FBI Opens Investigation to Track Attacks

Over the past two days, the Web sites of Yahoo Inc., Buy.com Inc., CNN.com, ZDnet, ETrade Group Inc. and eBay Inc. have been victimized by massive network-based denial-of-service attacks that made these sites unavailable to legitimate users for about three hours at a stretch. By carefully filtering out Web site traffic, the ISPs (Internet service providers) in each case managed to bring these sites back into normal use. The FBI, which has begun working with the victims to nab the perpetrators, claims the scale of the attacks is unprecedented.

"With the kinds of victims and the sequence of events, this makes it the most we have ever seen," said Ron Dick, chief of the computer investigations and operation section at the National Infrastructure Protection Center, which is housed at the FBI here.

The FBI, which is in close contact with all the victims, as yet has no motive or suspects in the series of attacks that appear to rely on the newer type of denial-of-service tools such as Trin00 or Tribal Flood Network.

Posted out on hacker Web sites for easy download, these tools work by allowing a single attacker to launch multiple SYN floods, pings or other network disruptions by coordinating the attack through hundreds of compromised machines. For the attacker, the trick is to secretly install the denial-of-service attack code on multiple servers. Then at his own desktop, the attacker can remotely command these multiple, compromised machines to attack the target.

The distributed denial-of-service attack code out on the Internet is so simple "a fifteen year-old could use it," Dick says.

The successful shootdowns of Yahoo and other high-profile targets have evoked a vow from U.S. Attorney General Janet Reno to track down the criminals.

"We're not aware of the motives behind these attacks, but they appear to disrupt legitimate e-commerce," said Reno at a press briefing here today. She said specially trained field prosecutors are working with the companies that were the victims.

"We're determined to track (the perpetrator) down and bring them to justice so that the law is enforced," Reno warned.

If convicted of the denial-of-service attacks, the perpetrator faces a five-year prison term for a first offense, a 10-year term if convicted of multiple attacks, and up to US$250,000 per count. The companies that were victimized could also press a civil case against the perpetrators.

Catching the criminals will probably take time, Dick said. "We're collecting all the logs of the victim's sites," he noted. "Historically, this has not just been a U.S. issue. We inevitably end up overseas where an unwitting ISP is involved."

Dick said the FBI will use its own network surveillance methods to track the crime back to its source on the Internet.

But he urged network managers at both enterprise networks and ISPs to check and make sure that their servers have not been compromised by secretly-installed denial-of-service attack code. Tools for making that check are available at the National Infrastructure Protection Center's Web site.

"Tools such as Tribal Flood Network and Trin00 we have seen being installed on various machines around the world," Dick said. "Most likely the origin of these attacks now are the networks of unwitting people. Intruders have placed tools there without their knowledge, and someone else is controlling them."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

PC World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?