Thursday, March 10. 2005
It's Gonna Get Worst
Source: Malay Mail.
What we should be ready for is this - the current attacks (defacements) is only touching the tip of the iceberg. What will happen next is that the current groups of Indonesian crackers, based on their successes in defacing more than 40 Malaysian sites, will get support from the more elite of the Indonesian hackers - which means that they will not just target websites, but our core networks - the ISPs. I am pretty sure they will attack all the routers, switches and network equipment that are available out there, and not to mention taking advantage of broadband users (Streamyx).
Instead of defacements, they will turn it into a full-scale cyberwar - informations are deleted, trashed, usernames and passwords are cracked, and hacked servers used for DoS attack, etc.
Instead of just SQL injection and exploiting old version php apps, they will attack whatever that is out there. And their attacks will be more difficult to trace and prevent.
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as
(Linear | Threaded)
lol you mean, those Streamyx users who never changed their router's password? 
Yah.. those kind of people are probably going to get into deep shit fo sho'
Yah.. those kind of people are probably going to get into deep shit fo sho'
As you said, this is only the tip of the iceberg.
And you may be right that they may gather better and more experienced Indonesian hackers to make this worse.
I'm more worried about other experienced hacker groups, not restricted to the indonesian or malaysian clan.
Those groups may take advantage this situation to attack malaysian or the indonesians on behalf of indonesians or malaysian respectively.
With all known badly configured computers, proxies, and other connected machines in this two countries to be their proxy (and this does not include those machines that can be identified easily, or other dormant agents), the third party groups can create a serious havoc and tension between malaysia and indonesia, simply by using our own machines..
if the government/university admin cannot care less to make risk assesment and fix the holes, how can other simple mortals knowing only to click the OK button without reading it will protect their machine not to used in this silly war.
Try telling a lamda windows and IRC/chat exclusive internet user to use a password to open his/her XP session and admire their respond (tip : takde benda yg org nak curi).
And, how many PCs are stil using win9x ?
Seriously, we really need to educate our computer users.. To the extreme, i'd propose that a computer license is needed to use a computer just like driving license to driving a car ..
ps: as i'm writing this, OpenBSD TCP timestamp Remote DOS Vuls has been updated. Patched released or exploit updated i think ...
And you may be right that they may gather better and more experienced Indonesian hackers to make this worse.
I'm more worried about other experienced hacker groups, not restricted to the indonesian or malaysian clan.
Those groups may take advantage this situation to attack malaysian or the indonesians on behalf of indonesians or malaysian respectively.
With all known badly configured computers, proxies, and other connected machines in this two countries to be their proxy (and this does not include those machines that can be identified easily, or other dormant agents), the third party groups can create a serious havoc and tension between malaysia and indonesia, simply by using our own machines..
if the government/university admin cannot care less to make risk assesment and fix the holes, how can other simple mortals knowing only to click the OK button without reading it will protect their machine not to used in this silly war.
Try telling a lamda windows and IRC/chat exclusive internet user to use a password to open his/her XP session and admire their respond (tip : takde benda yg org nak curi).
And, how many PCs are stil using win9x ?
Seriously, we really need to educate our computer users.. To the extreme, i'd propose that a computer license is needed to use a computer just like driving license to driving a car ..
ps: as i'm writing this, OpenBSD TCP timestamp Remote DOS Vuls has been updated. Patched released or exploit updated i think ...
something along this line - their boxes gonna get 0wned, and the crackers will use it to lauch DoS, or watever.
then blog about it guys, if you have the time. check uzyn's site stats for a small surprise.
Time for us to get off our cushy arses and start preparing ourselves to face full-scale, cyberwar, onslaughts. As we have seen, defending against random script-kiddies and occasional l33t phuck3rz versus full-scale, organised and coordinated cyberwar attacks are 2 extremely different ballgames.
We should realise now that full-scale cyberwars can only be won if we learn from the enemy: large-scale offensive coordination versus large-scale defensive coordination.
To our Malaysian crewz: It's weekend now. Let's get to w0rk.
p0rnst4rphuck3rz
We should realise now that full-scale cyberwars can only be won if we learn from the enemy: large-scale offensive coordination versus large-scale defensive coordination.
To our Malaysian crewz: It's weekend now. Let's get to w0rk.
p0rnst4rphuck3rz
i think last week, a guy found out that his mykad was empty... no need much hacking at the nrd server to blanko someone's identity, they did it themselves 
About
This is the personal blog of Mel Mudin (spoonfork). All data and information provided on this site is for informational purposes and on an as-is basis.
This weblog does not represent the thoughts, intentions, plans or strategies of my employers. It is solely my opinion and views as a kambing biri-biri.
Feel free to challenge me, disagree with me, or even tell me that I am a kambing biri-biri wannabee in the comment section of each blog entry.
This weblog does not represent the thoughts, intentions, plans or strategies of my employers. It is solely my opinion and views as a kambing biri-biri.
Feel free to challenge me, disagree with me, or even tell me that I am a kambing biri-biri wannabee in the comment section of each blog entry.
