By Kristi Essick InfoWorld Electric Posted at 3:07 PM PT, May 8, 1998 The U.S. Navy has been caught attempting to break in to secure areas of a World Wide Web site sponsored by a U.K. marine-mammal preservation charity, according to officials at the organization. [The US Navy has not been caught. IP addresses that correlate to Navy machines have been logged in breakins. Why the distinction? Because the article doesn't mention two scenarios: 1) the attacks were spoofed as Navy hosts, and 2) that hackers broke into Navy machines and used that as a jump point for intrusions into other machines.] The Whale and Dolphin Conservation Society (WDCS) -- which operates an online shopping site aimed at generating money for the welfare of the animals at http://www.wdcs-shop.com -- said it was alerted to the attempted break-in last week by its site-hosting company, Merchant Technology Ltd. "We were working late one night, and a command line request came in wanting to access unauthorized areas of the site," said Andy Fisher, marketing manager for Merchant. "We were amazed to find out it was the Pentagon." [donhqns1.hq.navy.mil is not the Pentagon I don't think.] Merchant built and manages the secure electronic-commerce site for the conservation society and routinely keeps an eye on who visits. If users attempt to gain access to unauthorized areas, the company is alerted to the source of the incoming request. At 9:45 p.m. GMT on April 28, Fisher said, workers at Merchant were shocked to see an incoming attempt to breach security by a user identified as donhqns1.hq.navy.mil. [This is a machine ID, not a user ID.] Merchant got in touch with WDCS immediately, only to find out that the charity had been contacted by the Navy a few weeks earlier. The Navy was interested in obtaining a report the group is working on that details the efforts of Russian animal experts to train dolphins in the Black Sea for military tasks, such as finding and attaching probes to submarines, Fisher said. A WDCS representative said that there is nothing secret about the Russian government's activities in this area but that the document does contain information about the export of the trained dolphins to foreign countries. The group declined to give the Navy a copy of the report only because it was not complete at the time. Once it is made final, the report will be published and the Navy can then examine it, the representative said. The WCDS said that it is confused about why the Navy would attempt to break in to its Web site. [This sounds more and more like a user followed a link to a password protected portion of the site, and failed a login or something.] "I think whoever it was within the U.S. Navy facility would have better things to do rather than try and hack into our computers," said Chris Stroud, the organization's director of campaigns, in a statement. "If they were seeking reports on the Black Sea, we shall be freely publishing these in the near future anyway." The WCDS previously has commented unfavorably on Navy activities such as its low-frequency sonar trials off Hawaii and on ship collisions with endangered whales, the group said. Merchant says it is "100 percent sure" the hacking attempt originated from the Navy. WDCS has notified the U.S. Embassy in London and the relevant U.K. authorities, the organization said. [100 percent sure? There is no way to know WHO sat at the terminal when the 'hack' was done. Or if it was even someone in the same country. It is trivial for hackers to bounce through many systems before reaching their destination.] "We hope that the U.S. authorities have some rational explanation for this incident," Stroud said. "The Navy has not yet received a formal complaint on the issue," said a Navy official, who declined to be named. "Until the Navy receives a formal complaint with details, there's not much we can do to proceed further." Merchant Technology Ltd., in Bath, England, can be reached at 44 (1225) 481 015. The Whale and Dolphin Conservation Society, also in Bath, can be reached at 44 (1225) 334 511 or http://www.wdcs.org. Reply From: "Schadey, Robert"
Another example of irresponsible reporting. It's common practice for hackers to hack into one system, set themselves up as a user and the go hack into another system. So it wasn't the U.S. Navy hacking into the British system, the Navy was also a victim. If the reporter had taken 5 minutes to check this out the story would have been "Hacker Breaks Into Navy Computer."