Protest against tests goes online, hackers
break into BARC network
Chidanand Rajghatta
WASHINGTON, June 5: An upstart group of hackers called Milworm
broke into the computers and network of India's premier nuclear
establishment, the Bhabha Atomic Research Center (BARC) on
Thursday, read sensitive e-mail and correspondence, and left behind
anti-nuclear graffiti on the BARC homepage.
Saying ''the world is lucky we're so nice,'' Milworm members mocked
BARC's computer security systems and said such break-ins had the
potential for creating terror. They could have easily sent an e-mail
from the Indian server to a Pakistani server threatening a nuclear
strike, Milworm members said.
''It's ironic that India has weapons capable of destroying the world,
but they can't secure a little web server which is connected to their
networks,'' one of the hackers, called Keystroke, said in an Internet
Relay Chat (IRC) with John Vranesevich, founder of the Anti Online,
an Internet magazine dedicated to tracking hacker groups and major
hacking incidents.Vranesevich told the The Indian Express Milworm
was aone of the more prominent hacker groups among the 3,000 the
magazine kept track of. The group had six to eight youths aged
between 15 and 18 and were based variously in the United States,
Holland, Britain and New Zealand. They went by online aliases like
JF, Hamstor, Keystroke, savecore, Venomous and ExtreemUK.
Vranesevich, who is based in Pittsburg, said Milworm members
claimed to have accessed e-mail exchanges between Indian scientists
detailing the results they expected from the nuclear tests and the
actual results they got. ''We have information on their weapons,
their test projectories (sic), everything, and we are doing this from all
over the world,'' one of the hackers boasted. Newsbytes, a
Minneapolis-based online publication, also reported the story about
the BARC break-in. Newsbytes printed a e-mail retrieved by Milworm
which spoke about "increasing the yield of gamma rays in Pm141, an
isotope of the rare earth element Promethium," as proof of the
break-in.
''The slight increase in the yieldof 882 (keV gamma ray) in our alpha
data could be accepted because at lower energy, the population of
the isomer may be more which stabilises after some threshold energy
of the projectile,'' one e-mail said.
On Friday morning, Milworm members reportedly extended their
online pillage, breaking into the computers of other Indian scientific
establishments and reading internal memos and correspondence,
including some relating to supercollider experiments. Explaining how
Milworm went about hacking, Vranesevich said the group first broke
into several American servers, beginning with the NASA-JPL
network in the United States. They then jumped on to a US Navy
server from there to an US Army server before breaking into BARC.
The log files would therefore show the US Army server breaking into
the BARC network, Vranesevich said. The BARC server did have a
firewall (a sort of protection) but it was configured very poorly and
Milworm could bypass it easily, he added. Other online sources said
a separate unidentifiedhacker group also appeared to have infiltrated
the BARC site and replaced the home page on the internal web server
with a message titled ''Just Say No.'' The hacked web page read
''Nuclear Tests in India. This page has been hacked in protest of a
nuclear race between the India, Pakistan and China. It is the world's
concern that such actions must be put to end since, nobody wants
yet another world war. I hope you understand that our intentions
were good, thus no damage has been done to this system. No files
have been copied or deleted, and main file has been just renamed.''
''Stop the Nuclear Race! W Don't Want a Nuclear Holocaust,'' it
ended in large, bold, red letters.
Newsbytes reported on Friday morning that BARC acknowledged
the break-in and blamed it on their use of an old version of Sendmail,
a de facto Internet standard software for running e-mail systems.
''It's a very normal loop hole in sendmail. Definitely, there was some
problem with sendmail, they were using an old version,'' an unnamed
BARCofficial was quoted as saying. Sendmail has previously been
reported to have troubled security-conscious e-mailers. Hacker
groups are the online street gangs of the 1990s. There are over 5000
groups across the world.BARC's preventive measures
The BARC authorities in Mumbai are aware of the hackers problem
and have taken all preventive measures. ''BARC's homepage in the
Internet doesn't contain any information other than the publicity
material - BARC's monthly news letter and information brochures of
various DAE units. The teenagers must have mistook it for some
sensitive technical information,'' said Dekne, a senior scientist at
BARC's computer science division.
When asked about whether the hackers dephased their web site he
said: ''That problem was there but rectified within few seconds. The
teenagers changed the site address and it led to loss of some files.
Anyhow, this is not a serious problem.'' He said that the Internet
node is not connected to any of BARC's computational networks or
otherhi-speed links where important files and other works are stored.
''With facilties like Internet and other hi-speed links, safe-guarding
sensitive is quite a formidable job. But BARC has taken extreme
caution in this regard and there's no need to panic over the reported
news,'' he said.
BARC's Library and Information Sciences director, Dr M R
Balakrishnan said: ''BARC is connected through ERNET to other
DAE units like TIFR, IGCAR and others. Scientists from different
units communicate to their colleagues and friends using this network.
The hackers must have got these ordinary transactions. We use this
network only to publish what we want to say to the public. Nothing
more than that.'' |
