NEWS

Hackers deface UN website

August 14, 2007

Hackers struck the United Nations Internet site in the weekend replacing the Secretary-General's message with anti-war slogans, prompting the world body to deploy its technicians to assess the system and take steps to make the portal more secure.

The hackers breached the security early Sunday replacing Secretary General Ban Ki-moon's messages on the web pages reserved for him with anti-war slogan in red capital letters and accusing the United States and Israel of killing children.

The world body removed the messages promptly as its computer experts evaluated whether any damage was done and took action to make the site more secure, the UN said, but released only limited information.

UN spokeswoman Michele Montas told reporters on Monday that the hackers' messages were removed and updating of the site suspended as technicians assessed the situation.

But she also said that key financial information was not compromised.

Also attacked were the sites of the UN Economic and Social Council and the Paris-based United Nations Environment Programme.

"Hacked By kerem125 M0sted and Gsy That is CyberProtest Hey Ysrail and Usa dont kill children and other people Peace for ever No war" was the line repeating itself over and over on the affected pages, according to screenshots taken by bloggers and quoted by CNET, a computer and technology publisher.

CNET said the perpetrators appear to have used a well-known and highly preventable technique called SQL injection, which takes advantage of flawed database programming to activate malicious lines of code.

In an e-mail message to CNET's News.com website, Giorgio Maone, an Italian software developer who runs the site, confirmed that "the UN staff just deployed a cosmetic patch, which hides it from the most obvious tests, but it cannot prevent an attack."

Maone said he couldn't go into more details than that, out of fear of tipping off the "script kiddies" out there. He said he has alerted the UN's information security department to the continued problems and offered his assistance.

An Internet search of the names present in the messages indicates a team of hackers, who appear to have at least some Turkish members and call themselves the "Byond Crew Hack Team," is taking responsibility for the activity, CNET said.

At the web site M0sted.org,, CNET said, there's a list of sites that have allegedly been hacked by the group before in the name of "cyberprotest," including Harvard and other universities, Norfolk and Norwich University Hospital in the United Kingdom, and some international Web outposts of Michelin, Toyota and Nestle.

Text: PTI | Photograph: Karen Bleier/AFP/Getty Images

NEXT ARTICLE

NewsBusinessMoviesSportsCricketGet AheadDiscussionLabsMyPageVideosCompany Email