Bill Gates targeted in hack attack

A story posted on a US newspaper's website has suggested that Bill Gates has been arrested for breaking into "hundreds, maybe thousands" of computers including those of Nasa's Jet Propulsion Lab in Pasadena and Stanford University.

However, the Orange County Register, which had originally posted a story reporting the arrest of hacker Jason Diekman, had itself been hacked by an unknown attacker who had altered some of the story's details.

The hacker substituted Diekman's name for that of Microsoft chairman Gates.

According to the story, Gates was facing two federal counts for breaking into Nasa computers: one charge of illegally obtaining credit card numbers and a further charge of fraudulent credit card purchases.

The paper, which is located in Southern California and owned by Freedom Communications, has turned over evidence it hopes will lead to the identity of the person who attacked it to the FBI, which has started an investigation.

Chris McNab, network security analyst at MIS Corporate Defence, said the attack on the paper highlights the need for administrators to be vigilant about the contents of their sites and put in place security procedures that will frustrate opportunistic hackers.

"With this kind of defacement everything looks fine at first sight. The system administrator won't realise anything is going wrong so a defacement might stay up longer," said McNab, adding that 'data poisoning', although rarer than more blatant defacement, is something companies need to guard against.

He explained that companies could protect themselves against defacement, and the legal liability it might bring, by putting in place security measures that would act as a practically insurmountable barrier to opportunists.

This can be achieved by establishing a proactive security policy, where the latest security patches are put in place, and putting in place technologies such as web fingerprinting and intrusion detection, he added.