More web assaults forseen : LUSENET : TimeBomb 2000 (Y2000) : One Thread


World Wide Web Structure is too vulnerable, say two Iowa State Professors.

The article indicates that they believe more web assaults are eminent, and that the hacking was too sophosticated to have been done by a 15 year old.

-- suzy (, February 15, 2000


The FED knew about the hacking 8 days before it happened.

from the Wash Post

"Banks Warned of Hacker Attacks By Ted Bridis AP Technology Writer Monday, Feb. 14, 2000; 10:13 p.m. EST

WASHINGTON  At least eight times, starting days before unusually forceful attacks against major commercial Web sites, computer experts at some of the nation's largest financial institutions received detailed warnings of impending threats.

Banking officials never passed their detailed warnings to the FBI or other law enforcement agencies, even as alerts escalated last week from the first assault against the Yahoo! Web site on to eBay, Amazon, Buy.Com, CNN and others.

The urgent alerts, by e-mail and pager, began fully four days before Yahoo! fell under electronic assault Feb. 8. They cautioned that dangerous attack software had been discovered implanted on powerful computers nationwide. The messages ultimately identified specific Internet addresses of attacking machines.

Participating banks weren't allowed to share the warnings with government investigators under rules of an unusual $1.5 million private security network created in recent months for the financial industry. The Treasury Department said mandated disclosures might hamper banks and others from being forthcoming about attacks by rogue employees, software bugs, viruses or hackers.

The industry said such guarantees helped ensure it was protected.

"Everybody felt comfortable sharing information," said William Marlow, executive vice president for Global Integrity Corp., which runs the network. "The government wasn't involved, everything was anonymous. The private sector can help each other without additional regulation."

The technology industry is now struggling with the dilemmas of openly sharing information about new electronic threats, even as companies remain fearful of admitting Internet vulnerabilities to governments or even rivals. Industry experts, including a self-proclaimed hacker known only as "Mudge," planned to discuss that awkward balance Tuesday during at a White House security meeting.

"These denial of service attacks obviously are very disturbing," President Clinton said Monday. "And I think there is a way that we can clearly promote security."

Clinton also urged consumers not to panic over last week's attacks. He predicted: "We'll figure out how to do it, and go forward."

The banking industry's warning network, run from the secretive Financial Services Information Sharing and Analysis Center, is among the first of its kind. The center grew out of the president's orders for better protection from cyberattack for America's most important industries. Its member banks, and even its location, are closely guarded secrets.

To encourage open participation by banks and other financial firms, the Treasury Department decided that information disclosed would not be turned over to federal regulators or law enforcement agencies. It worked well last week for banks, which enjoyed early warnings about pending attacks, but it also guaranteed the same warnings weren't widely distributed.

Only licensed banks and other government-regulated financial firms that become subscribers are able to exchange information or tap into the network's details of known security threats. Urgent alerts are sent by e-mail, pager and cellular phones to a bank's experts, who pay $13,000 to $125,000, depending on how many employees use the information.

The center issued the first alert in the latest attacks on Feb. 4, "when we started seeing certain machines being compromised," Marlow said. The Yahoo! Web site was attacked four days later.

The FBI confirmed Monday that one machine used remotely to attack Web sites last week was in Portland, Ore., but would not identify it. A law enforcement official, speaking on condition of anonymity, also said the agency wants to speak with someone known on the Internet as "Mixter," believed to be living in Germany.

Mixter created software that may have been used in last week's attacks. Although the FBI did not identify him as a suspect, it believes he may have useful information.

Those attending Tuesday's meeting at the White House include Charles Wang, chairman of Computer Associates International Inc.; Howard Schmidt, chief information security officer at Microsoft Corp.; Harris Miller, head of the Information Technology Association of America; and "Mudge," a member of a hacker think tank that does security consulting under the name AtStake. "

-- ng (, February 15, 2000.

If you think hackers can wreak havoc on these larger machines, better think about your own box. All the more so if you're on a high- bandwidth pipe (cablemodem, xDSL, T1+, etc.) as these generally use a fixed or slow-rotation dynamic IP that makes a specific machine -very- easy to reach via the Internet.

I got a cablemodem last week and since then I've caught one attempt to plant a trojan on my system (found the edited autoexec.bat file that was rewritten - and NOT by me! - to replace a VxD with another file, during my system maintenance yesterday... thank God I didn't use that OS, but just in case I'll reinstall the OS this afternoon!) and have deflected five portscans and three attempts to probe my system for a Back Orifice (any inbound connects to port 31337 is a dead giveaway.) I run eight OSs on my box and all eight are or will be hardened.

Got a firewall? Got Client for Microsoft Networks and File/Print Sharing unbound from all TCP/IP connect points you use to access the Internet? E-mail me if you have no idea or want info or whatever. (There's a free firewall out by Zone Labs called ZoneAlarm that I'm checking out that might be useful. It's not a bad little app and seems, so far at least, to work.)

O d d O n e, who's been on both ends of hacks...

-- OddOne (, February 16, 2000.

Warning: The following comment is pure pedantry and should not be misinterpreted as hostility. From the dmregister article: "In late January, Davis outlined the possibility of a systematic attack in which dozens or hundreds of computers send small amounts of data to a single computer or World Wide Web site, swamping it and shutting it down" "dozens or hundreds"? Gosh, that many? And there was me thinking that thousands of computers send small amounts of data to Amazon & Yahoo every day anyway. Sorry about that.

A good take on the denials of service is available in the crypto-gram newsletter, with another at People For Internet Responsibilty. One thought provoking comment from PFIR: "The current attacks are sure to be but the beginning. Many even more attractive targets are likely to be appearing that will draw ever more sophisticated fire. Imagine what a concerted denial of service attack might do to an election with Internet/Web-based voting--a technology being pushed on a fast track in many quarters." Read and enjoy.

-- randomdigits (r@r.r), February 16, 2000.

Moderation questions? read the FAQ