Hackers run riot, target Amazon, others
Dick Satran (San Francisco) 9 Feb 2000
Hackers pulled off a series of brazen attacks on major websites on Tuesday, leading to shutdowns at Buy.com and eBay after a similar assault hit Yahoo! The day before.
The attacks followed the same pattern, with a massive flow of automated Internet messages landing on the sites and swamping them with millions of messages, effectively blocking them to routine traffic.
Other sites, too, appeared to be operating slowly, suggesting even more might have been targeted.
Late on Tuesday, online retailing giant Amazon.com also appeared to have fallen victim to an attack, according to internet monitoring firm Keynote Systems.
Hackers also did serious damage to CNN Interactive, which administers the website of Cable News Network, cnn.com, slowing content flow to a tickle for nearly two hours, a CNN official said.
Keynote, which tracks websites’ speed and reliability, said it noted a sharp drop in Amazon’s ability to let customers into its store and minutes later was able to enter only about 1.5 per cent of the times it tried.
“Its inaccessibility looks very similar to what we saw with Yahoo and eBay and Buy.com” a Keynote spokeswoman said, adding that the exact cause of the failure was still unclear.
Amazon’s site appeared to be back up and running normally about an hour later. Amazon officials were not available for comment.
CNN Interactive spokeswoman Edna Johnson said hackers attacked the site from 7 pm EST (0000 GMT) until about 8.45 pm (0145 GMT on Wednesday) the company’s upstream providers had put blocks in place to shield the site from further attacks.
The Federal Bureau of Investigation (FBI) in San Francisco met on Tuesday with Yahoo!, the first to be hit. The government has bolstered its efforts to track down electronic crime on the internet since e-commerce turned into a serious driver of the economy over the past two years.
“We are in a dialogue with Yahoo!,” a spokeswoman for the agency said. “I can’t comment further right now.” The FBI had no immediate comment on the eBay and Buy.com situation.
The rapid succession of disruptions on a massive scale suggests that the same group was behind all of the attacks, said chief technology officer Elias Levy, of Securityfocus.com, computer security information service.
“It would be very difficult to assemble this level of attack so quickly if it were a copycat.” Said Levy. “That doesn’t mean it couldn’t happen. But to generate this level of traffic requires a lot of machines working together.”
By repeating the attacks, the preperators were raising the possibility that they would be apprehended, he said, but because their attacks could be directed from anywhere in the world they could be difficult to find. The incidents have relied mostly on brute force, not obscure technology, to do damage.
The hackers are simply inundating the commercial websites with so much traffic they can no longer operate. Yahoo!’s site was pounded with one gigabit, or one million bit of information, per second, or about what some sites handle in an entire week, at the height of Monday’s attack.
The data were sent from “zombie” machines taken over by a single person or group of people from a remote location.
“The problem is to find the command center that’s controlling all of the machines,” said Christopher Kalus, chief technology officer of Internet Security Systems. “This is a nontrivial problem.”
The hackers avoid detection by jumping from one computer network to another to cover their tracks, and by immediately erasing any data that might identify them. Yahoo!, the biggest stand-alone website and the first to be hit, was almost completely shut down for over two hours on Monday, although the company said it expected no financial impact from the incident.
Yahoo!, which generates much of its revenue through advertising, was able to reschedule ad spots. But since an estimated 100 m pages would have been viewed during the two hours the site was down, the company could potentially have lost as much as $500,000 analysts said.
Yahoo! said the attack on its site had been narrowed to 50 internet addresses though computer security experts said even with that number, it would take time track any hacker.