CERT hit by DDoS attack for a third day
CERT/CC, one of the Internet's leading network security sites, was sporadically unavailable for the third consecutive day Thursday due to a Distributed Denial of Service attack, a spokesman said.
CERT/CC, the Computer Emergency Response Team/Coordination Center, is a government-funded research and development center based at Carnegie Mellon University in Pittsburgh. The center's Web site has been unavailable, off and on, since Tuesday when it came under a Distributed Denial of Service (DDoS) attack.
A DDoS attack is one in which a number of computers worldwide are harnessed, often through hacking, to flood a site with requests for service. Due to the volume of requests, the victim computer cannot distinguish between standard and attack traffic, thus keeping anyone from getting access.
Such attacks are launched around 4,000 times each week, according to a study released earlier in the week by researchers at the University of California at San Diego.
"The recent activity directed against the CERT Coordination Center (CERT/CC) Web site is not unique. On a daily basis, the CERT/CC is the target of attack attempts by intruders, and has been for many years," said Jeffrey Carpenter, manager of the CERT/CC, echoing CERT/CC director Richard Pethia's statement from Wednesday.
Security companies say similar things.
"The problem (of DoS attacks) is really pervasive," said Christine Washburn, director of marketing at Mazu Networks Inc., which sells an anti-DDoS product.
Launching such attacks is easier than ever before thanks to automated tools, Washburn said, noting that the recent attacks, such as those on the White House's Web site, were fairly simplistic.
The ease with which DDoS attacks can be launched is troubling, she said. "People have got to take this seriously."
Taking the situation seriously is not simply a matter of installing patches and firewalls and closely monitoring servers, she said. Rather, companies and organizations like CERT/CC need the ability to stop DDoS attacks, not just hope that they end quickly, she said.
Firewalls and other devices won't work to stop DDoS attacks because they aren't close enough to the guts of the Internet, Washburn said. Instead, the approach that the Mazu system takes is to use a distributed system located closer to the heart of the Internet which can filter normal traffic from attack traffic and monitoring systems for early signs of trouble.
CERT/CC's Carpenter underscored Washburn's point.
"The nature of the protocols and technology used for the Internet causes organizations to be dependent on the security of others. Thus, no organization, including the CERT/CC, is completely immune to occasional service disruptions," he said.
CERT/CC's Web site, at http://www.cert.org/, was back online midday Thursday.
CERT/CC, in Pittsburgh, can be contacted at +1-412-268-7090 or reached online, normally, at http://www.cert.org.
ITworld.com
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
