One-time HAC Modules turn clock to 2000
London, UK, 09:30 GMT 28th October 1999 - mi2g software has
had two serious cases in October of clients being attacked by one-time Hacker
Activated Code (HAC) modules that bring the clock forward to different dates
in January 2000. The computers attacked have been primarily running Windows
NT, 98 & 95 and MS Office applications. Some of the other computers on
the network have been Linux and Solaris. All appropriate authorities are being
The time forwarding is being achieved by the one-time HAC modules within
the attacked computer networks by setting an individual workstation or local
network's clock forward, whilst disabling its synchronisation ability with
the central time server.
One of the immediate effects on Y2k non-compliant computers and peripherals
has been serious mal-function. Even for those systems that are Y2k compliant
the forward clock setting has caused between 25% to 40% of software licenses,
passwords, user accounts and files to fail.
The head of the SIPS team has made the following comments:
Not just financial risks but serious safety issues are involved. For example,
major airline and air control networks are prone to malevolent access and
not all of them around the world are fully Y2k compliant at present.
If a malevolent employee, virus writer or hacker ends up forwarding the system
clock by say three months to 28th January 2000 using these one-time HAC modules
or other mechanisms, this appears to trigger:
1. Immediate shut down for Y2k non-compliant systems;
2. Partial operability for Y2k ready systems that have monthly or bimonthly
expiry dates linked with software licenses, passwords, user accounts and files.
At present, system clocks investigated are especially vulnerable and need
to be guarded. As Y2k clock tampering one-time HAC modules (Hacker Activated
Code) continue to proliferate, time forwarding of a network's internal clocks
is a high risk especially for non-compliant Y2k businesses as this accelerates
the Millennium Bug forward straightaway.
1. mi2g software presented seminars on e-risk in London at Richards
Butler on 4th August, Hammond Suddards on 8th September and Reuters on 27th
October. A total of 320 CEOs, CTOs, COOs and Partners from USA, Germany, Japan
and Britain have attended the events. We presented an update on all major
e-risk incidents and trends within the escalating threat to large on-line
businesses, financial institutions and multi-nationals. Future seminars on
e-risk are planned for November 99.
2. Downstream Liability is the real possibility of litigation arising
from customers and businesses that have bought a product or a service from
a vendor in good faith and have surrendered personal and financial information
about themselves for a declared purpose only.
3. The total cost of servicing Cyber Warfare incidents worldwide is likely
to exceed £12.5 Billion in 1999 according to mi2g software. In
the last ten months, there have been three major virus attacks and several
full scale Cyber Attacks. Melissa in March, Chernobyl in April and the fatal
ExploreZip in June cost corporations huge unplanned and unbudgeted resources.
Variants of these three and other lethal viruses have been emerging at a steady
rate to date.
4. mi2g software (www.mi2g.com) is a leading edge London based e-commerce
enterprise specialising in e-risk management and bespoke security architecture.
5. e-risk, e-risk analysis, e-risk management, How to manage
e-risk?, Downstream Liability, e-risk insurance, Bespoke
Security Architecture are trade marks of mi2g software (mi2g.com).