Army servers were breached …
by Turkish hackers.
Hackers based in Turkey penetrated two U.S. Army Web servers and redirected traffic from those Web sites to other pages, including one with anti-American and anti-Israeli messages, according to a report in InformationWeek.
The hackers, who go by the group name “m0sted,” breached a server at the Army’s McAlester Ammunition Plant in Oklahoma on January 26 and a server at the U.S. Army Corps of Engineers‘ Transatlantic Center in Winchester, Va., on September 19, 2007, the report said.
It is unclear whether any sensitive information was accessed, according to the report.
Search warrants have been served on Microsoft, Yahoo, Google, and other ISPs and e-mail providers, while a criminal investigation is underway at the Defense Department, the U.S. Army’s Judge Advocate General’s Office, and the Computer Emergency Response Team, InformationWeek reported.
The same group defaced the United Nations Web site in 2007, also using a SQL injection attack. (Source: Turkish hackers breached U.S. Army Servers – CNET Security)
So where the servers being patched on a regular basis? Seems that a patch would have prevented this attack.
Related articles by Zemanta
- Anti-U.S. Hackers Infiltrate Army Servers (comsecllc.blogspot.com)
- Advanced SQL injection to operating system full control (short version) (slideshare.net)
- Hackers Breached US Army Servers (it.slashdot.org)
Posted on June 23, 2009, in attacks, computer network, Federal Government, Security breach, vulnerability and tagged Google, Microsoft, Microsoft SQL Server, U.S. Army, U.S. Army Corps of Engineers' Transatlantic Center in Winchester, United States, United States Army Corps of Engineers, Yahoo. Bookmark the permalink. 1 Comment.