December 15, 2000, 9:24 AM — Hackers broke into the U.S. Army's Web site yesterday and defaced the main home page, an Army spokesman confirmed this morning.
There were "no security breaches," and operations weren't impacted, according to spokesman Jim Stueve at the Pentagon.
"Once the unauthorized page was detected, it was replaced," Stueve said. The incident occurred sometime between 3:45 a.m. and 5 a.m. and is now under investigation, he added.
While the Army said officials don't yet know how the electronic intruders gained access to the Army site, some observers believe the hackers may have used a known security hole in Allaire Corp.'s Cold Fusion software. Stueve said the Army uses Cold Fusion but couldn't confirm that was the cause.
Allaire issued bulletins earlier this year about Cold Fusion, warning that some sample applications shipped with the software could leave systems vulnerable to files being uploaded or deleted on a site.
"If you know what you're doing, you can get" into sites, Stueve said. The Army is currently looking into the software, he said.
The Army is the latest government site to be targeted by hackers, who have hit the sites of the White House, the FBI and Senate in recent weeks.
One security analyst said this latest incident is a result of the existing e-commerce world: "Get it up, and be current, neat and interactive."
The reason the break-in happened wasn't that the Army did anything wrong, said Alan Paller, director of the Sans Institute in Bethesda, Md. It is using new technology with neat aspects, but the programmers writing the technology aren't perfect, Paller said.