UPDATE: eBay, Amazon, Buy.com Hit by Attacks
- — 10 February, 2000 16:08
First to be hit was Buy.com, which saw its Web site become virtually inaccessible just hours after the company successfully completed an initial public offering on the Nasdaq market in New York.
"At 10:50am PST our site experienced a slowdown due to a denial of service attack," said Buy.com in a statement attributed to chief executive officer Greg Hawkins.
"We had 800 megabits per second hit the site, which equals eight times our capacity. On average, our site runs at only 30 per cent capacity, which gives you an idea of how unprecedented this traffic hit was. Our support staff reacted immediately, our systems performed exactly as they should have. It was strictly an outside coordinated attack to our network that prevented access to our system."
A Buy.com spokeswoman said the company's Web site was hosted with Exodus Communications and that the two companies were working together to discover as much as they could regarding the incident, but the company was "absolutely positive" the problem was a result of a malicious attack.
Later in the day it was the turn of Internet auction house eBay.
"We are experiencing an external denial of service attack," said eBay spokeswoman Jennifer Chu, speaking while the attack, which began at 3pm PST (Pacific Standard Time), was continuing late yesterday.
"We are working with local and federal authorities, our Internet provider, ISPs and other Internet sites that have been attacked," she added. The spokeswoman said the attack affected its servers hosted at a data centre run by AboveNet Communications, a San Jose unit of Metromedia Fibre Network The servers carried eBay's static pages - those that are not being continuously updated, such as its main home page and company profile - while the dynamic pages, which are hosted by a different company, were unaffected. This enabled the company to claim that the majority of its site was up and running, but in reality it meant that users could not reach the functioning pages, which include those associated with bidding, listing and searching, unless they had bookmarks that enabled them to bypass the home page.
Two hours later, at 5pm PST, high-profile Internet retailer Amazon.com was attacked, the company said.
"Today, like several other major internet sites, Amazon.com came under a denial of service attack," spokesman Bill Curry said, reading from a prepared statement. "A large amount of junk traffic was directed to our site resulting in degraded service for about one hour."
At around the same time, the Web site of CNN also saw performance take a dive, said Dan Todd, director of public services at Internet performance measurement specialists Keynote Systems The company saw performance at the CNN site, which is usually above 95 per cent, drop to 18 per cent in the period from 4 p.m. to 4:15pm PST and then drop further still to hit zero per cent between 5 p.m. and 5:15pm.
A spokesperson for CNN Interactive was not immediately available for comment.
The attacks came a day after several of the US Web sites of Yahoo were hit by a similar assault. At the time, a company spokeswoman described the attack as coordinated, coming from multiple points on the Internet, and said the amount of traffic directed at a router connecting the site to the Internet was "intense."