UPDATES 1/24/11: Military Websites Offline After Listed For Sale By Hacker
Several of the .MIL sites were offline which a hacker had offered for sale the administrative control over.
* * *
Researchers at Imperva have reported that an unknown hacker is selling access to and control over compromised .GOV .MIL and .EDU sites.
The hacker is offering root access control to sites that are largely reserved for promoting projects associated with sensitive U.S. military and government programs:
Imperva states: "The 'traffic' probably stands for the number of records within the DB tables. The 'goods' in this case are probably the needed information for the 'Level of Control.' For 'full site admin' – probably the credentials and the URL of site administrator interface."
Researchers also revealed that the hacker is selling personally identifiable information gleaned from some of the websites, including some large universities.
Access to most of the sites was gained by way of software used to scan websites for weaknesses:
"The victims' vulnerabilities were probably obtained by SQL injection vulnerability automatic scanner and exploited in automatic manner, as the hacker published his methods in a post in some hacker forum..."
Imperva's report shows that the public sector still has a long ways to go when it comes to protecting web portals containing sensitive information from even the most basic of of security exploitations.