◆ SpookStack

[__Josios PM 12/5/2001, Fwd: Hacker Story Peto Such information could allow an intruder to divert network traffic for any of the affected companies, or disable their networks altogether. In contrast to most networks, which are routed publicly over the Intemet, these customer networks were fully internal, running over private lines and address space, sometimes connecting corporate offices across coasts or continents. "It would have been pretty trivial to reset the password on any of these routers, which would have made it impossible for companies to perform remote maintenance on them," Lamo. said in an interview with Newsbytes. "That would effectively paralyze many of the companies dependent on their network infrastructure, because support staff would have to be dispatched to reset each router's information via a live hardware procedure. It could have been a real nightmare for some of the biggest players in the U.S. economy." The Web tool also included dial-up numbers and user/password information for routers serving dozens of other major companies - both domestically and abroad - including British Airways, Clorox, Daimler Chrysler, Dow Jones, the U.S, Department of Interior, the U.S. National Park Service, Ford Motor Co., Frito Lay, the Home Shopping Network, Nintendo and Pfizer, MCI Spokeswoman Jennifer Baker said the company Is grateful that Lamo opted to work with them over the weekend to correct the problem. "We learned on Friday that unauthorized access could be made to our adrrinistrative internal data network, a network that employees use to access MCI intranet sites," Baker said. "We immediately investigated the issue and corrected it and made sure no Worldcom customers were affected, and we certainly appreciated Adrian working with us so cooperatively over the weekend." Once on MCI's corporate intranet, the 20-year-old hacker was able to deconstruct most of the checks and balances that prevent the average employee from manipulating accounts and procedures on the network. Over time, he was able to make management-level decisions in various automated processes, such as creating, viewing and deleting employee records. ‘ "Using that information, an intruder could have intercepted and redirected e-mail for almost all employees, right up to the CEO, and with a bit of forethought changed the direct- deposit settings for any number of employees so that their paycheck ends up in an account in the Ukraine," said Larto, who provided Newsbytes with a set of partially redacted screenshots to document his tracks. "They had some very good precautions and fail-safes in place, but ultimately they were faced with an extraordinary situation that was never designed for someone sitting at Kinko's for a solid day looking at every angle he could think of," he said. Also buried within MCt's intranet was basic account information for other entities, including data and dial-up service accounts for the intelligence agencies, the MPAA, the Church of Scientology, and similarly diverse customers. The availability of such data raises chilling possibilities at a time when U.S. federal law be -5 bic -5 Printed fol 2 FBI(19-cv- 1495)-2166