Hackers deface federal sites
Chinese groups hit sites over the weekend, in advance of anticipated May 1 attacks
An alert from the National Infrastructure Protection Center warned systems administrators to be on the lookout for Chinese hackers defacing Web sites starting April 30, but several federal Web sites were hit over the weekend in advance of the expected May 1 attacks.
On April 28 and 29, more than six federal sites — both civilian and Defense — were defaced by hackers claiming to be from China, according to Attrition.org, a group that tracks Web site defacements. The sites include ones belonging to the Labor Department, the Minerals Management Service and the Washington, D.C., Naval Computer and Telecommunications Center. Several sites were still down April 30.
The NIPC advisory warned that because of recent tensions between the United States and the People's Republic of China, "malicious hackers have escalated Web page defacements over the Internet."
In chat rooms and other Internet communications, the NIPC said Chinese hackers have discussed attacking U.S. Web sites on dates that hold historic significance within China, including May Day on May 1; Youth Day on May 4; and the anniversary of the accidental bombing of the Chinese Embassy in Belgrade, Yugoslavia, May 7.
The defacements included the group called redcrack replacing an agency's home page with the comment, "Strongly protest against the hegemonicaction of usa on encroaching upon China's territorial integrity and sovereignty!" And the China Tianyu group is replacing home pages with pictures and a Chinese news story on Wang Wei, the pilot that died in the collision with a U.S. Navy spy plane April 1.
The FBI, including analysts at the NIPC, is investigating the defacements, officials said.