|
More sites hacked in wake of Yahoo!
|
 |
February 8, 2000: 8:19 p.m. ET
eBay, Buy.com, CNN.com and Amazon come under attack; FBI probes Yahoo! incident
By Staff Writer David Kleinbard
|
NEW YORK (CNNfn) - The Internet was reeling Tuesday night as attacks by hackers on a number of high-profile Web sites continued.
In the early evening Tuesday, CNN.com confirmed that it was the latest site to suffer.
"At 7 p.m. EST, we were attacked by hackers. A denial of service attack occurred until 8:45 p.m. We were seriously affected. We were serving content but it was very inconsistent and very little," Edna Johnson, director of public relations for CNN Interactive, said in a statement.
"By 8:45 p.m., our upstream providers had put blocks in place that are shielding us and we are now serving content."
CNN.com and CNNfn.com are both owned by Time-Warner Inc. (TWX: Research, Estimates).
The leading auction Web site eBay and the Internet-based discount retailer Buy.com were crippled Tuesday by outside attacks.
And online retailing giant Amazon also came under siege late Tuesday.
Amazon.com Inc.'s (AMZN: Research, Estimates) Web site was virtually shut down Tuesday with problems that appeared similar to the failures that have hit other popular Web sites in recent days.
Amazon said in a statement that its site was inaccessible for more than one hour late Tuesday because a "large amount of junk traffic" was aimed at the company's computers, tying them up and preventing nearly all its customers from making purchases.
FBI investigates Yahoo! attack
The incidents on Tuesday at Buy.com (BUYX: Research, Estimates) and eBay Inc.(EBAY: Research, Estimates). came one day after a hacker onslaught knocked Yahoo!'s heavily trafficked web site out of service for about three hours. Yahoo! (YHOO: Research, Estimates) said that it is cooperating with the FBI and other law enforcement agencies in an investigation of who perpetrated the cyber attack.
Tuesday's attack, which hit Buy.com around 11 a.m., came on the same day that the company did its initial public offering. The Aliso Viejo, Calif.-based seller of books, computer hardware, software, videos, and other items sold 14 million shares at $13 each, raising $182 million. Buy.com's stock finished the day at 25 1/8, up 93 percent, despite the incident.
"Around 11 a.m., we got hammered, and as a result had some difficulty getting the site back up," Buy.com's CEO, Gregory Hawkins, said in a televised interview with CNNfn. Hawkins said Buy.com is working with the company that hosts its web sites, Exodus Communications Inc., to determine how the attack occurred.
Hawkins said that Buy.com appears to be the victim of the same type of cyber attack that crippled Yahoo! Inc.'s web site for about three hours on Monday. Yahoo!, the Internet portal based in Santa Clara, Calif. that is the world's most heavily trafficked web site, was shut down by what web security experts call a "denial of service attack." In that form of assault, a company's web servers are hit with such a large number of bogus requests that they cannot provide information to the site's legitimate users. It's like flooding a road with so many cars that other vehicles can't get through.
eBay, a San Jose Calif.-based site where individuals buy and sell millions of diverse items each day, placed a notice on its site around 3:20 p.m. Pacific Standard Time that it had come under what appeared to be a denial of service attack generated by outside sources.
"The attack appears to be affecting only the site's static pages, not its bidding, listing, and search functions," said eBay spokeswoman Kristin Seuell. "However, we have heard reports from the East Coast that people are having difficulty accessing the site." Static pages are those containing information that remains the same at all times.
Internet security experts predicted on Tuesday that other commercial web sites will be hit by denial of service attacks in the future, even before they knew about the Buy.com incident.
"There hasn't been a global solution yet to this problem," said Chris Rouland, director of the security research team at Internet Security Systems (ISSX: Research, Estimates) in Atlanta, Georgia, a major security software and consulting company. "If hackers can shut down Yahoo!, they can shut down anything they want tomorrow."
Security experts were surprised that Yahoo! could be crippled by outsiders because the company's site has a reputation for having a high level of security and reliability. In fact, Tuesday's incident was Yahoo!'s first significant service interruption.
"The Yahoo! web site is normally among the fastest and most reliable on the Internet," said Gene Shklar, vice president of public services at Keynote Systems Inc., (KEYN: Research, Estimates) a San Mateo, Calif. company that measures the performance and reliability of e-commerce web sites. "Yahoo! consistently delivers its home page during business hours in an average of 1.5 seconds to T-1 connected locations around the U.S. with a reliability of 99.3 percent or better."
Keynote's stock soared 17 1/16 to 113 9/16 Tuesday, apparently in response to the media attention from Yahoo!'s service interruption. Yahoo!'s stock rose 19 1/8 to 373 1/8, as investors and analysts seemed pleased by the speed with which Yahoo! was able to recover from the attack.
Lise Buyer, an analyst at CS First Boston, said in a research report Tuesday that the incident should have no impact on Yahoo!'s bottom line.
"Given unused capacity and rapidly increasing pageviews, we expect the company will have no trouble making good on any advertising impression commitments. Therefore, we expect no impact on the company's operating statistics," Buyer said.
Yahoo! said Tuesday that it has been contacted by law enforcement agencies, including the FBI, that are investigating the incident.
"We are doing our part to work with the authorities by gathering the electronic tracers and data available," a Yahoo! spokeswoman said. "We will be sitting down with them over the next few days to discuss the appropriate next steps. The FBI is one group we anticipate meeting with."
Yahoo! has dense layers of encryption that protect the databases on its site. Yahoo!'s customer information and site data weren't compromised by the attack, a company spokeswoman said Monday.
Yahoo! said that the bogus requests came from up to 50 different Internet addresses at rates of up to a gigabyte per second, which is considered to be an enormous amount of web traffic over a short period of time.
The history of the problem
Denial of service attacks aren't new. In fact, both the FBI and CERT issued public warnings about them last year. CERT is part of the Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University. Just a few hours before the attack on Yahoo! began, denial of service attacks were discussed at a meeting of the North American Network Operators' Group, one of the main organizations for the supervisors of computer networks.
"Denial of service attacks occur periodically, but they are not as common as people trying to hack into a site, since hacking in enables you to alter the site's content and post something for everyone to see," Keynote's Shklar said.
Internet Security Systems' Rouland said that there are four popular denial of service attacks, called Tribal Flood Network, Trinoo, TFN2K, and Stacheldraht. Hackers plan the attack in two stages. First, they surreptitiously place software "agents" on a network of computers that may have no connection to their actual target. Once these agents are in place, the hackers can direct all of the bandwidth capacity of that network at a target web site.
"A master command wakes up the agents, identifies the target, and says go for it," Rouland said. Because these agents are installed using a backdoor method, they can be difficult to find, he said.
Software that can trigger a denial of service attack is commonly traded by hackers over the Internet, said Scott Gordon, director of intrusion detection products at Axent Technologies (AXNT: Research, Estimates) in Rockville, Md., another large Internet security firm. These programs include Ping of Death and SynFlood.
"It's a safe bet that other significant sites will be hit by this type of attack," Gordon said. "It may be done for boasting rights or financial gain through data theft."
The FBI and the Secret Service have joint responsibility for investigating computer crimes. Large cases are coordinated by the FBI's National Infrastructure Protection Center. Scott Charney, a principal at PricewaterhouseCoopers Investigations LLC in D.C., who used to run the Justice Department's computer crimes unit, said that it could be difficult to trace who originated the attack on Yahoo!. That's because hackers often direct their traffic through several different web sites before hitting their end target.
"Sophisticated hackers don't attack in a straight line," Charney said. "They weave between sites. If one of these sites strips off the source information and throws it away, there can be a break in the chain for investigators."
"Global connectivity, lots of open sites, poor security at some, and lack of tracing ability create an environment where if you are up to no good, you can flourish," Charney said. 
-- Reuters and the Associated Press contributed to this report
|
|
|
|
|
|
EBay
Buy.com
Yahoo!
|
Note: Pages will open in a new browser window
External sites are not endorsed by CNNmoney
|
|
|
|
 |
|
