Milw0rm

From Wikipedia, the free encyclopedia

milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Bombay, the primary nuclear research facility of India, on June 3, 1998. The attack generated heated debate on the security of information in a world prevalent with countries developing nuclear weapons, the ethics of "hacker activists" or "hacktivists," and the importance of advanced security measures in a modern world filled with teenagers willing and able to break into insecure international websites.

In the process of the break-in, the multinational group of teenagers-- from the United States, United Kingdom and New Zealand-- gained access to five megabytes of classified documents pertaining to India's nuclear weapons program. To show their security breach publicly, they changed the center's webpage to display an anti-nuclear message and then came forward with the security flaws they exploited in BARC's system. Despite subsequent news reports that data on two email servers was erased, the group did not claim to erase data and officials at BARC did not announce any erasure.

Contents 1 Members of milw0rm 2 BARC Attack 3 Attack Aftermath 4 milw0rm Quotes 5 References

[edit] Members of milw0rm

Little is known about the members of milw0rm. The international hacking team went by the aliases of JF, Keystroke, ExtreemUK, savec0re, and Ven0mous. Savec0re, 17, and Ven0mous, 18, hailed from New Zealand, ExtreemUK and JF, 18, from England, and Keystroke from the US. To date, none of the group have come forward with their real names or identities, and investigations of the incident by the CIA and FBI or any other intelligence organizations proved fruitless in deciphering their identities, which were well-hidden. However, numerous people who were not a part of milw0rm have come forward saying that they were responsible for the hacks. Their claims have been discredited.

JF went on to achieve a modicum of notoriety when MTV "hacked" its own website intentionally and graffitied the words "JF Was Here" across the page.

Venom0us claimed that he learned to crack into systems from Ehud Tenenbaum, an Israeli hacker known as The Analyzer.

[edit] BARC Attack

Four days before the incident, the five permanent members of the United Nations Security Council, the US, Russia, United Kingdom, France and China, denounced both India and Pakistan for unilaterally declaring themselves nuclear weapons states. The day before the attack, Jacques Gansler, US undersecretary of defense for acquisition and technology, warned a military conference that teenage hackers posed "a real threat" to national security.

On the night of June 3, 1998 from their workstations on three continents, the group broke into the LAN, or local area network, of BARC. The center's website, connected to the LAN, and their firewall was not secured enough to prevent the group from entering and gaining access to confidential emails and documents. The emails included correspondence between the center's scientists relating to their development of nuclear weapons. They then posted a statement of anti-nuclear intentions on the center's website.

The group's purpose for the attack was to protest nuclear testing, according to Savec0re, Venom0us and JF.

After the attack Keystroke claimed that the attack had taken "13 minutes and 56 seconds" to execute. Many news organizations reported breathlessly how the teenagers had penetrated a nuclear research facility in "less than 14 minutes." However, examining more closely the hacker's wording and tone in the interview, and especially the specificity of the "56 seconds" claim, it is apparent that Keystroke meant this as a lighthearted answer to the question, "Exactly how long did it take you?". The actual invasion took careful planning, routing through servers throughout the world from three different continents, and took days to execute.

[edit] Attack Aftermath

After first denying that any incident had occurred, BARC officials admitted that the center had indeed been hacked and emails had been downloaded. An official at BARC downplayed the severity and importance of the incident, announcing that the security flaw resulted from "a very normal loophole in Sendmail," while going on to state that the center had not bothered to download a new version of the Sendmail program, responsible for the center's email servers. The center also admitted that after milw0rm's breach, the site had been hacked into again, this time with less severe consequences. The website was shut down while its security was upgraded. Later, a senior US government official told ZDNet that the Indians had known about the flaw and had chosen to ignore it, creating the opportunity for milw0rm to root the servers.

Nevertheless, the breach was a severe one and had the potential to cause an incident of international proportions. After the attack, members of the group participated in an anonymous Internet Relay Chat (IRC) chat with John Vranesivich, the founder of Anti-Online. Keystroke explained how if he wanted to, he could have sent threatening emails from the Indian email server to a Pakistani email server. If the group had possessed malicious intentions, the consequences for both south Asian countries could have been catastrophic.

For these reasons, the milw0rm attack caused other groups to heighten their security to prevent invasion by hackers. The U.S. Army announced inexplicably that the hacks might have originated in Turkey, noting that "Turkey is the primary conduit for cyber attacks."

Later, Wired News revealed that an Indian national and self-proclaimed terrorist, Khalid Ibrahim, had approached members of milw0rm and other hacker groups on IRC-- including Masters of Downloading and the Noid-- and attempted to buy classified documents from them. According to savec0re, Ibrahim threatened to kill him if the hacker did not turn over the classified documents.

[edit] milw0rm Quotes

"The world is lucky we're so nice."

-Keystroke

"It's ironic that India has weapons capable of destroying the world, but they can't secure a little web server which is connected to their networks."

-Keystroke

"If you're gonna amass data which can take many lives ... at least secure it."

-savec0re

"I'm only young; I don't want a hostile world on the edge of a nuclear conflict."

-JF

The full text of the milw0rm-revised BARC website:

oh gn0, like this is what happens if j00 play with atomic energy!#@! It g0es b00m@#@#@# so PLEEEZE, do not fuck around, didn't you parents ever teach you manners? I like the world in its current state (i guess), well its better than the world would be if the b0mb went b00m. think about it k1dz, its not clever, its not big, so don't think destruction is cool, coz its not. If a nuclear war does start, you will be the first to scream. You all saw the movie WARGAMES right? well.... That could have been us$#@ So India, LISTEN TO WISE OLD MILWORM .... You do not need nuclear weapons in the 1990s!#@! STOP THE SHIT Owned Savec0re - JF - VeNoMouS JF - Hamst0r - Keystoke - savec0re - ExtreemUK

[edit] References

• Security site ran by no former milw0rm members
• Wired
• Forbes magazine article on the incident which contains some accurate and some inaccurate information
• ZDNet talks to senior government official in the US about the attack
• Wired News on Khalid Ibrahim allegations