U.S. Navy caught hacking into British marine charity Web site

By Kristi Essick
InfoWorld Electric
May 8, 1998

The U.S. Navy has been caught attempting to break in to secure areas of a World Wide Web site sponsored by a U.K. marine-mammal preservation charity, according to officials at the organization.

The Whale and Dolphin Conservation Society (WDCS) -- which operates an online shopping site aimed at generating money for the welfare of the animals at http://www.wdcs-shop.com -- said it was alerted to the attempted break-in last week by its site-hosting company, Merchant Technology Ltd. "We were working late one night, and a command line request came in wanting to access unauthorized areas of the site," said Andy Fisher, marketing manager for Merchant. "We were amazed to find out it was the Pentagon."

Merchant built and manages the secure electronic-commerce site for the conservation society and routinely keeps an eye on who visits. If users attempt to gain access to unauthorized areas, the company is alerted to the source of the incoming request.

At 9:45 p.m. GMT on April 28, Fisher said, workers at Merchant were shocked to see an incoming attempt to breach security by a user identified as donhqns1.hq.navy.mil.

Merchant got in touch with WDCS immediately, only to find out that the charity had been contacted by the Navy a few weeks earlier. The Navy was interested in obtaining a report the group is working on that details the efforts of Russian animal experts to train dolphins in the Black Sea for military tasks, such as finding and attaching probes to submarines, Fisher said.

A WDCS representative said that there is nothing secret about the Russian government's activities in this area but that the document does contain information about the export of the trained dolphins to foreign countries. The group declined to give the Navy a copy of the report only because it was not complete at the time. Once it is made final, the report will be published and the Navy can then examine it, the representative said.

The WCDS said that it is confused about why the Navy would attempt to break in to its Web site. "I think whoever it was within the U.S. Navy facility would have better things to do rather than try and hack into our computers," said Chris Stroud, the organization's director of campaigns, in a statement. "If they were seeking reports on the Black Sea, we shall be freely publishing these in the near future anyway."

The WCDS previously has commented unfavorably on Navy activities such as its low-frequency sonar trials off Hawaii and on ship collisions with endangered whales, the group said. Merchant says it is "100 percent sure" the hacking attempt originated from the Navy. WDCS has notified the U.S. Embassy in London and the relevant U.K. authorities, the organization said.

"We hope that the U.S. authorities have some rational explanation for this incident," Stroud said.

"The Navy has not yet received a formal complaint on the issue," said a Navy official, who declined to be named.

"Until the Navy receives a formal complaint with details, there's not much we can do to proceed further."

Merchant Technology Ltd., in Bath, England, can be reached at 44 (1225) 481 015. The Whale and Dolphin Conservation Society, also in Bath, can be reached at 44 (1225) 334 511 or http://www.wdcs.org.