Loading ...
Sorry, an error occurred while loading the content.

Fwd: Hactivists to attack biotech firms

Expand Messages
    Date: Sat, 01 Apr 2000 17:48:01 -0800 Subject: Hactivists to attack biotech firms From: Mark L. Williams Hactivists to attack
    Message 1 of 1 , Apr 1, 2000
    • 0 Attachment
      Date: Sat, 01 Apr 2000 17:48:01 -0800
      Subject: Hactivists to attack biotech firms
      From: "Mark L. Williams" <GrizzledBear@...>

      Hactivists to attack biotech firms
      Monsanto, Aventis are likely first targets for Electrohippies
      By Bob Sullivan

      MSNBCMarch 31 - Major biotechnology firms Monsanto Co. and Aventis Co. S.A.
      will find themselves in the digital crosshairs starting this weekend.
      According to a spokesman for the Electrohippies, a group that plans
      Internet-based protests, the two companies will first be targeted with a
      straightforward e-mail write-in campaign. But by the end of the week, new
      denial-of-service software tools will be distributed and could be aimed at
      the Internet operations of both firms. And according to one security
      expert, other big-name companies like PepsiCo and McDonald's could also be

      VIRTUAL SIT-INS ARE not new, but groups that plan the events are becoming
      much more sophisticated. That concerns Ben Venzke, an executive at computer
      security firm iDefense.com.

      "They have the potential to be very damaging to a company's Internet
      efforts," he said. "I don't doubt that for one second." Company Web sites
      and e-mail servers will be targeted, he said, with protesters planning to
      overwhelm both - similar to the way computer vandals overwhelmed major Web
      sites like Yahoo, eBay and Amazon in February.

      Monsanto and Aventis are being attacked for their participation in genetic
      modification of food crops, according to the Electrohippies. Venzke says
      the list of potential targets is much larger and includes Sara Lee, Nestle,
      PepsiCo, McDonald's, Haagen-Dazs, Novartis Seeds and Procter & Gamble.

      "These are companies that have showed up on target lists before," he said.
      "Or are getting singled out, getting a lot of discussion time in chat
      groups. We don't know what the target list is - but these are types of
      companies that are very high on the radar of these groups."

      'Hactivists' plan DDoS Web attack

      Paul Mobbs, spokesman for the Electrohippies, would not comment on the list
      of targets, but did say Monsanto and Aventis would begin receiving protest
      e-mails starting April 2.

      The campaign begins April 1, when the protest group will give a sarcastic
      "April Fool's" award to a Web site named "junkscience.com," which describes
      itself as devoted to debunking "faulty scientific data and analysis used to
      used to further a special agenda." The site generally runs counter to the
      Electrohippies' views on issues such as genetically altered food.

      "The award is going to the person most out of touch with reality on the
      issue of biotechnology," Mobbs said.

      Electrohippies members will be urged to send e-mails of protest to the site.

      Then early next week, e-mail campaigns will target specific companies
      involved in production of genetically modified crops. The Electrohippies
      have created a tool that automatically writes and addresses protest e-mails
      to political leaders of industrialized nations and corporate executives.
      Mobbs said: "Monsanto will certainly be on that list, and I've added
      Aventis myself." Aventis was recently formed from the merger of French
      chemical group Rhone-Poulenc and German-based Hoechst. Neither Monsanto nor
      Aventis immediately returned phone calls.

      While the semi-automated e-mail protest campaign is being waged, visitors
      to the Electrohippies Web site will have the chance to vote on use of a new
      software tool designed to overwhelm a company's Web page with so many
      requests that it shuts down. Mobbs says the vote will be simple majority
      rule: If more than 50 percent say yes, the tool will be released and the
      targets announced, probably next weekend.

      Any targeted site will be given advance warning, Mobbs said.

      The Electrohippies tool has created controversy in the computer hacker
      world. Several high profile hackers have sent mass e-mails protesting it
      and any form of denial-of-service attack.

      "Hacktivism should not boil down to DoS attacks and script kiddie antics,
      it should be about making changes and informing people," wrote Bronc
      Buster, a well-known hacker, on the "hactivism" mailing list after the
      attack was announced.

      The tool is actually a simple Web page that can be e-mailed to potential
      protestors. No "zombie" computers are used or compromised - third-party
      zombies, which allow anonymity, were used in the now-infamous Yahoo and
      Amazon attacks.

      During the Electrohippies-organized protest, all attacks will come directly
      from the protester's computer.

      "We are into open and accountable action," Mobbs said.

      The tool itself simply repeatedly requests 12 to 15 elements on a Web page,
      not unlike a user manually hitting "refresh" over and over to download a
      page. In fact, last November, the Electrohippies staged a protest of the
      World Trade Organization using that technique. A single Web page was
      designed to open up multiple browsers on any user's computer, with all the
      browsers requesting WTO.org. That effort slowed the trade organization's
      Web site but also slowed the Electrohippies site, which hosted the "attack"

      This new tool refines that method considerably. Since it can be e-mailed,
      there will be no choke point at the Electrohippies Web site. Attacks will
      come directly from protester computers. The tool will not request entire
      Web pages, but rather specific images or functions that particularly drain
      the victim computer. And the requests will be made from each attacking
      computer in random order, which foils some of a Web server's caching

      What is making these attacks possible?
      Hackers have become more sophisticated and have developed programs that
      automate such attacks. The programs direct tens or hundreds of computers
      around the world to send traffic to a specific site simultaneously. That
      allows hackers to overwhelm some of the most prominent sites already
      designed to handle large amounts of traffic. Security experts became aware
      of the tools last fall. Patrick Taylor, vice president of risk assessment
      for the Internet Security Systems in Atlanta, said the tools allowed people
      with lower degrees of skills to execute sophisticated attacks.

      How do hackers use so many computers in their attacks?

      They can secretly plant their attack programs in other people's or
      company's computer systems by exploiting those systems' security
      weaknesses. The programs remain dormant until the appointed time of attack.
      When hackers route the program through someone else's computer, it makes
      them harder to trace.

      What can sites do to prevent such attacks?
      Little, according to Mark Zajicek, a team leader at the CERT Coordination
      Center at Carnegie Mellon University. He said the focus instead must be on
      increasing security of other computers so that they cannot be commanded to
      launch such attacks. Once a site is targeted, one recourse is to trace the
      traffic back to the third-party computers and alert their administrators.
      The process can take hours.

      Why can't sites block the bad traffic?

      Even the process of determining whether traffic is legitimate uses precious
      computing time. A site's Internet service provider might be able to stop
      some bad traffic, but it comes from various locations and often carries
      fake return addresses, making it difficult to sort to good from the bad.

      Why are these attacks occurring?
      Attorney General Janet Reno said Wednesday that while a motive had yet to
      be determined, "they appear to be intended to interfere with and disrupt
      legitimate electronic commerce." There is no evidence that hackers gained
      access to the sites' internal data. But Randy Sandone of Argus Systems
      Group Inc. in Savoy, Ill., warned that denial-of-service attacks might one
      day be used as a decoy. While security personnel are busy trying to block
      traffic, a hacker might try to gain access to sensitive data.

      Is this the work of one person?

      Investigators have yet to determine whether a single person is behind all
      the attacks. Analysts say that after Yahoo! was hit Monday, other sites
      might have been targeted by copycat hackers.
      Printable version 1 | 2 | 3
      SOURCE: Associated Press

      The genetically modified food protest has not yet stirred up as much
      widespread support as other recent online protest efforts, according to
      Venzke - and so it might not actually succeed in shutting down or even
      slowing corporate Web sites.

      "For this action it would appear that the Electrohippies have a fairly
      strong base of support through their own channels, but ... we are not
      seeing other groups out actively supporting it."

      But corporate sites are considerably less robust than high-traffic Internet
      sites - they have far fewer visitors, so they have fewer servers and less
      bandwidth into and out of their networks. So they are much more vulnerable
      to the attack methods to be used by the Electrohippies than a site like
      Yahoo would be, Venzke said.

      NOTE: In accordance with Title 17 U.S.C. section 107, this material is
      distributed without profit or payment to those who have expressed a prior
      interest in receiving this information for non-profit research and
      educational purposes only. For more information go to:


      Search /RENEGADE/ for articles on genetix -

      /RENEGADE/ Search - GO TO: http://fornits.com/renegade/peaars.cgi?
      and just type in your topic. For differing results you may uncheck
      "article" and search on just "subject," etc. /RENEGADE/ also has
      "time-frame" in the search, so you can tailor your results that way, too.



      *STRIDER* Sector Air Raid Warden at /RENEGADE/

      /RENEGADE/ news_service: http://fornits.com/renegade/
      Bay_Area_Activist list: http://fornits.com/renegade/peaars.cgi?fetch=54
      usenet: news:alt.thebird news:misc.activism.progressive
      chat: http://jupiter.beseen.com/chat/rooms/i/1055/
      e-mail: mailto:strider@...

    Your message has been successfully submitted and would be delivered to recipients shortly.