Slashdot Mirror
Australian Stock Exchange Crack Attempt Came From US Military Installation
Hamish writes "The Sydney Morning Herald is reporting the US military may have tried to crack the
Australian Stock Exchange (ASX).
Have a look at
the article. No one is actually claiming that the attack was officially sanctioned but the attack did originate from a US military institution. "
This is all very odd; no offense to our Australian friends, but if you were going after a foreign stock market, wouldn't you take Tokyo, London, or Berlin?
----
Am I the only one who thinks Microsoft is a misnomer? Perhaps Macrosoft would be a better fit?
UhOh! I sure hope this isn't grounds for WW III ;)
It's no wonder the Australian site was so secure - any data that looked remotely harmful would be immediately censored out of existence.
--
Win dain a lotica, en vai tu ri silota
As a sysop for the Air Force Research Labs, I tell you straight up that I had nothing to do with it whatsoever. The fact that I now own massive shares of Sydney Opera House is a coincidence. Pay no attention to the man behind the curtain.
/.)
phil
(hoping that nobody else in his directorate reads
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
or
2. The machine from which the attack oriented was, as they say, owned.
--
Scary thought about what could happen if this happened to, say, Russia, and cooler heads did not prevail. Or between India and Pakistan, except those two really do assault each other's systems all the time.
(Note: I don't actually believe the USMil is behind this...)
My Freakin Blog
1000 monkeys with 1000 typewriters can write the great American novel.
So I guess 100 Kangaroos with 1000 whatever-machine-they-use-down-there can create the server the US Government can't break into.
Fear the power of the Roo.
Ok, it seems highly unlikely that the US government would actually be behind this (If you really wanted to do some damage, go after an exchange that's important like the Nikkei, FTSE, etc.) What's more likely is that someone cracked a box which resides under a government domain and did all their telnetting from there. Haven't a couple of the armed services websites been defaced lately? If you can overwrite files you can certainly run telnet. Thus, it may have looked like the attack was coming from a military installation, but was actually just some bored kid who finished his math homework.
I think there is a world market for maybe five personal web logs.
Is if they detect so many attempts (and I doubt they detect them all), why would an obvious spoofed attack be headline news?
Of the "plenty of attacks" on the ASX computer system, Mr Humphry said none had been successful, with "amateurs trying fairly frequently".
Why wasn't this just dismissed as another amateur attempt, instead of slandering the US military. I mean, everyone has problems with their government. I'm no huge fan of ours (US), but considering Oz's track record in regards to technology, this just seems to be an outright insult towards the US.
Are you telling me they honestly believed our military was trying to attack their stock exchange? It simply doesn't make sense.
Mr Humphry said authorities were notified after the hackers from the US military installation tried to break into the site and "broke into another site to achieve that objective".
If they had control of a machine between their servers and the supposedly source, someone with enough technical expertise could make the attack seem like it was coming from literally anywhere. As long as the packets route through that machine, it wouldn't matter.
And even if the attacks genuinely came from a US military institution, I doubt it was from anything but an unsecured web server that was cracked. Of course the article doesn't give many details.
It just bothers me that they'd publish this garbage and make it seem as if that was exactly how it happened, when there are numerous possibilities of how the attempt could've occured. And without any details.
You can try to blame this on the Australian media, but I can't, since they should've dismissed this attack, and the media shouldn't even have been notified.
C'mon. This kind of crap is what I'd except from ZDNet. Slashdot lending even the slightest bit of legitimacy to this joke makes my stomach churn.
Blar.
So now the Australians are going to 'upgrade' their laws? This is reminiscent of The Onion article on the US constitution v2.0. Really, a good look at the article can tell you a lot about the slant. Computer analogies are beginning to be overused IMHO.
I am that that is, not that that is not, that is.
Its amazing how Americans always seem to come up with the idea that we have really strict censorship in Australia.
I can tell you right now there is more censorship in the US. It is mainly about the application of the laws that matters, and here the laws are applied in an appropriate maner (mostly).
In case you are wondering why this was reported (about 24 hours ago), the guy is supposed to report such attacks and the rest is just a media beatup.
Do I trust the US, not really.
We are one people. With one will. One resolve. One cause. We shall prevail!
1. a military host was compromised and then used to attack the Aussie stock exchange,
or,
2. the US Army decided to audit the Aussie stock exchange without authorization.
Quite frankly, I hope it's the latter.
The Military? Bullshit..
. html
The box the attack was launched from was probably cracked.. Military boxes aren't exactly secure..
If you look at
http://www.attrition.org/mirror/attrition/stats
Breakout Total
Government Systems 79
NASA Systems 27
ARMY Systems 19
Military Systems 47
.. and that counts only hacked boxes where the webpage was replaced..
i sort of doubt the government had any involvment or knowledge of the hack. i bet it was some people hacking from .gov machines. remember folks anyone can use any machine if they have access, and cover it all up.
.gov is notorious for having bad security. .gov computer nerds yet ;)
and if it hasnt been said enough yet,
dont go bashing innocent
tyler
Okay, I think this is going too far. I seriously doubt that the US military would hack the Australian Stock Exchange. But it sure makes a good media pitch.
.mil host has been compromised, then I'd be waiting to see which major computer system the US military tries to crack into next. Hackers use other systems as jumping points. They don't, for example, hack/crack directly from their own system. They might have a trail of maybe 5 or 6 hosts between them and their destination. the .mil host just happens to be the last one before the asx system.
If a
It makes things more challenging for the hackers, and almost impossible for admins if the owner of any one of those hosts along the line doesn't know what they are doing.
Now if one of those systems was an NT box, or a socks5 proxy (perhaps an open insecure wingate) with open access, then there would be little chance of the hacker/cracker being found.
-zardoz
this is a possible. I dont know if any slashdotters at the moment realise australian troops are in east timor enforcing the peace. This could be an indonesian 'crack' posing as a US IP.
given the current state of affairs this is a possibility.
peterrenshaw ~ Another Scrappy Startup
East Timor is currently being used as a pawn by US military to convince the Aussie military that they are not properly prepared for their own defence. While its looking like a full on pissing war between the sides, this should just add more fuel for the fire. Australia has asked the US (its best ally) for help in the E Timor mess and the US said they would not send any troops even though every time the US asked the Oz military for troops, they were sent. Now the US military just lent 4000 suits of body armour and keep adding other little bits of hardware all while politely pointing out that if the Oz government spent a bit more on US made hardware, these little problems wouldn't happen. This little incident just switches things around a bit the other way.
I don't reckon Military computer security would be any better than anyone else's. Probably worse, seeing as how you can generally make more money with computers in the private sector than you can in military. Wouldn't surprise me in the least if a lot of the systems in the military -- especially the unclassified areas -- had security weaknesses going back five to ten years.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
IP spoofing is a myth. It can be done on a lan, but the laws of tcp/ip simply forbids it on the net. This is probably fake information the aussie government put out to get the media all rowdy. Clearly the government is furthering their attempts censor the net. How far will they go? Then again it could be real and some idiot government hired script kiddie forgot to cover their tracks.
--
Karma: -1,257,423
if you can't beat 'em might as well join 'em
With all the secret agent men, contingency plans for contingencies which may or may not have contignency plans, and the number of really smart people they pay just to "think" about a problem and find a solution, I find it difficult to belief they'd be dumb enough to try to gained unauthorized access into a "high level" type machine/network from their own network. If they were really going to do such a thing, they'd setup an account with sprintlink or something...
C'om on guys.. it hadda been spoofed..
:-)
On top of that.. I'd be willing to bet it was one of our own guys....
in fact.. i'd bet a new athlon that it was one of ours AND either from tasmania/queensland or over here in western australia..
(but that doesn't mean we can turn our backs on you yankees yet... *grin*)
"Consider how lucky you are that life has been good to you so far. Alternatively, if life hasn't been good to you so far
...Undoubtedly trying to affect the price of those tasty Aussie Beef Snacks.
by Mike Buddha -- Someday the mountain might get him, but the law never will.
The .mil machine in question was most likely owned first. I wonder if broadsheet and lower quality papers will bother to explain concepts like "telnet" or "ssh" (let alone IP Spoofing!!) to their non-computer-literate readers. This might raise interesting questions - I mean if cyberwarfare's the future, and the media have such a shaky understand of technology and feel even less dutiful about reporting on it (see the RSA cracking story recently) 'God help us' .
I've simply got to reply to all the "It was a spoof" posts (about 13 when I counted). My God you people speculate a lot! Read the article, It literally says we traced it back as far as possible and it landed in an IP range that is associated with the particular US military base.
Now, chances are the would be cracker targeted the ASX, believing it to be inferior, for personal gains or whatever, but failed.
The fact that it seemed to have come from another source, after originating from the Military base would indicate that the 'owned' box was where the guy was going to have his trail end. I would say he was literally 'caught in the act' before he covered his path at this point. Routers pass a lot of information on and it is oh so possible to link back spoofed IP's to the source route. On a wide area scale, spoofed IP's do not return to the host very easily. If the connection is open, the trace can be made to the source IP.
Now for my 2c worth: It would not surprise me one bit if he just dialed-in to a MIL server that he just 'happened' to have a number for, so was designated an IP in their adress range. If this guy was any good though, he would have removed any evidence of ever actually having dialed in though. IMO, this is about the only plausible explaination.
You can break the law all you like -- until you're caught. Remeber one thing. It is only the dumb criminals that are in jail.
Dan. -- So what if it's spelt wrong, nobody's perfect
Why on earth would australia fabricate such a wild story??
Most astralians are simple especially our journalists and politicians.
No Body seem's to think that mabey the US didnt do it, mabey it was the bored system administratior?
Australia has every thing to lose here....
No No you americans have got it all wrong, Atm as you may well all know Australia is literally at war with Indonesia over their handling of the whole East Timor independance deal.
But really and truly the only thing that is stopping Indonesia from declaring war on Australia is the presense of International military espically from the United States, who are believed to be the most powerful military force in the World
Possibly they thought they could piss us Aussies off by *trying* to hack out ASX from The US Military whom we believe to be our friends
Someday, we'll look back on this, laugh nervously and change the subject.
The media in Australia is owned by Rupert Murdoch and Kerry Packer. They have no interest in opposing the Internet censorship proposals because it would help people inform themselves rather than relying on Murdoch and Packers bullshit generators.
The Australian Government, most notably Senator "dick" Alston are pushing for Internet censorship in Australia. They need media beatup, overkill and sensationalism to push their warped little barrow.
This article is to make the plebs feel that the government is doing the right thing keeping all Australians, especially little children, safe from all us evil paedophile 'net users.
getting a free telnet account on a .mil account sounds like fun if a bit dangerous. lots of free disk space, a good connectivity, and if you use a password cracker on a thing that has any security they accuse the US military and you get on /.,..
I bet they all use their girlfriend's first name as password too. I know that is how it works in the french army. The sysop is a private, and when you are a private you do not want to tell an officer that 'barbara' is not a secure password.
Not that the french army is connected to the net either but they lock their windows box so that nobody beats their Tetris hi-score.
way too much fun!
---
Dev elpizw tipota, dev phoboumai tipota eimai lephteros http://euclidian.org
It's funny how an AAP story on a story on an Australian TV program suddenly becomes international news on Slashdot.
From what I recall of the original story on TV (I was half asleep at the time).
1. The ASX gets loads of people trying to get into it.
2. Almost all of these people are idiots who have seen "Wargames" and think they'll give it a try.
3. There have been a few serious (ie more than clueless) attempts, he mentioned two, one from Victoria (the state, not a person), and another which was traced back to a military installation in the US (via a hacked site in New Zealand IIRC).
4. The ASX has pretty good security, using multiple firewalls through which noone has got further than the first. The guy was also very careful not to boast about how good it was or to go into any great detail. He merely stated a few facts.
A lot of you seem to be saying 'well obviously the military box was compromised' as if such a point had never crossed the guys mind.
It seems to me that they simply went to the right source to stop their problem (unless you expect them to hack back in to the US military box to trace the hacker, news at 10, Australian Stock Exchange hacks into US Military site).
That and the fact that they want local laws changed to make prosecuting local hackers easier (as the person from Victoria was traced but could not be prosecuted because he was not caught 'in the act').
Hardly Earth shattering stuff Slashdot.
The Great Chunder Page - Alcohol Induced Fun!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
> There is a pronounced 'i' in "aluminium", In fact Aluminum and Aluminium came into existence at about the same time, thus both are correct. Read Bill Bryson's "Made in America" for an excellent history of American English - and America.
Almost exactly the same GNP and growth rate.
India has about 50 times as many people
You forget such things as "level of corruption" and "openness of economy".
How about "per capita GNP".
I agree with your sentiment though.
Well he seems pretty sure that no one has breached their outside firewall. How can he be so sure though?
Similar to: 90% crime is never reported -> 90% of hackers are never detected...
I can understand the reason for using a Multilayer firewall to build a secure demilitarised zone in your network, but if you are accepting incoming packets through both firewalls to your internal network then the method of exploiting is exactly the same, say, as if you have 1,3 or 100 layers of firewalls, because the packets will pass through them all (assuming they match the firewall criteria as valid packets)
I expect plenty of hackers are now also armed with the extra information that there is another firewall beyond the first, because if they get access to a host within the demilitarised zone they now know what to look for (another firewall).
Making this into a media-thingie about "US attacking australia" is absurd. The .mil box was obviously cracked. Some scriptkiddie playing around with a remote-exploitable bufferoverflow-script-thingie that the military has been to lazy to plug. Then the australian site was attempted for some reason. Maybe some australian from the 'attempted cracked domain' had @ status on some big IRC channel..
--
"Rune Kristian Viken" - http://www.nwo.no - arca
its trivial to spoof your IP into a different ADDRESS when portscanning a box...
You've got to get packets back to yourself, to get to know what ports are open. In other words -- it's not that easy. You've got to be "in between" so that you can packetsniff the packets coming from the host you're scanning, and the address you've spoofed.
(correct me if i'm wrong)
--
"Rune Kristian Viken" - http://www.nwo.no - arca
The real question here is what the hell is the ASX database doing connected to a public network at all? Firewalls or not, a database that can be harmed by tampering doesn't belong on a public network. The ASX is just airing its bad security practices.
...the attack came from a .mil IP? All the article says is that it came from "a US military installation". That could mean the attacker was actually some kid whose dad is stationed on an Army base in Nevada.
01101100 01101001 01101110 01110101 01111000 01110010 01110101 01101100 01100101 01110011
> You've got to get packets back to yourself, to
> get to know what ports are open. In other words
> -- it's not that easy. You've got to be "in
> between" so that you can packetsniff the packets
> coming from the host you're scanning, and the
> address you've spoofed.
>
> (correct me if i'm wrong)
What's often overlooked is that 'in between' can be *either* in between the scanner and the victim or the victim and the spoofee. If you do the second part, it's more likely that you'll have a case of denyability if you're also the spoofee if you can route the replies to the spoofed packets out-of-band.
"We were sniffing our network that day because we seemed to be under some sort of attack, here're the logs and you can see that we didn't send any traffic out, it must have been spoofed" is possibly a good defense in such situations, especially if the spoofee is say a college network with a significant number of hosts and shared media.
Paul
http://www.pauldrobertson.com
Actually I always thought it's the berlin DAX, at least that's what the BBC always reports. German news reports about 6 different exchanges throughout the country from each major city. Not all the exchanges are in on city like New York.
-----
Do you even know anything about perl? -- AC Replying to Tom Christiansen post.
I'd heard (no I can't find any corroboration for this at all :-) that the reason it is spelt aluminum in America is that someone made a typo when doing a patent application. May well just be a UL, but for what its worth I heard it from some US academic speaking at a graduation dinner at an Australian university.
Information is a tool. It doesn't take a genius to realise that the ASX generates a hell of a lot of information and that there are many people tapping into it (or perhaps you think someone is typing in all those stock tickers).
An ASX separated from the outside world would be much less useful.
Oh, and what part of the article mentioned 'the ASX database' (whatever that means!) and what bad security practices does it reveal?
Surely you aren't suggesting that using multiple firewalls is a bad idea?
The Great Chunder Page - Alcohol Induced Fun!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Oh yeah, I'm sure that now crackers are 'armed' with the knowledge that there are more than two firewalls they'll be into the thing in minutes.
I mean, multiple firewalls on something pretty important to the economy, who'd a thunk it?
The Great Chunder Page - Alcohol Induced Fun!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Oh no, look out. Yet another hack attempt comming from a military outpost or educational institution.
Who woulda thought? (Gee) Sure is hard to bust into these mammoth vaults that have similar securities to... "A brick of swiss-cheese". Get with it clan. People have been using military systems and ARPANET for years as not only a target, but a drop point to break into other systems. Not very much news here. What would be the icing is if someone found out it was Kevin Mitnick.
Stick a fork in it: ding I'm done.
-Bf
Hello, I don't want you to think that I am some paranoid phreak. But whom in this country (US) likes to attempt unauthorized and unsanctioned cracks on other country's boxen. Anyone remember the little TLA referred to as the NSA.
Why? Well why not it, was a challenge to their skills and it can give them an insight to depth of security other countries implement.
Why make it appear to originate from a US military installation? Because then it would be easily dismissed as a spoof attack. Because we all believe the US Military is neither intelligent enough to attempt to crack the system, nor do we believe they are stupid enough to try. Also with all of the compromised US military boxen it gives the military a perfect out. This way no one gets blamed except for the Airman acting as sysop over that box who just got demoted for failure to secure it and almost causing an international incident.
Remember US intelligence agencies do some pretty harry stuff afterward they can then classify it without fear of reprisal. Because remember, it is for the sake of national security. Well, that and there is no one in this country with balls enough to keep them in check.
"Help me Obi-/.-Kenobi,your my only hope!" -$
For the younger generation. Read Clifford Stoll's book "The Cuckoo's Egg". It will shed a bit of light on the abilities (or lack there of) of the US government.
Story One: "US Military launches Minuteman II Missile from Vandenburg Range in the general direction of Australia. US claims that the missile was 'modified' to prevent nuclear detonation, and anyway, they shot it down with an ExoAtmospheric 'kill' Vehicle. Not many hurt." Story Two: "US Military Installation in Western California launches attack on Australian Stock Exchange Server. Not many hurt" Just what have you guys got against the Aussies anyway? If I were Australian I'd be starting the get paranoid. Feed The Hungry. Save the Whales. Free the mallocs
Story One:
"US Military launches Minuteman II Missile from Vandenburg Range in the general direction of Australia. US claims that the missile was 'modified' to prevent nuclear detonation, and anyway, they shot it down with an ExoAtmospheric 'Kill' Vehicle. Not many hurt."
Story Two:
"US Military Installation in Western California launches attack on Australian Stock Exchange Server. Not many hurt"
Just what have you guys got against the Ozzies anyway? If I were Australian I'd be starting the get paranoid.
Feed The Hungry. Save the Whales. Free the mallocs
Well you would be wrong. The name arose from the material it was originally extracted from: "Alum". The metal's name came from this on both sides of the Atlantic.
Did you mean 'hacker' or 'cracker'?
Do you know the diffrence? I don't think you do.
was, last time I heard, not an Australian
Open Source. Closed Minds. We are Slashdot.
and like no American would ever make a comment without adhering to a burden of proof? ;P
Open Source. Closed Minds. We are Slashdot.
The ASX survived pretty well and was one of the very few that did. If we fell on our arses now, I can guarantee you in the US would feel the effects.
Open Source. Closed Minds. We are Slashdot.
*Removes tongue from cheek*
Open Source. Closed Minds. We are Slashdot.
cheers
marty
"I can't buy want I want because it's free. Can't be what they want because I'm me." -Corduroy, Pearl Jam
With all due respect. BIG DEAL. So someone doesn't like Aussies. No-one likes everyone.
$sarcasm on$
The English don't like the Germans. The Belgians don't like the Dutch. Many people don't like the USA. No one likes the French.
$sarcasm off$
But really, it doesn't matter at all whether Indonesians as a race like or dislike Aussies.
What matters somewhat is a country's official foreign policy. What matters a lot from Australia's point of view is the US's official foreign policy. This real-politik has served Australia well since the war.
I agree that having your embassy shot at is not great. However, this is why the people representing Australia over there are called "diplomats". They are supposed to be diplomatic about these kind of things.
If embassies are consistantly shot at, to the outside world, the host nation just looks incompetent for not being able to keep peace on their streets.
Finally, everyone in politics (even Nth Korea) realises that the firing of a missile which hits a foreign country is an act of war - and these days will probably get a multinational force arrayed against them. And anyway, why would Indonesia provoke a shooting war that they could never win with one of their biggest trading partners?