Fwd: Hactivists to attack biotech firms
- Date: Sat, 01 Apr 2000 17:48:01 -0800
Subject: Hactivists to attack biotech firms
From: "Mark L. Williams" <GrizzledBear@...>
Hactivists to attack biotech firms
Monsanto, Aventis are likely first targets for Electrohippies
By Bob Sullivan
MSNBCMarch 31 - Major biotechnology firms Monsanto Co. and Aventis Co. S.A.
will find themselves in the digital crosshairs starting this weekend.
According to a spokesman for the Electrohippies, a group that plans
Internet-based protests, the two companies will first be targeted with a
straightforward e-mail write-in campaign. But by the end of the week, new
denial-of-service software tools will be distributed and could be aimed at
the Internet operations of both firms. And according to one security
expert, other big-name companies like PepsiCo and McDonald's could also be
VIRTUAL SIT-INS ARE not new, but groups that plan the events are becoming
much more sophisticated. That concerns Ben Venzke, an executive at computer
security firm iDefense.com.
"They have the potential to be very damaging to a company's Internet
efforts," he said. "I don't doubt that for one second." Company Web sites
and e-mail servers will be targeted, he said, with protesters planning to
overwhelm both - similar to the way computer vandals overwhelmed major Web
sites like Yahoo, eBay and Amazon in February.
Monsanto and Aventis are being attacked for their participation in genetic
modification of food crops, according to the Electrohippies. Venzke says
the list of potential targets is much larger and includes Sara Lee, Nestle,
PepsiCo, McDonald's, Haagen-Dazs, Novartis Seeds and Procter & Gamble.
"These are companies that have showed up on target lists before," he said.
"Or are getting singled out, getting a lot of discussion time in chat
groups. We don't know what the target list is - but these are types of
companies that are very high on the radar of these groups."
'Hactivists' plan DDoS Web attack
Paul Mobbs, spokesman for the Electrohippies, would not comment on the list
of targets, but did say Monsanto and Aventis would begin receiving protest
e-mails starting April 2.
The campaign begins April 1, when the protest group will give a sarcastic
"April Fool's" award to a Web site named "junkscience.com," which describes
itself as devoted to debunking "faulty scientific data and analysis used to
used to further a special agenda." The site generally runs counter to the
Electrohippies' views on issues such as genetically altered food.
"The award is going to the person most out of touch with reality on the
issue of biotechnology," Mobbs said.
Electrohippies members will be urged to send e-mails of protest to the site.
Then early next week, e-mail campaigns will target specific companies
involved in production of genetically modified crops. The Electrohippies
have created a tool that automatically writes and addresses protest e-mails
to political leaders of industrialized nations and corporate executives.
Mobbs said: "Monsanto will certainly be on that list, and I've added
Aventis myself." Aventis was recently formed from the merger of French
chemical group Rhone-Poulenc and German-based Hoechst. Neither Monsanto nor
Aventis immediately returned phone calls.
While the semi-automated e-mail protest campaign is being waged, visitors
to the Electrohippies Web site will have the chance to vote on use of a new
software tool designed to overwhelm a company's Web page with so many
requests that it shuts down. Mobbs says the vote will be simple majority
rule: If more than 50 percent say yes, the tool will be released and the
targets announced, probably next weekend.
Any targeted site will be given advance warning, Mobbs said.
The Electrohippies tool has created controversy in the computer hacker
world. Several high profile hackers have sent mass e-mails protesting it
and any form of denial-of-service attack.
"Hacktivism should not boil down to DoS attacks and script kiddie antics,
it should be about making changes and informing people," wrote Bronc
Buster, a well-known hacker, on the "hactivism" mailing list after the
attack was announced.
The tool is actually a simple Web page that can be e-mailed to potential
protestors. No "zombie" computers are used or compromised - third-party
zombies, which allow anonymity, were used in the now-infamous Yahoo and
During the Electrohippies-organized protest, all attacks will come directly
from the protester's computer.
"We are into open and accountable action," Mobbs said.
The tool itself simply repeatedly requests 12 to 15 elements on a Web page,
not unlike a user manually hitting "refresh" over and over to download a
page. In fact, last November, the Electrohippies staged a protest of the
World Trade Organization using that technique. A single Web page was
designed to open up multiple browsers on any user's computer, with all the
browsers requesting WTO.org. That effort slowed the trade organization's
Web site but also slowed the Electrohippies site, which hosted the "attack"
This new tool refines that method considerably. Since it can be e-mailed,
there will be no choke point at the Electrohippies Web site. Attacks will
come directly from protester computers. The tool will not request entire
Web pages, but rather specific images or functions that particularly drain
the victim computer. And the requests will be made from each attacking
computer in random order, which foils some of a Web server's caching
What is making these attacks possible?
Hackers have become more sophisticated and have developed programs that
automate such attacks. The programs direct tens or hundreds of computers
around the world to send traffic to a specific site simultaneously. That
allows hackers to overwhelm some of the most prominent sites already
designed to handle large amounts of traffic. Security experts became aware
of the tools last fall. Patrick Taylor, vice president of risk assessment
for the Internet Security Systems in Atlanta, said the tools allowed people
with lower degrees of skills to execute sophisticated attacks.
How do hackers use so many computers in their attacks?
They can secretly plant their attack programs in other people's or
company's computer systems by exploiting those systems' security
weaknesses. The programs remain dormant until the appointed time of attack.
When hackers route the program through someone else's computer, it makes
them harder to trace.
What can sites do to prevent such attacks?
Little, according to Mark Zajicek, a team leader at the CERT Coordination
Center at Carnegie Mellon University. He said the focus instead must be on
increasing security of other computers so that they cannot be commanded to
launch such attacks. Once a site is targeted, one recourse is to trace the
traffic back to the third-party computers and alert their administrators.
The process can take hours.
Why can't sites block the bad traffic?
Even the process of determining whether traffic is legitimate uses precious
computing time. A site's Internet service provider might be able to stop
some bad traffic, but it comes from various locations and often carries
fake return addresses, making it difficult to sort to good from the bad.
Why are these attacks occurring?
Attorney General Janet Reno said Wednesday that while a motive had yet to
be determined, "they appear to be intended to interfere with and disrupt
legitimate electronic commerce." There is no evidence that hackers gained
access to the sites' internal data. But Randy Sandone of Argus Systems
Group Inc. in Savoy, Ill., warned that denial-of-service attacks might one
day be used as a decoy. While security personnel are busy trying to block
traffic, a hacker might try to gain access to sensitive data.
Is this the work of one person?
Investigators have yet to determine whether a single person is behind all
the attacks. Analysts say that after Yahoo! was hit Monday, other sites
might have been targeted by copycat hackers.
Printable version 1 | 2 | 3
SOURCE: Associated Press
The genetically modified food protest has not yet stirred up as much
widespread support as other recent online protest efforts, according to
Venzke - and so it might not actually succeed in shutting down or even
slowing corporate Web sites.
"For this action it would appear that the Electrohippies have a fairly
strong base of support through their own channels, but ... we are not
seeing other groups out actively supporting it."
But corporate sites are considerably less robust than high-traffic Internet
sites - they have far fewer visitors, so they have fewer servers and less
bandwidth into and out of their networks. So they are much more vulnerable
to the attack methods to be used by the Electrohippies than a site like
Yahoo would be, Venzke said.
NOTE: In accordance with Title 17 U.S.C. section 107, this material is
distributed without profit or payment to those who have expressed a prior
interest in receiving this information for non-profit research and
educational purposes only. For more information go to:
Search /RENEGADE/ for articles on genetix -
/RENEGADE/ Search - GO TO: http://fornits.com/renegade/peaars.cgi?
and just type in your topic. For differing results you may uncheck
"article" and search on just "subject," etc. /RENEGADE/ also has
"time-frame" in the search, so you can tailor your results that way, too.
*STRIDER* Sector Air Raid Warden at /RENEGADE/
/RENEGADE/ news_service: http://fornits.com/renegade/
DEDICATED TO SPIRIT, TRUTH, PEACE, JUSTICE, AND FREEDOM
Bay_Area_Activist list: http://fornits.com/renegade/peaars.cgi?fetch=54
usenet: news:alt.thebird news:misc.activism.progressive
WHEN SPIDERS UNITE, THEY CAN TIE DOWN A LION -- Ethiopian Proverb