Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hacked Website of Tuscon Police Expected to be Reinstated Soon

The hacked website of the Tuscon Police Department that remained crippled over the first two weeks of December 2007 would be reinstated to normal functioning in the next 48 hours, said the webmaster of the department. Azstarnet published this in news on December 19, 2007.

The attacker identified as "Hmei7" penetrated the firewall of the Police Department to break into its website, said Pat Johnson, the person in-charge of the maintenance of the site, as published by Azstarnet on December 19, 2007.

Johnson assured that the data files with the police were not at risk as Hmei7 accessed only the database relating to media releases. And with the latter, the hacker had altered their titles. Tusconcitizen reported this on December 18, 2007.

Hmei7 used a technique known as 'SQL injection', pronounced as 'sequel injection' to issue SQL commands to pass through a program running on the web for its execution against a database at the backend. With this, Hmei7 was able to get at the site of the TPD media release and change the programming of the 'search box'.

The 'SQL injection' has been a popular attack mechanism on the web that hackers use to steal company data, security firms note. Firewalls and other intrusion detection systems are almost defenseless against SQL injection attacks launched in their full scale.

According to Johnson, the department's media site has a search box for its media releases. With an SQL injection, one could type 'Mr. Jones' together with an SQL statement to alter all the captions of the media releases. Hmei7 did just this to display the new title as "Hmei7 has touched your soul".

IT experts for TPD, according to Sgt. Mark Robinson, had been occupied over the past fortnight to determine how Hmei7 managed access to the site and to load security programs on it to stop any further SQL injections. Tusconcitizen published this on December 18, 2007.

According to Johnson, Hmei7, who belongs to Indonesia, has been infiltrating hundreds of websites of various governments globally. According to usual practice, when hackers attack any nation's website, they do it from another country.

Related article: Hacked Mall Websites Leave Little Impact on Business

ยป SPAMfighter News - 1/3/2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next