.mil websites down after listed for sale by hacker

Posted on by Listify Me

A hacker has apparently been selling administrative control of military websites online for as little as $399, says cybersecurity vendor Imperva.

In a Jan. 21 post on the company’s blog, Imperva has redacted screenshots of websites a hacker says he has compromised along with the price of “FullSiteAdmin Control.”

Cybersecurity blogger Brian Krebs has a considerably less redacted screenshot on his blog. “I’ve seen some of the back-end evidence of his hacks, so it doesn’t seem like he’s making this up,” Krebs adds.

Among the websites listed for sale is http://cecom.army.mil/, the website of the Army’s Communications Electronics Command, for $499. On Jan. 23, the site was mostly offline (click for a screenshot), simply displaying a html message that “cecom.army.mil Is Temporarily Unavailable We’re working to resolve this issue.”

Also offline was http://pec.ha.osd.mil (click for a screenshot), the website for Department of Defense the PharmacoEconomic Center, which displayed the same html message as the CECOM website. The hacker had listed control of it for sale for $499.

Another military website on the list, www.scguard.army.mil, the website of the South Carolina National Guard, was totally offline Jan. 23, the URL returning a 403 Forbidden status code (click for a screenshot). Of the military websites listed for sale by the hacker, the site was the relative bargain at $399 for full control.

Cheaper wares included www.utah.gov for $99 (the website appeared to be working normally on Jan. 23) and MySQL root access to http://michigan.gov (also up and running) for $55.

The hacker also has offered for sale personally identifiable information from hacked websites, including government websites, at $20 per thousand records, according to Imperva.

Krebs notes that the DoD’s PharmacoEconomic Center would be an attractive site for rogue online pharmacies to plant links on, since search engines give links from .mil, .gov and .edu sites more authority than other links from top level domains.

For more:
go to the Imperva blog post
go to Kreb’s blog post

Related Articles:
Cyber attack effects ‘local and temporary,’ not global, says study
White House, Commerce prepare for trusted identities in cyberspace
JASON: Cybersecurity not really like the immune system

Open bundled references in tabs: