Botched hack brings down major US port
A UK hacker brought down the computer system of a major US port in a botched and potentially “catastrophic” denial of service revenge attack on another chatroom user, Southwark Crown Court heard today. The Port of Houston in Texas had its servers hijacked by Aaron Caffrey, 19, from Shaftesbury in Dorset, who used a well-known ‘Unicode’ exploit to take advantage of security vulnerabilities in Microsoft’s IIS web server software, the prosecution claimed. The denial of service attack on 20 September 2001, which was traced to a computer at Caffrey’s home by US police, was allegedly aimed at taking a South African chatroom user called ‘Bokkie’ offline after she had made comments on IRC attacking the US. Caffrey allegedly took offence at the comments because his girlfriend at the time, Jessica, was American. Chatroom logs read out at Southwark Crown Court today heard that a user calling himself “Aaron” told another chatroom user on the night of the attack: “She [Bokkie] hates America. She was probably one of the people cheering when Bin Laden attacked the USA. I want to see her time-out. If she hates America, she hates Jessica. That is a no no.” The chat logs also revealed that “Aaron” used a list of unpatched servers downloaded from the internet to hijack the machines and launch a denial of service attack on Bokkie. But it almost ended in disaster when it crashed the Port of Houston’s systems under the weight of 100,000 requests to ping data at Bokkie’s computer, leaving vital navigation and weather data inaccessible. http://www.ds-osac.org/view.cfm?KEY=7E45574B4556&type=2B170C1E0A3A0F162820