Hacker Breaks into State's Web Site Intruder Forces Weekend Shutdown of Minnesota North Star Posted 10:45 p.m. July 29, 1997 -- A computer hacker broke into Minnesota's state government Web site last Friday afternoon, prompting a weekend shutdown. WCCO-TV and Channel 4000 also have learned that before the intruder's activities were discovered, the hacker deleted up to one day's worth of files. He or she also posted a short, cryptic message, under the headline: "Welcome to our corrupt gov.'s Web page." The suspected crime has been referred to the FBI's offices in Minneapolis. Friday's hack job is the first such security breach since the state launched the North Star site two years ago, according to Sydney Jensen, who's overseeing the creation of an improved and more-secure version of North Star. North Star, which is the Internet home of more than 80 state agencies, was closed to public viewing from about 2:30 p.m. Friday to 7 p.m. Sunday. During that time the University of Minnesota's JAWS group (Java and Web Services) tried to track down the person responsible for Friday's intrusion. Jensen said it appears it was the work of one person. That the FBI's Minneapolis office was contacted may suggest that the trespasser committed the act outside Minnesota, meaning a federal law may have been violated, according to WCCO-TV's Pat Kessler. An FBI spokeswoman told Channel 4000 that her office has not yet determined if it will investigate. "There are some real distinct tracks," said Jensen, referring to an undisclosed trail of clues the meddler apparently left behind. She would not elaborate, saying it might hinder their investigation. There has not been an arrest in the case. North Star and university staffers were aware of the breach within 15 minutes of its occurrence, she said. "The instant it was discovered . . . the 'disaster recovery plan' rolled into effect," said Jensen. "We were able to recover from Thursday night's backup tape, which meant only [unsaved] work that had been done on Friday had been lost." She estimated that very little significant data, if any, cannot be recovered. In fact, other than a crime (or crimes) being committed and North Star visitors being inconvenienced during the shutdown, no long-lasting harm was done, she said. "No, certainly not," said Jensen. "The data was there and the security's in place. There was no movement from North Star to any state system or to the university." Among state government Web sites, North Star is among the most comprehensive in the country. North Star ranked sixth in a recent national ranking of in-depth state sites, according to a study conducted at the University of Arizona at Tucson. The front page of North Star site, which is run by the Minnesota Office of Technology, averages about 6,000 hits a day, according to Jensen. Viewer traffic within the site is monitored by the agency, so complete traffic figures are unknown. The 1997 state Legislature set aside $935,000 to create an expanded state Web site under the working title "North Star II." The current North Star is a "demonstration" system and thus is more susceptible to corruption from outside sources, according to Jensen. She said she has no idea why someone would break into the state site, other than bragging rights. Perhaps the hacker's message, a photocopy of which was obtained by WCCO-TV, offers some clues. It said: ------------------------------------------------------------------------ "Can it be true? is the government corrupt? all those coverups? can it be so?!?!?! el8 we, th3 m3mb3rz 0f el8, are g01ng 0ut 0n a crus4d3" ------------------------------------------------------------------------ Jensen said "el8" stands for an "elite" member of the hacker community, someone who's earned their cyber wings by breaking into a Web site. This is not an isolated case. Last August, hackers hit the Justice Department's home page, posting images and statements that protested the Communications Decency Act. Four months later, a computer hacker tampered with the Air Force home page, forcing the Pentagon to shut down most of its public access web sites. Governmental sites aren't the only ones targeted. In March, someone hacked into the NCAA's Internet homepage and replaced it with a page containing racial slurs Related site: You'll find North Star's homepage at: http://www.state.mn.us/mainmenu.html Jay Maxwell, Channel 4000 Staff Writer