Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Hacked European Union Site Pulled Offline

Hacked European Union Site Pulled Offline

by platon on June 16th, 2001 A European Union-sponsored Web site that has been hacked twice in the past week has been pulled offline until at least Monday in order to upgrade security, according to the site's project manager.


The site, SaferInternet.org, whose mission is to promote safer use of the Internet, went live three weeks ago. The site is managed for the European Commission - the EU's executive body - by Ecotec Research and Consulting Ltd. of Birmingham, England.



Tara Morris, an Ecotec consultant based in Brussels and project manager of SaferInternet.org, told Newsbytes he believes there is a connection between the hacking of SaferInternet.org and EU proposals last week to increase the level of Internet and communications security in Europe.

"I think it is very likely," he said.

However, he noted that SaferInternet.org's mission has nothing to do with Internet security. He said the Web site's goal is to eradicate illegal and harmful Internet content, for example, by helping people find advice on reporting illegal content or on filtering and rating software.

The first attack on SaferInternet.org occurred on June 6, the day after the EU announced its Internet security proposals. Hackers found two security holes, one of which was linked to Microsoft Corp.'s Index Server software, Morris said. The hackers were able to retrieve names and e-mail addresses on a distribution list. The security holes were plugged and the Web site put back in operation.



But hackers struck again the evening of June 12. And this time they defaced the Web site with defiant taunts, saying: "This is our world! We are god and we make the rulezzzz. Happy finding us! The Netherlands is the place!"

The hackers also left two URLs, one pointing to a Web site touting an upcoming event for hackers and the other allowing anyone opening the Home Page of SaferInternet.org to open up a page displaying e-mail addresses in the database.

A picture of the defaced site can be seen on Securitydatabase (http://www.securitydatabase.net ), a Dutch security organization. (http://security.synnergy.net/forum/viewtopic.php?TopicID?58 )



Morris said that SaferInternet.org's database contained about 750 names and corresponding e-mail addresses of people who had subscribed to its mailing lists. Of those, 200 to 250 names and addresses had been opened to the public.



A spokesman for the EU's top information technology official Commissioner Erkki Liikanen told Newsbytes that the hacking attacks were cause for embarrassment and concern.



The European Commission will review management of the Web site and whether a change needs to be made, said Liikanen spokesman Per Haugaard. "No decision has been taken yet, but we are seriously concerned," he said.



Morris said SaferInternet.org was not the only site shut down, that the other "16 to 20" sites Ecotec manages on the same server also were hit. He said one of those was Ecotec's company site (http://www.ecotec.com), but declined to name other sites.



"This has caused embarrassment for both us and the (European) Commission," he said.



Morris said Ecotec is consulting with several experts in order to make its Web server more secure and to identify the hackers.



"We will be more secure when we go back online," he said. "But there is no guarantee. Every Web site is vulnerable."


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »