitrary code in the Local System security context,” a warning bulletin from Microsoft states. “Note that this may be significantly more serious than a simple web defacement.”
MSNBC cited unnamed sources as reporting that several Web sites with “.mil” domain names had been targeted. The first attack allegedly took place last week.
According to PC World, the attack compromised a server managed by the Army but not part of its Web site infrastructure. The server was not performing any important functions or storing sensitive information, the report stated.
“It was a totally useless Web server doing nothing whatsoever,” Russ Cooper, a representative of TruSecure Corp., told PC World.
Microsoft declined to name the customer affected by the hack attack.
The Pentagon denied any such attacks.
“We have not heard anything about such an attack,” Matt Konkler, a DOD press officer, said Wednesday. “As far as we know, nobody had been attacked in the DOD.”
“To the best of our knowledge, an Army system was not attacked,” said Col. Ted Dmuchowski, director of Information Assurance, Network Technology Enterprise Command.
“That being said, we do consider operating and defending the Army’s computer networks to be no different than managing and defending the physical battlefield,” he said “We are aware of the vulnerability in the IIS5.0 server software and we have taken measures to push the appropriate patch down to all Army networks.
“For security reasons, we don’t discuss operational issues; that is, we don’t discuss what specific measures we take under these circumstances,” he said.
Dmuchowski said the latest attack, “although dramatic for news headlines, is not a first.”
“Hackers find vulnerabilities before vendors know about them all the time,” he said. “In fact, that is where some vendors first find out about these vulnerabilities.”
Attacks on government Web sites by computer hackers once war is declared is not a matter of if, but when, security analysts say. And it’s not just government systems that are at risk.
In Japan, for example, Internet security companies are warning that Japanese businesses may be at risk to cyber terrorism because of Japan’s declaration of support for a possible U.S.-led attack on Iraq.
The Information Technology Security Center, affiliated with the Ministry of Economy, has warned computer system operators to take precautionary measures to protect their systems.