Power play: Electric company hacked By Robert Lemos, ZDNN December 14, 2000 4:31 PM PT URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2665199,00.html

Unknown intruders have hijacked an electric company's servers, using its computers and the company's Internet connection to host and play games, the National Infrastructure Protection Center revealed Wednesday.

The intruders gained access to the power company's servers by exploiting a vulnerability in the company's file storage service, said NIPC, which would not name the power company. The federal agency, in conjunction with the FBI and the Department of Justice, investigates such attacks on the United States information and communications systems.

"The intruders used the hacked FTP site to store and play interactive games that consumed 95 percent of the organization's Internet bandwidth," NIPC said in a prepared statement. "The compromised bandwidth threatened the (company's) ability to conduct bulk power transactions."

Apparently, the intruders used an automated tool that scanned the Internet for so-called anonymous FTP servers with the vulnerability.

Several such vulnerabilities exist, including a well-publicized exploit of a popular Linux FTP service. In cases similar to the one described by NIPC, the attacker can replace a directory name with code that, when run, will allow the intruder to take over the system, said Elias Levy, chief technology officer and co-founder of security information site SecurityFocus.com.

Yet, Levy stressed that far from threatening, the incident seems just like a bunch of kids playing.

"It sounds like they weren't even targeting the company," he said. "It just seems like one of those indiscriminate acts."

He added that the attack says little about the vulnerability of the power company's critical systems.

http://www.zdnet.com/filters/printerfriendly/0,6061,2665199-2,00.html

-- Martin Thompson (mthom1927@aol.com), December 14, 2000