Military hackers hit US Defense office

A pair of hackers that recently claimed responsibility for a spree of defacements on US government military web servers, hit the US Office of the Secretary of Defense (OSD) on Friday night and posted data stolen from the US Defense Logistics Agency (DLA).

Screenshots of two DLA databases were posted on a subdomain of the Secretary of Defense site at OSD.Mil.

In the defacement the hackers also claimed to have full system-wide access to the OSD databases and the screenshots show names, logon details and encrypted passwords for DLA employees.

Earlier in the week the hackers, going by the name 'the Deceptive Duo', had defaced websites on the US Space and Naval Warfare Systems Command network, leaving database screenshots containing the email addresses and full names of customers for the major airline Midwest Express and the Union bank.

This morning revealed a similar attack on a US navy website, when again details of military personnel were posted on the defaced site.

The various military institutions affected by the attacks appear to have been informed of the breaches and are said to be working to correct the damage.

Some security sites are even reporting that the Deceptive Duo are offering security help and information to the administrators of the breached domains over IRC (Internet Relay Chat).

In their defacements the Deceptive Duo claim to be "two US citizens that understand how sad our country's cyber-security really is."

Their 'mission' is to alert the US to national security threats to the country's critical infrastructures - government agencies, banks, environmental system controls, airport/airlines, corporations, and "once located, to publicly inform those who deserve to know the extent of incompetence that lies between foreign lines and the United States Administration."

Since they started their crusade about a week ago, the duo have attacked around 30 websites, including a number of US government and military websites.

"This situation proves that we are all still vulnerable, even after 9/11," the hackers wrote.

"Tighten the security before a foreign attack forces you to. At a time like this, we cannot risk the possibility of compromise by a foreign enemy," they said.