Swiss police arrest World Economic Forum hacker
11.38 a.m. ET (1654 GMT) February 23, 2001
By Jonathan Fowler, Associated Press
 http://foxnews.com/world/0223/i_ap_0223_59.sml

GENEVA (AP) — Swiss police arrested a man Friday on suspicion of hacking into the computer systems of the World Economic Forum and stealing private information about participants.

Geneva police said the man was a 20-year-old Swiss citizen and part time computer consultant. He was arrested in the Swiss capital, Bern.

Police said he would be charged with data theft, unauthorized entry into a computer system, damage to property and misuse of credit cards. If found guilty he faces up to five years in prison, or a fine.

No further details would be released, police said. They did not release the name of the suspect.

It was not clear whether the man had been working alone or whether he had been part of a team. A shadowy group of anti-globalization hackers calling themselves "Virtual Monkeywrench'' had claimed responsibility for the attack.

The hackers obtained personal information about government and business leaders who have attended the summit in the Swiss ski resort of Davos in recent years.

They passed a CD-ROM containing stolen data from the Forum's systems to the weekly SonntagsZeitung, which published details on Feb. 4. The newspaper reported that it included the numbers of credit cards, passports and personal cellular phones belonging to political and business leaders including former President Clinton, Palestinian leader Yasser Arafat, Microsoft founder Bill Gates, and South African President Thabo Mbeki.

The newspaper said the hackers obtained information about 27,000 leading politicians, chief executives of major corporations, and top managers who have taken part in the forum.

The World Economic Forum, the Geneva-based foundation that organizes the Davos summits, made a complaint to the justice authorities in early February.

'Cyberwars' bring real-world conflict to the Web
 http://www.zdnet.com/zdnn/stories/news/0,4586,2687046,00.html
By John Galvin
Smart Business
February 16, 2001 11:33 AM PT

Regional conflicts may find global casualties in the so-called cyberwar.
The latest conflict between Israel and the Palestinians is now in its fifth month. At press time, the war had claimed more than 350 lives (mainly Palestinian), with as many as 10,000 injured. Meanwhile, the parallel cybercampaign being waged by both sides suggests that future regional conflicts will play in a global theater. In essence, every company online represents a potential target. "It's like a guerrilla war with all types of combatants," says Ben Venzke, manager of intelligence production at the private Internet security consultancy iDefense. "We're seeing everything from unsophisticated de face ments being done by teenagers, to known terrorists plotting attacks. Unity [a Palestinian umbrella group] has recruited a group of IT professionals and admins called the Iron Guards, and they are very sophisticated in what they can do."

Venzke has been hunched over his computer since October monitoring Web sites and chat rooms, working his "intelligence-community sources," and preparing clients for imminent attacks. He sees no sign of a slowdown. His most recent count listed more than 90 Israeli sites, mainly business and government, that have been attacked, while 25 pro-Palestinian sites have been attacked. Attackers have used everything from viruses like Melissa and LoveLetter to dubious sounding programs like EvilPing and Attack 2.51.

Unity, which has ties to the militant Islamic group Hezbollah, launched Phase 3, its denial-of-service campaign, largely by word of mouth. Through obscure hacker chat rooms and encrypted e-mail messages, pro-Palestinians from around the world were directed to a Unity Web site. Once there, they were automatically redirected to yet another site and greeted with this call to action: "Be one of the defenders of Resistance's Web sites." Surfers could then click on one of three links and instantly and effortlessly launch a FloodNet (DoS style) attack from their computer against 11 Israeli government groups and businesses. Among those pinged into submission were the Israel Defense Force home page, the Tel Aviv Stock Exchange site, and the Bank of Israel. But it was target No. 12-New Jersey-based Lucent Technologies-that sent a warning flare to businesses across the Atlantic. The so-called war would not be confined to the Middle East, and American businesses could end up casualties.

And this is only the beginning. In an e-mail interview, a representative of Unity warns that Phase 4 will "attack Zionist and pro-Zionist e-commerce sites. . . . If any Islamic or Arabic or Anti-Zionist Web sites [are] attacked, the reply this time will be over any scale."

While Unity has been busy trying to coordinate attacks, most of the damage has been done by freelancing hackers. By most accounts, the Web war in the Middle East started on October 6, 2000, when a pro-Israeli hacker launched an attack from a Web site called www.wizel.com. Among the sites attacked were the official sites for Hamas (a Palestinian Islamist movement), Hezbollah, and the Palestinian National Authority. "That caused a major retaliation by the Palestinians," says Venzke. Indeed, many pro-Palestinian hackers from around the region began defacing Israeli sites. A group of Pakistani hackers called G-Force Pakistan, plus a hacking duo named mOrOn and Nightman, as well as someone named tRicky, have independently defaced scores of Israeli sites.

A hacker named DoctorNuker broke into the American-Israel Public Affairs Committee Web site and made off with 700 credit card numbers and then sent out a mass e-mailing to 3,500 people whose addresses he also pinched. The FBI has kept a low profile but pointed callers to a National Infrastructure Protection Center's advisory that warned businesses to update their security.

As the cyberwar has progressed, attacks from Unity and other Palestinian groups have become so intense that they effectively shut down NetVision, Israel's leading ISP, which claims to have 70 percent of the market there. In response, the Israeli Defense Force announced it would use AT&T as a backup ISP. "When that was announced, there was instantaneous reaction in the chat rooms," says iDefense's Venzke. For its part, Unity claims in an e-mail to have successfully attacked AT&T in retaliation for that company doing business with the IDF. "We have used the DoS attack against them and we were successful three times, [with] one of them the site was blocked about 72 hours," the e-mail says. Asked about this, an AT&T spokesperson declined to comment.

"NetVision is an example of why we have so much more to lose," says Tenenbaum, the reformed hacker. "Our country and our businesses are dependent on the Internet, and in the future it will even be more so." If a cease-fire were declared tomorrow, would the cyberwar stop as well? This "[will last] as long as the fighting continues," mOrOn and Nightman write in an e-mail response. "[We] believe in miracles, and if such a miracle does happen [we] shall be the first one[s] to cease-fire this so-called cyberwar!"