Fed Web defacings called 'nuisance'

Defacements of several agency Web sites were the only apparent recent computer attacks by Chinese activists

NIPCadvisory

Several "nuisance" defacements of U.S. government Web sites were the only apparent manifestation of anticipated computer attacks by Chinese activists last week.

The National Infrastructure Protection Center issued a warning noting that "malicious hackers have escalated Web page defacements over the Internet" as a result of tensions between the United States and China over the April 1 collision of a U.S. Navy surveillance plane and a Chinese jet fighter.

The Federal Computer Incident Response Center, the clearinghouse for information on computer security for civilian agencies, issued several e-mail alerts to administrators throughout the week. One alert said the number of security breaches was up but still within the normal range. It also said there was an increase in attempts to find potential vulnerabilities.

The increased scanning heightens the potential for system compromises, and FedCIRC urged administrators to install applicable security patches and institute daily reviews of system log files for unusual activity.

The Defense Department also increased its readiness, raising the Information Operations Condition, or Infocon, to "Alpha" until May 8. Infocon levels are intended to raise awareness, prompt network administrators to be especially vigilant and encourage users to change passwords and upgrade anti-virus programs. "Normal" is the lowest Infocon level, which can progress to Alpha, Bravo, Charlie and Delta, the highest alert. There was an increase in attacks on DOD Web sites, but they were considered only a nuisance and did not interfere with military operations, said Army Maj. Barry Venable, a spokesman for U.S. Space Command, the organization that oversees the military's incident response center, the Joint Task Force-Computer Network Defense.

At least 10 civilian agency sites were defaced, including a Federal Emergency Management Agency site that provides updates during hurricanes.

FEMA took the site down for about 30 minutes on May 1, but the impact on the agency was minimal and did not jeopardize its ability to provide disaster recovery services, said G. Clay Hollister, FEMA's chief information officer. "This is no crisis," he said. "It's a nuisance, is what it is."

Greg Langlois and George I. Seffers contributed to this report.

NEXT STORY: FAA beams data to travelers