Teens steal thousands of Internet accounts

A group of teen-age computer crackers allegedly used thousands of stolen Internet accounts in various countries including Australia to probe the networks of two national nuclear weapons laboratories, according to law enforcement authorities in California.

At least five crackers, ages 15 to 17, compromised accounts at 17 Internet service providers in the US, Romania and Australia and used the accounts to attack nine targets including the Sandia and Oak Ridge National Laboratories and Harvard University, according to Capt. Jan Hoganson of the Sacramento Valley High-Tech Crimes Task Force in California. The crackers managed to gain root access to computers at Harvard, Hoganson said, but just scanned the national lab networks to look for vulnerabilities. The intruders stole 200,000 accounts alone from San Francisco-based Pacific Bell Internet Services for use in the attack.

According to Hoganson, the stolen accounts were used to scan for open network ports at the labs, which could be used for subsequent attacks. Hoganson emphasised that the laboratory networks themselves weren't compromised. He said law enforcement authorities were notified of the scans December 7, by an El Dorado Hills, Calif.-based Internet service provider called InnerCite, which had received complaints from the labs that accounts it hosted were used in the scans.

"The feds say it was an unwelcome visit, but there was no criminal action committed," said Hoganson, who likened the action to nighttime intruders rattling the doorknobs of a locked business. "Fortunately, the ISP preserved the evidence," he said.

Damian Frisby, a detective with the Sacramento Valley High-Tech Crimes Task Force, said the FBI is now contacting other service providers from which accounts were allegedly stolen. He said the young intruders, who allegedly belong to a cracking group called Global Hell, had been tracked down and contacted by authorities after they bragged of their exploits in Internet chat rooms. While no charges have yet been filed, Frisby said he expects that some of the attackers will eventually be charged with unlawful access of a computer and possibly grand theft.

"One of the first things an ISP considers is to shut these people down -- which is great for security and stops the attack, but it makes it hard for us to track them down," said Frisby. "They should contact law enforcement, but they have to make the decision whether to track them down or cut them off, and we can't tell them what to do."

Frisby noted that while some of the compromised Internet service providers had chosen to cooperate with law enforcement, one, PSINet, demanded a search warrant before taking any action. "We don't want to violate anyone's rights, but it delays the process," said Frisby. PSINet wasn't available to comment on the request.

While the investigation is ongoing, Frisby said service providers should guard against the theft of account data by taking care to update operating systems with current security patches and maintain effective firewalls. "It is a hard job to do because there are new exploits everyday," he said.

Frisby added that many of the compromised Pac Bell accounts used passwords that were easy to uncover using standard dictionary programs that search for known words. He said the attackers somehow obtained a list of 200,000 Pac Bell user accounts and were able to successfully steal the passwords for about 95,000 accounts.

Michelle Strykowski, a spokeswoman for Pacific Bell Internet Services, a subsidiary of SBC Communications, disputed the number of compromised passwords. Strykowski said 63,000 passwords had been decoded, but Pac Bell was still unsure how the accounts were compromised. She said there has been no indication that the account information has been abused elsewhere and no customers have complained.

According to Strykowski, the company sent an advisory to customers January 7, warning of a security breach and advising them to change their passwords to include uppercase and lowercase characters, symbols and numbers, which makes them more difficult to crack. She said Pac Bell's 330,000 California Internet customers were also advised to change their passwords every 90 days and to not use the same passwords for a number of different accounts.

"Security is a top priority for Pacific Bell, and we are working closely with the police, but these hackers have proved to the Internet as a whole that we must maintain vigilance," said Strykowski, who noted that the Global Hell cracking group had also compromised Web sites at the FBI and the White House. "All other ISPs, like Pac Bell, have to constantly scrutinise security and make recommendations to customers to be responsible Internet users and change their passwords."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ann Harrison

PC World
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?