[iwar] [fc:Internet.Firm.Hacked.Right.Out.Of.Business]

From: Fred Cohen (fc@all.net)
Date: 2002-02-05 20:53:15


Return-Path: <sentto-279987-4434-1012971100-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 05 Feb 2002 20:54:08 -0800 (PST)
Received: (qmail 7844 invoked by uid 510); 6 Feb 2002 04:52:04 -0000
Received: from n1.groups.yahoo.com (216.115.96.51) by all.net with SMTP; 6 Feb 2002 04:52:04 -0000
X-eGroups-Return: sentto-279987-4434-1012971100-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.189] by n1.groups.yahoo.com with NNFMP; 06 Feb 2002 04:51:40 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_1_3); 6 Feb 2002 04:51:39 -0000
Received: (qmail 50660 invoked from network); 6 Feb 2002 04:51:39 -0000
Received: from unknown (216.115.97.172) by m3.grp.snv.yahoo.com with QMQP; 6 Feb 2002 04:51:39 -0000
Received: from unknown (HELO red.all.net) (12.232.72.98) by mta2.grp.snv.yahoo.com with SMTP; 6 Feb 2002 04:51:39 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g164rFZ25369 for iwar@onelist.com; Tue, 5 Feb 2002 20:53:15 -0800
Message-Id: <200202060453.g164rFZ25369@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 5 Feb 2002 20:53:15 -0800 (PST)
Subject: [iwar] [fc:Internet.Firm.Hacked.Right.Out.Of.Business]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Internet Firm Hacked Right Out Of Business

By Reuters, 2/4/02
<a href="http://www.internetweek.com/story/INW20020201S0003">http://www.internetweek.com/story/INW20020201S0003>

LONDON - Fears are growing once more that companies operating on the
Internet may not be equipped to ward off electronic sabotage after
anonymous "hackers" forced a small British firm out of business.
CloudNine Communications, one of Britain's oldest Internet Service
Providers (ISPs), shut down last week with the loss of eight jobs in
what computer experts believe is the first instance of a company being
hacked out of existence.

The electronic attack--a so-called "Distributed Denial of Service" or
DDOS--was reminiscent of one in February 2000 that crippled Yahoo, one
of the world's leading Internet media firms, along with the online
auctioneer eBay and the electronic brokerage ETrade.

Other Internet operations have been infected by malicious software in
the form of computer "viruses."

In a DDOS attack, a computer is swamped with an overwhelming number of
requests that are disguised to look innocuous, so that the Web site that
it controls grinds to a halt.

Experts say tens of thousands of such attacks occur each year--and that
a far greater number probably go unreported by companies fearful of
hurting their business.

FORCED TO SELL UP

CloudNine, six years old, was forced to sell its business and hand over
2,500 customers to its rival Zetnet.

"The basic reasoning was we would have needed to bring the network
offline for far too long (to make repairs). We just came to the
conclusion that we couldn't continue," said co-founder Emeric Miszti.

Two other recent victims of DDOS attacks were the British Internet
portal of the Italian ISP Tiscali, whose service was halted for several
days, and the British Internet provider Donhost, whose outage lasted a
few hours.

"It's not just a game of taking down one server," said Stephane Huet,
acting chief operating officer for Tiscali UK. "It affects portal
revenues if the rest of the world cannot access it. It has a powerful
business impact."

The motivation for such attacks is diverse. Many hackers are simply
after illicit thrills, while others seek publicity for a particular
cause. It is now common in wars, especially civil ones, for each side to
sabotage the other's Web sites.

BIG-NAME TARGETS

Past targets include sites associated with the White House and the
Palestinian Authority.

A DDOS attack last week is also suspected to have sabotaged a live
online chat with the Dutch crown prince and his Argentinian fiance.

A number of programs that can shut down computer systems by overwhelming
them with data requests are even freely available on the Internet.

In the case of CloudNine, the DDOS attack prevented users served by the
company from logging onto the Internet and shut off access to Web sites
hosted on its network.

"It was a very methodical attack," said Miszti.

"It occurred over a number of months. Their objective was to map out our
network, identifying the key servers and determining their capacity.
Then they knew how to attack with the appropriate force."

Miszti says he is not sure why his firm was targeted and has no clear
idea who was behind it.

He and Tiscali are both working with police, but computer experts say
DDOS investigations are rarely successful.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Sponsored by VeriSign - The Value of Trust
When building an e-commerce site, you want to start with a
secure foundation. Learn how with VeriSign's FREE Guide.
http://us.click.yahoo.com/kWSNbC/XdiDAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST