Hackers hijack Epson website

By PETER GRIFFIN

A website hacking group known as Primesuspectz has struck again.

Exploiting the same security hole that allowed it to gain access to Microsoft's website this week, the group struck again on Wednesday night, hijacking the local website of printer manufacturer Epson.

Karim Hussona, chief executive officer at Compass Communications, the company that hosts the Epson website, confirmed the hackers had exploited the same breach used to gain access to Microsoft's website, but said the site had only been defaced and no one had gained access to information.

"Some files were overwritten through the breach in Microsoft Internet Information Server, the software we're running. We host quite a large number of corporate websites but this is the first time we've had a breach like this," he said.

Corporate websites around the world have been hammered by a recent spate of hacking activity that has exploited numerous holes in the software of Microsoft and other big software vendors.

As Epson fell victim to Primesuspectz, the British websites of vehicle manufacturers Fiat and Mitsubishi were infiltrated.

The hacking activity has added ammunition to the arguments of Microsoft critics who say the software giant is not doing enough to make users aware of the latest security patches for its products.

"We're very much in the hands of the software developers like Microsoft and Oracle to make sure that their systems are secure," said Mr Hussona.

"The way that Norton do their anti-virus software is great because you can connect every day and download patches. An application like Microsoft IIS should have a similar feature. It should be automated."

While software companies such as Microsoft regularly release security updates to try to keep ahead of the hackers, research by global security group Attrition.org, shows that of the 5823 reported website defacements last year, 99 per cent were through failed security patches.

Microsoft New Zealand's technical manager, Richard Burte, said systems administrators needed to be more vigilant when it came to obtaining the latest security patches for software products.

"We provide services on the Microsoft security site but it's important that administrators have their procedures up to date. That doesn't just apply to users of Microsoft software but other software vendors as well."

Epson staff were not available for comment yesterday.