The FBI is distracted from investigating serious digital crimes by its massive manhunt for the hackers responsible for the cyber-equivalent of graffiti, several security watchers said Wednesday.
With the FBI executing 16 search warrants in 12 cities, U.S. attorney Paul Coggins said Wednesday the Federal Government's "massive" hunt for the hackers responsible for a string of high-profile hacks of government sites was "the most far reaching hacking investigation ever conducted by the Department of Justice."
Several security watchers, however, consider the manhunt a distraction, and say that the biggest threats to online security are the hackers who aren't making headlines -- an observation supported by Wednesday's hack of the Department of Energy's Brookhaven National Laboratory.
In the Brookhaven hack, intruders claiming to be the Posse replaced the laboratory's home page with a picture of TV personality Rosie O'Donnell and a treatise. According to security watchers, the Posse is more sophisticated than the hackers behind previous government site hacks.
The Posse's note prominently thanked the script kiddies, who use script-based programs to break into servers, for grabbing the attention of the FBI. "While you have been keeping the FBI (Federal Bureau Of Instigation) and SS (Secret Cervix) busy tracking down 14 year old hacker hopefuls; we have spent our time burrowing ourselves deep within Corporate America," the
Posse's note read at one point.
While the Brookhaven hack was quickly removed, MSNBC reported that the site itself was taken offline between 5:30 a.m. and 1 p.m. PT.
'The biggest threats'
"The guys who broke into the White House site, it's like living in D.C., running over to the White House and spray painting it," said B.K. DeLong, a security consultant in Boston. "The biggest threats are the hackers that aren't making themselves known."
"There's a limit to what they (the script kiddies) could do," DeLong noted. "But if these guys are getting in, what about the really experienced guys?"
An FBI official denied that FBI resources are being stretched thin by investigations into comparatively minor hacking incidents.
"That's an erroneous statement," said FBI spokeswoman Debbie Weierman. "We take any type of intrusion to a government computer very seriously." Agency officials "understand that some individuals may simply want to make a statement" by putting up digital graffiti, but by accessing government systems, "they are still committing a crime," she said.
While there had been speculation that the Department of Defense would pull its Web site down to guard against hacking incidents, an agency spokesman said Wednesday there's no plan for a wholesale shutdown of the site.
"Only certain pages are being taken down" to gauge their security, DoD spokesman Glenn Flood said. Public information on the site will remain up during the testing, set to begin later Wednesday and be concluded later this week, he said.
Pentagon not compromised
No Pentagon information was compromised during last week's incidents, when the FBI and Senate servers were targeted by malicious hackers, Flood added.
Various security consultants agreed that groups such as Global Hell and Masters of Downloading were not able break into classified servers, even if that were their goal.
"These hackers wouldn't have the hardware to break into SIPRNet, and if they did, they wouldn't have a key. So it's not going to happen," said John Vranisevitch, founder of AntiOnline, a security Web site that on Tuesday suffered a denial-of-service attack. SIPRNet is the internal classified network of the armed forces.
Vranisevitch and several other security consultants expect the FBI will make good on its threat to catch the people who were involved with defacing the White House site and some of the other sites. They said the hackers did obvious things, such as logging in through their regular ISP and not hiding their tracks.
"The FBI will get an indictment (in the White House case). They'll do it for the public perception," said Brian Martin, a security consultant in Phoenix. But Martin and others agreed that the hacks will continue. "The whole reason they're doing it is to show that the FBI is not in control of the Net."
Luke Reiter, CyberCrime, and Maria Seminerio, ZDNN, contributed to this story.
What it takes to stay on the edge of innovation
Going green and managing costs during tough economic times
Taking chances with the core brand
Transforming the company and developing new delivery platforms
