Slashdot Mirror
Australian Stock Exchange Crack Attempt Came From US Military Installation
Hamish writes "The Sydney Morning Herald is reporting the US military may have tried to crack the
Australian Stock Exchange (ASX).
Have a look at
the article. No one is actually claiming that the attack was officially sanctioned but the attack did originate from a US military institution. "
It's no wonder the Australian site was so secure - any data that looked remotely harmful would be immediately censored out of existence.
--
Win dain a lotica, en vai tu ri silota
As a sysop for the Air Force Research Labs, I tell you straight up that I had nothing to do with it whatsoever. The fact that I now own massive shares of Sydney Opera House is a coincidence. Pay no attention to the man behind the curtain.
/.)
phil
(hoping that nobody else in his directorate reads
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
or
2. The machine from which the attack oriented was, as they say, owned.
--
Ok, it seems highly unlikely that the US government would actually be behind this (If you really wanted to do some damage, go after an exchange that's important like the Nikkei, FTSE, etc.) What's more likely is that someone cracked a box which resides under a government domain and did all their telnetting from there. Haven't a couple of the armed services websites been defaced lately? If you can overwrite files you can certainly run telnet. Thus, it may have looked like the attack was coming from a military installation, but was actually just some bored kid who finished his math homework.
I think there is a world market for maybe five personal web logs.
Is if they detect so many attempts (and I doubt they detect them all), why would an obvious spoofed attack be headline news?
Of the "plenty of attacks" on the ASX computer system, Mr Humphry said none had been successful, with "amateurs trying fairly frequently".
Why wasn't this just dismissed as another amateur attempt, instead of slandering the US military. I mean, everyone has problems with their government. I'm no huge fan of ours (US), but considering Oz's track record in regards to technology, this just seems to be an outright insult towards the US.
Are you telling me they honestly believed our military was trying to attack their stock exchange? It simply doesn't make sense.
Mr Humphry said authorities were notified after the hackers from the US military installation tried to break into the site and "broke into another site to achieve that objective".
If they had control of a machine between their servers and the supposedly source, someone with enough technical expertise could make the attack seem like it was coming from literally anywhere. As long as the packets route through that machine, it wouldn't matter.
And even if the attacks genuinely came from a US military institution, I doubt it was from anything but an unsecured web server that was cracked. Of course the article doesn't give many details.
It just bothers me that they'd publish this garbage and make it seem as if that was exactly how it happened, when there are numerous possibilities of how the attempt could've occured. And without any details.
You can try to blame this on the Australian media, but I can't, since they should've dismissed this attack, and the media shouldn't even have been notified.
I agree to some point, if you're going for the golden egg, you might as well go for the goose that laid it. However, one might consider something like this as a small stagin arena for a much larger "project". Yes, this is getting press, but if *I* were a s00p3r cr4c|3r, I'd try my skills on smaller fish before going for the big kahuna.
In either case, it's still an interesting case study and really should remind everyone that the main security concern they must face is not the threat to *their* data, but the threate that someone will use their computer illegally to access *other* peoples' data. Therein lies the real problem.
1. a military host was compromised and then used to attack the Aussie stock exchange,
or,
2. the US Army decided to audit the Aussie stock exchange without authorization.
Quite frankly, I hope it's the latter.
The Military? Bullshit..
. html
The box the attack was launched from was probably cracked.. Military boxes aren't exactly secure..
If you look at
http://www.attrition.org/mirror/attrition/stats
Breakout Total
Government Systems 79
NASA Systems 27
ARMY Systems 19
Military Systems 47
.. and that counts only hacked boxes where the webpage was replaced..
East Timor is currently being used as a pawn by US military to convince the Aussie military that they are not properly prepared for their own defence. While its looking like a full on pissing war between the sides, this should just add more fuel for the fire. Australia has asked the US (its best ally) for help in the E Timor mess and the US said they would not send any troops even though every time the US asked the Oz military for troops, they were sent. Now the US military just lent 4000 suits of body armour and keep adding other little bits of hardware all while politely pointing out that if the Oz government spent a bit more on US made hardware, these little problems wouldn't happen. This little incident just switches things around a bit the other way.
Its based on a point system. There are points awarded for skin color and religion. There are bonus points for nuclear weapons. Lighter skin colors get higher number and darker skin colors get lower numbers. If you are mostly christian or jewish you get bumped up but if you are moslem or hindu or budhist you get bumped down. Yellow people are in a category of their own and are a wild card. Lets score a some countries as an example
Israel: light brown people -1, jewish +1, Nuclear weapons +1. Score 2 first world!
India: Dark brown people -2, hindu religion -1, nuclear weapons +1 score -2 second world!.
Khazakistan: light brown people -1, nuclear weapons +1, moslem religion -1, score -1 second world.
Japan: Budhist/shinto -1, no nukes 0, yellow people +3 (Wild card!) score +2 first world!
You can use this simple guide to determine where in the world countries stand. Politicians use a very similar guide to set foreign policy too!.
I hope I was able to clarify this for you. In guess who is coming to dinner there is a quote that I love.
If you're white you're all right
if you're brown stick around
if you're black stay back!
War is necrophilia.
I've simply got to reply to all the "It was a spoof" posts (about 13 when I counted). My God you people speculate a lot! Read the article, It literally says we traced it back as far as possible and it landed in an IP range that is associated with the particular US military base.
Now, chances are the would be cracker targeted the ASX, believing it to be inferior, for personal gains or whatever, but failed.
The fact that it seemed to have come from another source, after originating from the Military base would indicate that the 'owned' box was where the guy was going to have his trail end. I would say he was literally 'caught in the act' before he covered his path at this point. Routers pass a lot of information on and it is oh so possible to link back spoofed IP's to the source route. On a wide area scale, spoofed IP's do not return to the host very easily. If the connection is open, the trace can be made to the source IP.
Now for my 2c worth: It would not surprise me one bit if he just dialed-in to a MIL server that he just 'happened' to have a number for, so was designated an IP in their adress range. If this guy was any good though, he would have removed any evidence of ever actually having dialed in though. IMO, this is about the only plausible explaination.
You can break the law all you like -- until you're caught. Remeber one thing. It is only the dumb criminals that are in jail.
Dan. -- So what if it's spelt wrong, nobody's perfect
I can't believe the other post got moderated up to a +2 interesting! The terms have nothing to do with skin color, and certainly not a point system!
The reference to 1st, 2nd, 3rd world date back to a paper by a political geographer (whose name escapes me) he used 1st world to describe the "free nations", 2nd world to describe the USSR and it's children.
And 3rd world was used to describe the "Unaffiliated" countries.
Zl
It's funny how an AAP story on a story on an Australian TV program suddenly becomes international news on Slashdot.
From what I recall of the original story on TV (I was half asleep at the time).
1. The ASX gets loads of people trying to get into it.
2. Almost all of these people are idiots who have seen "Wargames" and think they'll give it a try.
3. There have been a few serious (ie more than clueless) attempts, he mentioned two, one from Victoria (the state, not a person), and another which was traced back to a military installation in the US (via a hacked site in New Zealand IIRC).
4. The ASX has pretty good security, using multiple firewalls through which noone has got further than the first. The guy was also very careful not to boast about how good it was or to go into any great detail. He merely stated a few facts.
A lot of you seem to be saying 'well obviously the military box was compromised' as if such a point had never crossed the guys mind.
It seems to me that they simply went to the right source to stop their problem (unless you expect them to hack back in to the US military box to trace the hacker, news at 10, Australian Stock Exchange hacks into US Military site).
That and the fact that they want local laws changed to make prosecuting local hackers easier (as the person from Victoria was traced but could not be prosecuted because he was not caught 'in the act').
Hardly Earth shattering stuff Slashdot.
The Great Chunder Page - Alcohol Induced Fun!
Boffoonery - downloadable Comedy Benefit for Bletchley Park
C'mon mate, get a grip on reality.
Firstly, countries are not "literally at war" until there is a public declaration. Have you heard one of these? Of course, this doesn't exclude a campaign of dirty tricks or covert interfearance like the US involvement in Afghanistan in the mid 80's.
Secondly, the US and Australia are firm allies. This doesn't mean that each country isn't soverign, and sometimes their national interests clash. However, it is on nothing as important as national security. Remember that Australia hosts some important US satellite bases on its soil. Now, of course, the US military will not grind to a halt without these bases, but they are important "assets".
Finally, invasion of Australia from the north is a subject that has engaged the brains of Australian military planners for a long time. Summary: it would be extremely difficult and probably couldn't be done by anyone except the US itself. Remember that after the city of Darwin on the coast, to the south there is 2000km of really nasty desert. To the east there is 2000km of really nasty crocodile infested tropical rainforest. Logistics for supporting an invasion over that kind of terrain is Australia's defense.
Not only that, every time I end up with Australia in RISK, I end up kicking ASS!
"The number of suckers born each minute doubles every 18 months."
These are my friends, See how they glisten. See this one shine, how he smiles in the light.