Australian Stock Exchange Crack Attempt Came From US Military Installation

Hamish writes "The Sydney Morning Herald is reporting the US military may have tried to crack the Australian Stock Exchange (ASX). Have a look at the article. No one is actually claiming that the attack was officially sanctioned but the attack did originate from a US military institution. "

Australian security

[PurpleBob]

It's no wonder the Australian site was so secure - any data that looked remotely harmful would be immediately censored out of existence.
--

Two very likely possibilities

[mattdm]

1. The source IP address was spoofed

or

2. The machine from which the attack oriented was, as they say, owned.

--

What bothers me ...

[HalJohnson]

Is if they detect so many attempts (and I doubt they detect them all), why would an obvious spoofed attack be headline news?

Of the "plenty of attacks" on the ASX computer system, Mr Humphry said none had been successful, with "amateurs trying fairly frequently".

Why wasn't this just dismissed as another amateur attempt, instead of slandering the US military. I mean, everyone has problems with their government. I'm no huge fan of ours (US), but considering Oz's track record in regards to technology, this just seems to be an outright insult towards the US.

Are you telling me they honestly believed our military was trying to attack their stock exchange? It simply doesn't make sense.

Mr Humphry said authorities were notified after the hackers from the US military installation tried to break into the site and "broke into another site to achieve that objective".

If they had control of a machine between their servers and the supposedly source, someone with enough technical expertise could make the attack seem like it was coming from literally anywhere. As long as the packets route through that machine, it wouldn't matter.

And even if the attacks genuinely came from a US military institution, I doubt it was from anything but an unsecured web server that was cracked. Of course the article doesn't give many details.

It just bothers me that they'd publish this garbage and make it seem as if that was exactly how it happened, when there are numerous possibilities of how the attempt could've occured. And without any details.

You can try to blame this on the Australian media, but I can't, since they should've dismissed this attack, and the media shouldn't even have been notified.

You guys crack me up

[Chuck+Chunder]

It's funny how an AAP story on a story on an Australian TV program suddenly becomes international news on Slashdot.

From what I recall of the original story on TV (I was half asleep at the time).

1. The ASX gets loads of people trying to get into it.
2. Almost all of these people are idiots who have seen "Wargames" and think they'll give it a try.
3. There have been a few serious (ie more than clueless) attempts, he mentioned two, one from Victoria (the state, not a person), and another which was traced back to a military installation in the US (via a hacked site in New Zealand IIRC).
4. The ASX has pretty good security, using multiple firewalls through which noone has got further than the first. The guy was also very careful not to boast about how good it was or to go into any great detail. He merely stated a few facts.

A lot of you seem to be saying 'well obviously the military box was compromised' as if such a point had never crossed the guys mind.

It seems to me that they simply went to the right source to stop their problem (unless you expect them to hack back in to the US military box to trace the hacker, news at 10, Australian Stock Exchange hacks into US Military site).

That and the fact that they want local laws changed to make prosecuting local hackers easier (as the person from Victoria was traced but could not be prosecuted because he was not caught 'in the act').

Hardly Earth shattering stuff Slashdot.
The Great Chunder Page - Alcohol Induced Fun!