FBI Opens Investigation to Track Attacks

Over the past two days, the Web sites of Yahoo Inc., Buy.com Inc., CNN.com, ZDnet, ETrade Group Inc. and eBay Inc. have been victimized by massive network-based denial-of-service attacks that made these sites unavailable to legitimate users for about three hours at a stretch. By carefully filtering out Web site traffic, the ISPs (Internet service providers) in each case managed to bring these sites back into normal use. The FBI, which has begun working with the victims to nab the perpetrators, claims the scale of the attacks is unprecedented.

"With the kinds of victims and the sequence of events, this makes it the most we have ever seen," said Ron Dick, chief of the computer investigations and operation section at the National Infrastructure Protection Center, which is housed at the FBI here.

The FBI, which is in close contact with all the victims, as yet has no motive or suspects in the series of attacks that appear to rely on the newer type of denial-of-service tools such as Trin00 or Tribal Flood Network.

Posted out on hacker Web sites for easy download, these tools work by allowing a single attacker to launch multiple SYN floods, pings or other network disruptions by coordinating the attack through hundreds of compromised machines. For the attacker, the trick is to secretly install the denial-of-service attack code on multiple servers. Then at his own desktop, the attacker can remotely command these multiple, compromised machines to attack the target.

The distributed denial-of-service attack code out on the Internet is so simple "a fifteen year-old could use it," Dick says.

The successful shootdowns of Yahoo and other high-profile targets have evoked a vow from U.S. Attorney General Janet Reno to track down the criminals.

"We're not aware of the motives behind these attacks, but they appear to disrupt legitimate e-commerce," said Reno at a press briefing here today. She said specially trained field prosecutors are working with the companies that were the victims.

"We're determined to track (the perpetrator) down and bring them to justice so that the law is enforced," Reno warned.

If convicted of the denial-of-service attacks, the perpetrator faces a five-year prison term for a first offense, a 10-year term if convicted of multiple attacks, and up to US$250,000 per count. The companies that were victimized could also press a civil case against the perpetrators.

Catching the criminals will probably take time, Dick said. "We're collecting all the logs of the victim's sites," he noted. "Historically, this has not just been a U.S. issue. We inevitably end up overseas where an unwitting ISP is involved."

Dick said the FBI will use its own network surveillance methods to track the crime back to its source on the Internet.

But he urged network managers at both enterprise networks and ISPs to check and make sure that their servers have not been compromised by secretly-installed denial-of-service attack code. Tools for making that check are available at the National Infrastructure Protection Center's Web site.

"Tools such as Tribal Flood Network and Trin00 we have seen being installed on various machines around the world," Dick said. "Most likely the origin of these attacks now are the networks of unwitting people. Intruders have placed tools there without their knowledge, and someone else is controlling them."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

PC World
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?