White House Web site shut down

"An attempt was made to break into the system that operates the Web page yesterday morning," White House spokesman Barry Toiv told MSNBC Tuesday, "and so what we've done is use existing procedures to limit access to the system so we could make a full assessment."

He said he expected the Web site to be back in operation overnight.

Computer attacks on government Web sites have taken on a higher profile in the wake of Friday's embassy bombing, which left three dead and 20 injured. The bombing, which NATO said was due to an intelligence error, sparked a wave of demonstrations at the U.S. Embassy in Beijing, as well as widespread criticism online and offline.

A variety of federal sites have been defaced by political protesters. But the primary motivation behind the attack on the White House site was merely to show that it could be done, a teen-ager who said he was involved in the attack told MSNBC.

A telephone conversation with the 18-year-old was arranged through an intermediary. The teen, who claimed to be a member of the group known as gH or "Global Hell," spoke on the condition that neither his real name nor his hacker nickname would be published.

Just luck
The teen said the White House Web break-in was "actually just luck." Members of gH caught the White House system administrator transferring log files in an insecure manner via an unsecured FTP site that "was snooped out from another box (computer)," he told MSNBC.

"I have no idea why they would do that... Whoever that admin was, he didn't know what he was doing," he said.

Along with gH, a group calling itself the Hong Kong Danger Duo took part in the White House hack, the teen said.

NBC News reported that the intruders' trail had been traced back to computers in Hong Kong. However, the teen said Hong Kong was not the base of operations. He declined to describe the route taken for the attack.

He said the White House hack lasted for only a few minutes, due to what is known as a "crontab," a timed command set by the system administrator. This command automatically refreshes the entire site with identical content from a secure server to help guard against the kind of attack that took place Monday.

Other departments hit
Government sources told NBC News that attackers also hit the Web servers for the departments of Energy, Interior and Labor, as well as the U.S. Information Agency's Web site. All those Web sites were in service Tuesday afternoon, although traffic to the Energy Department's Web site was redirected to a numerical Internet address.

The sources said the intruders left behind "cyber-graffiti" - slogans saying, for example, "You bombed the Chinese Embassy, this is what you're going to get." Some of the graffiti was in Chinese characters, the sources said.

In all cases, the Web computer servers contained only publicly available information, and no classified information was compromised, officials emphasized.

The politically motivated attacks on departmental Web sites appear to be unrelated to the White House attacks. The teen from gH said he had no idea who carried out the other computer attacks, an assertion that meshed with other reports.

Several hacker-oriented sites - including AntiOnline, Hacker News Network and Attrition.Org - posted what they said were copies of the White House hack. A message hidden inside the source code for the page reads: "You found my elite hidden source. Wow. Ok, no real msg here. Stop all the war, no point for it. This box wasn't ever secure."

No necessarily political
Brian Martin, who runs the Attrition.Org site, said the "stop all the war" reference doesn't mean the attack was launched with politics in mind.

"A lot of hackers will do that to kind of justify what they are doing," Martin said.

"They hacked this site because they could," he said. "They saw a window of opportunity and took it."

The White House site is operated under contract by PSINet of Herndon, Va. WASHINGTON --The White House shut down its public Web site for a day because of computer attacks, a spokesman said Tuesday. Government Web sites have sustained a wave of assaults apparently aimed at protesting last week's NATO bombing of the Chinese Embassy in Belgrade. However, in an interview with MSNBC, a computer user who claimed a role in the White House Web break-in denied that there was a political motive.

"An attempt was made to break into the system that operates the Web page yesterday morning," White House spokesman Barry Toiv told MSNBC Tuesday, "and so what we've done is use existing procedures to limit access to the system so we could make a full assessment."

He said he expected the Web site to be back in operation overnight.

Computer attacks on government Web sites have taken on a higher profile in the wake of Friday's embassy bombing, which left three dead and 20 injured. The bombing, which NATO said was due to an intelligence error, sparked a wave of demonstrations at the U.S. Embassy in Beijing, as well as widespread criticism online and offline.

A variety of federal sites have been defaced by political protesters. But the primary motivation behind the attack on the White House site was merely to show that it could be done, a teen-ager who said he was involved in the attack told MSNBC.

A telephone conversation with the 18-year-old was arranged through an intermediary. The teen, who claimed to be a member of the group known as gH or "Global Hell," spoke on the condition that neither his real name nor his hacker nickname would be published.

Just luck
The teen said the White House Web break-in was "actually just luck." Members of gH caught the White House system administrator transferring log files in an insecure manner via an unsecured FTP site that "was snooped out from another box (computer)," he told MSNBC.

"I have no idea why they would do that... Whoever that admin was, he didn't know what he was doing," he said.

Along with gH, a group calling itself the Hong Kong Danger Duo took part in the White House hack, the teen said.

NBC News reported that the intruders' trail had been traced back to computers in Hong Kong. However, the teen said Hong Kong was not the base of operations. He declined to describe the route taken for the attack.

He said the White House hack lasted for only a few minutes, due to what is known as a "crontab," a timed command set by the system administrator. This command automatically refreshes the entire site with identical content from a secure server to help guard against the kind of attack that took place Monday.

Other departments hit
Government sources told NBC News that attackers also hit the Web servers for the departments of Energy, Interior and Labor, as well as the U.S. Information Agency's Web site. All those Web sites were in service Tuesday afternoon, although traffic to the Energy Department's Web site was redirected to a numerical Internet address.

The sources said the intruders left behind "cyber-graffiti" - slogans saying, for example, "You bombed the Chinese Embassy, this is what you're going to get." Some of the graffiti was in Chinese characters, the sources said.

In all cases, the Web computer servers contained only publicly available information, and no classified information was compromised, officials emphasized.

The politically motivated attacks on departmental Web sites appear to be unrelated to the White House attacks. The teen from gH said he had no idea who carried out the other computer attacks, an assertion that meshed with other reports.

Several hacker-oriented sites - including AntiOnline, Hacker News Network and Attrition.Org - posted what they said were copies of the White House hack. A message hidden inside the source code for the page reads: "You found my elite hidden source. Wow. Ok, no real msg here. Stop all the war, no point for it. This box wasn't ever secure."

No necessarily political
Brian Martin, who runs the Attrition.Org site, said the "stop all the war" reference doesn't mean the attack was launched with politics in mind.

"A lot of hackers will do that to kind of justify what they are doing," Martin said.

"They hacked this site because they could," he said. "They saw a window of opportunity and took it."

The White House site is operated under contract by PSINet of Herndon, Va.