"It is good beating proud folks, for they will not complain"
Tue, 16 May 2000 11:55:08 -0500
Brian Martin (firstname.lastname@example.org)
William Knowles pointed me to www.realspy.com today, as they had apparently changed their web page after a recent defacement.
Below is the message currently up on their server:
Due to hackers rewriting my pages from others websites, we will be down for 1 to 2 weeks to reconfigure a hardware firewall and newly designed web page. We are sorry for this inconvenience On another note, to all you harmfull hscker and crakers---YOU CAN KISS MY ASS! I am a member of the FBI's ANSIR program and I will be turning IP address from my server logs over to them to (5-15-2000) today. Just remember, don't pick up the soap!This pathetic and unprofessional message demands several points be made.
Due to hackers rewriting my pages from others websites, we will be down for 1 to 2 weeks to reconfigure a hardware firewall and newly designed web page.Perhaps this is how some companies reach exceptionally large damage figures. Rather than hiring a security consultant for one day of work, patching the hole and getting back to business, they use it as an excuse to redesign the site. The charges associated with web design no doubt get lumped into the 'hacker damage' figure. If the down time is 2 weeks to "reconfigure" a hardware firewall, this shows a complete lack of technical proficiency in applying basic security to a web site.
On another note, to all you harmfull hscker and crakers---YOU CAN KISS MY ASS!Great encouragement here. I am sure a 'real spy' would say exactly this. You've already proven you are vulnerable and the computer criminals have one upped you. Challenging them to do it again can only serve to hurt you further and subject you to more attacks. Even if it is a trap with FBI agents lying in wait, it is still taking away from your business. When the next computer criminal breaches this site, do you think they will stop with a simple web page defacement?
I am a member of the FBI's ANSIR program and I will be turning IP address from my server logs over to them to (5-15-2000) today.This is an exceptional advertisement for the FBI ANSIR team, really. What is ANSIR exactly, and what do they do?
http://www.fbi.gov/programs/ansir/ansir.htm The program is designed to provide unclassified national security threat and warning information to U.S. corporate security directors and executives, law enforcement, and other government agencies.Looking at a few of their advisories:
99-002 Upcoming Significant Anniversary Dates 99-007 China Cyber Activity Advisory 99-010 Well-publicized Hacker Activity Against U.S. Government SitesWow, what a truly relevant program to tout to hackers. Why not proclaim your membership with a tennis club and threaten hackers with that too? In case you aren't aware, ANYONE can report computer crime to the FBI. They make it quite simple really. Here is a list of all their field offices in case you'd like to report some crime yourself:
Just remember, don't pick up the soap!This sounds like something straight off the 'Happy Hacker' web site. The vague threat that the computer criminal will not only be caught, but prosecuted and sentenced to time in prison where they will have less than pleasant relations with other prisoners. Given the rash of web defacers who have taunted the FBI and proclaimed they would never be caught, this hardly seems a deterent. More so that few of them ever see the inside of a jail or prison.