About 20 Member Web Sites Defaced by Hacker

Posted August 6, 2009 at 2:28pm

A hacker defaced the Web sites of about 20 Members last weekend, replacing some of the text on their House.gov pages with a digital form of graffiti.

For a few hours, the Members’ sites bore the repeated phrase “H4ck3d by 3n_byt3 @ Indonesia H4ck3rs,— according to images on www.zone-h.com, a Web site that tracks defacements.

The hacker — who goes by 3n_byt3 — was able to gain access to the sites by guessing passwords that Member offices use to upload articles and change text.

GovTrends, a Web design company that hosts about 100 Member sites, assigned easy passwords and some offices never changed them to more difficult ones.

“It’s just one of those things. They were too obvious. It happens,— said Ab Emam, who founded GovTrends. “All we needed to do was change all the passwords to be more encrypted.—

While the assigned passwords before might has been easy-to-guess words, they will now be a combination of numbers, symbols and letters. Emam said he would also encourage offices to change their password every few months.

The incident has prompted Chief Administrative Officer Dan Beard to initiate a review of GovTrends’ security standards. The company hosts the Web sites off-site and has worked with the House for about four years.

Jeff Ventura, spokesman for Beard, emphasized in an e-mail that the defacements “did not result in the theft or loss of any sensitive data or materials.—

That type of information — such as e-mails and computer files — is kept behind the House firewall in servers on the Capitol campus, he said.

“Over the last year the House has continued aggressively fortifying its security systems,— he said in an e-mail. “These improvements to our systems resulted in the swift identification of the site defacements, which were fixed within hours of being detected.—

House computers have been hacked in the past. In 2006, hackers infiltrated 15 House offices. A memorandum at the time from the Information Systems Security Office reported that the hackers were able to record keystrokes and copy files.

But last weekend’s hack was more superficial, according to House officials. The hacker only gained limited access to the back end of the sites, which allow staffers to upload information.

In other words, the only information available was already public and on the Web site.

Several sources said 20 Web sites were affected, 14 of which are listed on www.zone-h.com. They are: Reps. Harry Mitchell (D-Ariz.), Wally Herger (R-Calif.), Harry Teague (D-N.M.), Russ Carnahan (D-Mo.), Allen Boyd (D-Fla.), Debbie Halvorson (D-Ill.), Spencer Bachus (R-Ala.), Steve Driehaus (D-Ohio), John Adler (D-N.J.), John Campbell (R-Calif.), Chet Edwards (D-Texas), Jesse Jackson Jr. (D-Ill.), Bobby Scott (D-Va.) and Duncan Hunter (R-Calif.).

According to the Web site, the hacker who goes by 3n_byt3 is responsible for at least 797 defacements on a variety of Web sites.