Denial of service attacks draw government attention

www.infoworld.com |  Security

A FULL-SCALE launch of denial of service attacks on high-profile Web sites
continues unfettered, with ZDNet, E*Trade, and possibly Datek Online serving as the
latest victims to temporarily be taken offline because of directed traffic logjams sent
via an unknown source.

All three Web sites reported periods of non-accessibility for Web users at some
point Wednesday morning. The FBI Wednesday plans to detail actions the government is
taking to investigate the origin of the widespread assaults.

Robert Borschert, a spokesperson for ZDNet, said his company's Web site went down
from 6:30 a.m. to just before 10:00 a.m. EST Wednesday after it was bombarded with a
bogus data-packet stream that flooded the site, much in the same manner Yahoo, eBay,
and CNN have all succumbed in the past few days.

"It [the attack] clearly was not something that was a surprise to us," said
Borschert, hinting the same group responsible for knocking out ZDNet may also be
responsible for targeting and successfully crippling other big-name Internet sites.
Borschert would not speculate on the origin or financial impact of the attack, but he
said ZDNet is cooperating with the FBI's investigation.

The latest round of denial of service attacks arrives two days after Yahoo's 3-hour
shutdown on Monday, and a day after Amazon.com, eBay, CNN, and Buy.com all reported
experiencing similar Internet "traffic jam" problems on their Web sites.

A denial of service attack involves overloading a Web site, rather than breaking
into it. In these attacks, routers connecting the sites to the rest of the Internet
have been flooded with so much fake traffic that the router becomes unable to cope.
Once this is achieved and the site is overloaded, genuine users find themselves unable
to connect.

Finding out who is responsible for the assault of bogus traffic is difficult
because the perpetrators spoof the source addresses on messages they are sending out.
Because it is a fake source, an IT manager would have to go through every router in the
system to find the specific Internet connection linked to the denial of service attack.

For the type of attacks being felt and seen this week, hundreds upon hundreds of
machines at various locations could be directly responsible, said Elias Levy, chief of
technology at SecurityFocus.com. Levy said that with each assault, an end to the
attacks could draw near.

"The more they [hackers] keep doing this, the more likely they are to get caught,"
Levy said.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question