Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
[Lots of news today - starting with this one which I think is a bit reactionary. My view: You ain't seen nothin yet! - FC]
It's war: The Web under attack!
Online brokerages E*Trade and Datek, as well as tech news site ZDNet, on Wednesday joined the growing hit list of high-profile Web sites to suffer denial-of-service attacks in the past three days. The Federal Bureau of Investigation said it will hold a news conference to discuss the attacks in Washington, D.C., at 11:30 a.m. PST. Other Net targets have included eBay, Buy.com, Amazon.com, CNN.com and Yahoo! As the incidents mounted, security experts declared that the outages were almost certainly the result of a coordinated effort. "I don't see how they couldn't be," said Stuart McClure, the president and chief technology officer at Ramparts Security Group LLC in Irvine, Calif. "The symptoms are all the same, the effects are all the same -- every time I talk to people [at the afflicted sites] they all say the same things." http://www.zdnet.com/zdnn/stories/news/0,4586,2435149,00.html http://www.zdnet.com/zdnn/special/doswebattack.html http://www.mercurycenter.com/svtech/news/indepth/docs/hack020900.htm http://www.sjmercury.com/svtech/news/breaking/merc/docs/019534.htm http://cnn.com/2000/TECH/computing/02/09/cyber.attacks.01/index.html http://www.computerworld.com/home/print.nsf/all/000209E7BE http://www.networkcomputing.com/story/TWB20000208S0016 http://www.newsbytes.com/pubNews/00/143601.html http://www.newsbytes.com/pubNews/00/143622.html http://www.washingtonpost.com/wp-dyn/articles/A30882-2000Feb9.html (NY Times articles, free registration required) http://www.nytimes.com/yr/mo/day/news/financial/09jv-hack.html http://www.nytimes.com/library/tech/00/02/biztech/articles/09hack.html
Feds wage war against cyber-vandals
Attorney General Janet Reno today sought to reassure Americans that federal law enforcement authorities will do all in their power to combat a wave of Internet vandalism. Responding to a rash of attacks that disrupted a number of flagship Web sites, Reno said ``these cyber assaults have caused millions of Internet users to be denied services.'' She said the motives of the vandals are not known ``but they appear to be intended to interfere with and disrupt legitimate electronic commerce.'' ``We are committed to in every way possible to tracking those who are responsible,'' she said. http://www.sjmercury.com/svtech/news/breaking/ap/docs/191299l.htm http://www.bloomberg.com/bbn/topsum.html?s=c60c4a72f61ce4a8f11b951bbff3d3ad
Feds wage war against cyber-vandals
Attorney General Janet Reno today sought to reassure Americans that federal law enforcement authorities will do all in their power to combat a wave of Internet vandalism. Responding to a rash of attacks that disrupted a number of flagship Web sites, Reno said ``these cyber assaults have caused millions of Internet users to be denied services.'' She said the motives of the vandals are not known ``but they appear to be intended to interfere with and disrupt legitimate electronic commerce.'' ``We are committed to in every way possible to tracking those who are responsible,'' she said. http://www.sjmercury.com/svtech/news/breaking/ap/docs/191299l.htm http://www.bloomberg.com/bbn/topsum.html?s=c60c4a72f61ce4a8f11b951bbff3d3ad
How a basic attack crippled Yahoo
Lesson of the day: If they can shut down Yahoo, they can shut down anybody. An apparently coordinated attack today overwhelmed one of the Web's most popular destinations, once again calling into question the vulnerability of Internet companies. "Our engineers had just not seen anything like this before," said Laurie Priddy, executive vice president of systems and applications for GlobalCenter, Yahoo's Web hosting service, which bore the brunt of the attack. "It would take a concerted effort, a group of people or some sophisticated software to generate that level of traffic." Other high-profile Internet companies, such as eBay, have been hit by major outages, but today's attack on Yahoo highlights a simple technique that can cripple a large, relatively well-prepared Internet company. http://news.cnet.com/news/0-1005-200-1544455.html
Yahoo Attack May Have Been 'Tribal Flood' - Expert There is plenty of blame to go around for the online attack Monday that knocked out the portal giant Yahoo, according to an Atlanta, Ga.-based computer-security expert. Monday, Yahoo, the world's most frequently visited Internet Web site, was knocked out of service for a number of hours by the equivalent of a phone prank. The site was hit by a so-called denial-of-service attack, which is roughly the equivalent of having a group of faxes set to dial up someone's voice phone while set on re-dial. The company released a statement Monday drawing a distinction between what happened to its site and a hacker attack. Speaking anonymously, a company spokesperson said, "It does appear, given the nature of what happened (Monday), that it was a coordinated incident from multiple locations on the Internet. This was not a hack." Patrick Taylor, vice president of risk assessment business unit of Atlanta-based Internet Security Systems, does not make that distinction. He said that the difference between an annoyance attack by fax and what happened to Yahoo is that it would not take a group of people to set it up. "It's one person using automation," he said. "And computers (dialing in) are as persistent as a fax machine is." Taylor said he suspects that Monday's outage was caused by a relatively new version of denial-of-service known as "tribe flood," or "tribal flood," which has popped onto the scene in just the last six months. He said that tribe flood involves someone building a virus program that automatically goes out and infects many computers at once - typically computers at a university or government installation that have broadband Internet access and are constantly powered up. "They call that turning the machine into a 'zombie,'" he said. http://www.newsbytes.com/pubNews/00/143526.html
People May Have Unwittingly Helped Attackers
The FBI said Wednesday that the perpetrators of the computer attacks that closed popular sites this week likely did so with the help of innocent people who had not made their computers secure. "The origins of the attacks are probably unwitting people," said Ron Dick, chief of the computer investigations and operations section of the National Infrastructure Protection Center. Someone at remote locations may have sniffed out unprotected networks and used them as a launch pad to participate in the massive denial of service attacks on sites including Yahoo, eBay, Buy.com, and Amazon.com this week. The FBI, which was called in to investigate under the federal Computer Fraud and Abuse Act, is working with federal computer crime agencies, Carnegie Mellon's CERT Coordination Center, intelligence partners, law enforcement, and the companies who were targets. http://www.networkcomputing.com/story/TWB20000209S0011
Feds look out for compromised computers in denial-of-service attacks Federal chief information officers and systems administrators are on the alert for compromised computers that could be used as staging grounds for distributed denial-of-service attacks, which hit several prominent Internet commerce sites this week. The General Services Administration's Office of Information Security alerted agencies shortly before Attorney General Janet Reno today announced an FBI investigation of the attacks. Attack programs have been found on some government computers, although investigators could not say whether any government computers were used in this week's attacks. http://www.gcn.com/vol1_no1/daily-updates/1303-1.html
New assault weapons pose threat to Web
A combination of new technologies and the rising stakes of online business may help explain this week's rash of outages at some of the largest companies driving the growth of the Internet. The weapons used to execute "denial of service" attacks, which crippled major Web sites this week, have existed in rudimentary form for decades. But security experts say several effective assault tools that help automate the launch of such attacks have been released only recently. With names like Trinoo, Tribal Flood Network and Stacheldraht (German for "barbed wire"), these tools take advantage of otherwise innocent computers connected to the global network to launch a vast flood of traffic at their targets. Using these programs, attackers break into dozens or even hundreds of computers around the Net and install a kind of time bomb that is difficult to detect. At a later date, the attacker can send a command to all of the "slave" machines, which then wake up and start firing streams of information that clog their targets' networks. http://news.cnet.com/news/0-1005-200-1545456.html
Yahoo introduces email bug after attack
In its haste to recover from yesterday's "denial of service" attack, Yahoo inadvertently introduced a bug into its Web-based email system that is causing some messages received through the service to be delivered empty and unlabeled. Some messages appeared stripped of their headers, showing up in the in-box with the subject "(none)" and lacking any information about sender, recipient or subject when the message was opened. Those messages, however, did contain the body of the email text. Other messages weren't as lucky, showing up devoid of any content or labeling. Yahoo said the problem arose out of efforts to restore the flow of information between its various services and applications following the denial of service attack. http://news.cnet.com/news/0-1005-200-1545407.html
Center had sent alerts for months
The Computer Emergency Response Team Coordination Center, established by the federal government over a decade ago at Carnegie Mellon University to make the Internet more secure, has been warning computer system administrators about the potential for attack for months. CERT issued several alerts in 1999 as security experts began spotting the stealth programs that had been secretly planted on computers. They soon figured out what the stealth software was designed to do and quickly developed tools that would help system administrators spot systems that had the stealth software installed. But not all administrators have kept up-to-date. http://www.mercurycenter.com/premium/business/docs/hackside09.htm
Japan traces embarrassing hacker insults to U.S. and "several other countries" Japanese officials have traced many of the hacks that recently affected government Web sites to U.S. based servers. Japanese investigators will travel to the U.S and likely the rest of the known world in the hopes of uncovering computer records that can be used to locate the origin of the assaults. http://straitstimes.asia1.com/cyb/cyb1_0209.html
Japanese Police Moving to Counter Wave of Internet Crime With hackers barraging government Internet sites, Japanese police announced plans to improve crime-fighting in cyberspace, newspapers reported Saturday. Beginning late last month, unidentified hackers began a high-profile campaign to crack state sites. And despite its love for just about everything high-tech, Japan is far behind other countries when it comes to tackling online crime. The Yomiuri Shimbun, Japan's largest paper, said the National Police Agency has requested $1.78 million from the country's fiscal 2000 budget to battle the problem. Police want to study how hackers break into Web sites and ensure user names are not being abused, the reports said. http://ap.tbo.com/ap/breaking/MGIGU35UA4C.html
Online Incident Bares Inability To Handle Crises
The Internet is rapidly becoming a reality in the lives of a growing portion of the global population, and has become a prime means of communication for many. But when an emergency unfolds in cyberspace, how well equipped to deal with it are Internet service providers? A case in point reported today to Newsbytes revolves around an event occurring on an Internet Rely Chat (IRC) newsgroup site on Tuesday. A user known by the handle Narada informed online participants that she had taken an overdose of lithium in an attempt to kill herself. http://www.newsbytes.com/pubNews/00/143624.html
"Dear colleague" your encryption regulations are absurd: Republican Senator Robert Goodlatte publicly criticized China's new encryption regulations, calling them a major invasion of privacy against PC users worldwide. "China should abandon its attempt to control the use of encryption and to monitor its computer users. Erecting new barriers to commerce will not help China's effort to join the WTO," he said. http://www.technologypost.com/enterprise/Daily/20000209104156615.asp?Section=Main
The cross-site scripting scam
Last week's sudden announcement of a security breach called cross-site scripting seemed oddly suspicious. I'm now convinced it's part of a not-so-subtle effort to scare people away from general Web browsing and to get them to lock into so-called safe places such as America Online or MSN.com. It's the odd timing of the announcement, along with certain proclamations made by Microsoft Corp., that makes me suspicious. On its own Web site, Microsoft adequately explains the cross-site scripting problem (basically, someone can insert malicious code into your Web surfing session, and the mischief-making possibilities are many). It's peculiar that Microsoft is taking credit for identifying the problem, something the company has never done in the past. Why publicize this problem out of the blue when there have been no known instances of it happening? Exactly who has been burned? And why wait until six weeks after the discovery to announce it? http://www.zdnet.com/zdnn/stories/comment/0,5859,2434175,00.html
FC