|
Denial-of-service attacks expectedBy Sam Costello (IDG) -- There is a high probability that the U.S. critical computer infrastructure, such as the Web site of the U.S. Department of Defense, is being targeted for Distributed Denial of Service attacks by cyberprotestors, according to a warning issued Friday by the National Infrastructure Protection Center (NIPC). The center is the U.S. Federal Bureau of Investigation's cybersecurity arm. Denial of Service (DoS) attacks are those in which a target computer system is flooded with false requests for information to the point that it is unable to respond to legitimate requests, denying them service. Distributed Denial of Service (DDoS) attacks, the more damaging relative of DoS attacks, are those that use multiple computers worldwide to launch their attacks and are harder to combat. DdoS attacks knocked high-profile sites such as Amazon.com, Yahoo.com, and EBay.com offline over the course of a week in February 2000.
Online protests, both pro- and anti-United States, have been frequent since September 11, but have largely been limited to Web site defacements, the NIPC said. Although the DDoS activity that has gone on so far has been minimal, and mostly limited to attacks between protest groups, protestors have indicated that U.S. infrastructure will be a target, the NIPC warning said. But businesses and organizations unrelated to the September 11 attacks also could be targets, the NIPC said. The NIPC cautioned organizations to "take a defensive posture and remain vigilant." The center also referred systems administrators to a list of best security practices offered by the government-funded security research body CERT/CC. There may be no cause for alarm, however, as one company that tracks DoS and DDoS activity, SecurityFocus, hasn't seen much evidence that such an attack is imminent. SecurityFocus uses a product it sells called ARIS Predictor to monitor corporate networks in more than 138 countries to determine and predict attack trends and patterns. Though SecurityFocus had detected a 3 percent rise in the rate of communication between master computers that would control DDoS attacks and the systems used to launch the attacks, this is not a significant increase, said Arthur Wong, CEO of SecurityFocus. The master computers are ostensibly operated by hackers and would use systems called zombies to launch the attacks. "At this point, we haven't seen any increase that is significant," Wong said. The increase that the company has seen "doesn't indicate that there's an attack imminent," he added. The cyberprotest groups mentioned by the NIPC have been active, but their activities have so far been small scale, Wong said. In fact, "since September, there hasn't been a lot of significant [attack] traffic," he said. This may signal that "people are beginning to be more reluctant to launch frivolous attacks," he said, although at the same time he cautioned that this means that "when you do get attacks, they're going to be more serious." Notwithstanding SecurityFocus' data, attacks could be pending, Wong said. Even if they're not, however, organizations ought to heed the NIPC's advice and take steps to better secure their systems, Wong said. |
|
||||||||||||||||||||||||||||||
RELATED STORIES:
NIPC warns of possible DDoS attacks
September 19, 2001 Study: Nearly 4,000 DoS attacks occur per week May 24, 2001 Deconstructing DoS attacks March 7, 2001 RELATED IDG.net STORIES:
 Routers could become targets of denial-of-service attacks
(Computerworld)  Lieberman proposes $1 billion IT security fund (Computerworld)  Bush plan to unplug feds from Internet draws criticism (Computerworld)  Security group: Humans are weakest link (PCWorld.com)  New device looks to stop DoS attacks at the source (IDG.net)  Experts urge U.S. to prepare for cyberattacks (PCWorld.com)  NIPC warns of possible DDoS attacks (InfoWorld.com)  McAfee to fight DoS with Asta, Mazu and Arbor (Computerworld) RELATED SITES:
 National Infrastructure Protection Center
 SecurityFocus Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
Report: SUVs pose danger to cars New telemarketer tool trumps TeleZapper Terra Lycos logs $2.2B loss AOL to offer song downloads Microsoft seeks fiscal fountain of youth (More) |
||||||||||||||||||||||||||||||||
Back to the top |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |