X

Report: Turkish hackers breached U.S. Army servers

Investigators believe hackers used an SQL injection attack to break into U.S. Army servers and redirect visitors to other sites, according to InformationWeek.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Elinor Mills

Hackers based in Turkey penetrated two U.S. Army Web servers and redirected traffic from those Web sites to other pages, including one with anti-American and anti-Israeli messages, according to a report in InformationWeek.

The hackers, who go by the group name "m0sted," breached a server at the Army's McAlester Ammunition Plant in Oklahoma on January 26 and a server at the U.S. Army Corps of Engineers' Transatlantic Center in Winchester, Va., on September 19, 2007, the report said.

Investigators believe an SQL injection attack was used to exploit a vulnerability in Microsoft's SQL Server database in order to gain access to the servers.

It is unclear whether any sensitive information was accessed, according to the report.

Search warrants have been served on Microsoft, Yahoo, Google, and other ISPs and e-mail providers, while a criminal investigation is underway at the Defense Department, the U.S. Army's Judge Advocate General's Office, and the Computer Emergency Response Team, InformationWeek reported.

The same group defaced the United Nations Web site in 2007, also using a SQL injection attack.