Hacker hits Australian National Library Intranet

A hacker attacked the National Library of Australia, leaving a crypticmessage on part of its Web site. The defaced page sits on a Windows NTplatform, which created a weak link in the service.

A hacker has defaced the National Library of Australia, leaving a cryptic message on part of its Web site. The defaced page sits on a Windows NT platform, which according to one source, created a weak link in the service.

AUSTRALIA (ZDNet Australia) - News of the attack was announced on the Web site www.attrition.org, which lists Web server defacement statistics.

"Fortunately they haven't done any damage, the Web site is still fully accessible through the main address," National Library of Australia director of Web services, Judith Pearce said.

However, Pearce told ZDNet that the library needs to plug the hole as soon as possible as "any server that can be hacked into puts us at risk."

The National Library of Australia's main Web site was left undamaged, however one particular server was defaced, which is a gateway to a Web-based application.

The database application server was replaced by "H4x0r3d by: thepr0digy". Company sources were unaware of the meaning of this piece of text.

Pearce told ZDNet that since the National Library in France was defaced earlier this year, the Australian organisation had a close look at its own service to see if the site was at risk of being hacked.

"We were relieved to find the hacker was targeting NT servers," Pearce said.

However, although the main part of the Web site is built on a Unix platform, the library overlooked the server providing access to the site through the Internet, which sits on the NT server.

"The server was susceptible to attack as it sits on the Windows NT platform. The main Web site runs on a Unix system, which is harder to hack in to," Pearce said.

According to Pearce, the Windows NT server is "certainly a downfall of the platform."

"We're aware of the security weakness of the NT platform. We have to watch for patches making sure they are being applied," Pearce said.

Either the hacker couldn't get into the Unix platform that the main Web site sits on or, "[the hacker] wasn't interested in doing significant damage," Pearce said.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All