Bloor broadcast hacked with profanities

By Liesbeth Evers Network News March 8, 2001 Link(active as of 10/22/2006): http://www.vnunet.com/News/1118776 IT consultancy Bloor Research admitted that it was hacked last week after its weekly newsletter to IT directors was laced with profanities. A Network News reader who received a copy of the hacked newsletter counted 47 insertions of the "rudest word in the English language". He commented that: "Bloor's clients are going to be a bit shocked when they open this mail." Bloor Research confirmed that it received many calls from IT directors, who complained about the language. They were also concerned the newsletter contained a virus, but this fear turned out to be unfounded. After defacing the newsletter, the mail server was crashed to cover the hacker's tracks, destroying any clues. Bloor contacted security companies, who said this was the first time that they had seen an attack on an email broadcasting operation. Robin Bloor, CEO of Bloor Research, said he was annoyed the server was crashed, covering what the virus was or how it got in. "It was probably a Trojan backdoor virus, but we are not sure how it got in. We checked the firewall and its configuration was correct. Although a firewall is theoretically impregnable, it does not mean it is in reality." The virus was contained at the isolated mail server because Bloor uses a decentralised infrastructure. This prevented the virus spreading across the network. "In a world without hackers, you would centralise to save cost, but it's safer to keep a network decentralised," Bloor said. The mail server was set up with an unknown IP address, so anyone approaching the firewall could only detect its presence if the server was contacting the outside world. "The attack must have happened during a broadcast. Otherwise they couldn't have known the IP address to go through the firewall," Bloor said. "I didn't think much of this type of attack several years ago, but it shows how network managers must stay aware," Bloor said.

main page ATTRITION feedback