Hactivists plan DDoS Web attack Electrohippies software could be as effective as distributed denial of service tools used in last months Web attacks By Bob Sullivan

MSNBC March 9  Borrowing a page from the headline-grabbing Web attacks last month, a group of Internet activists is set to release its own software tool designed to cripple Web sites. The distributed denial of service attack tool to be released by the Electrohippies group will allow thousands of protesters to aim their computers at a single Web site, effectively jamming a companys Internet presence. But the attacks will be fundamentally different from last months crippling of Yahoo, eBay and other major sites. The victims will be warned before the attacks, according to the tools authors. ITS A VIRTUAL SIT-IN, online protesters gathering via modems, working together to disrupt a company with policies they want to protest. That concept isnt new  but a new distributed denial of service tool gives the Ehippies a much more formidable attack plan.

This should not be characterized as a kid attack. It could easily be as disruptive as the previous tools, said Sammy Migues, chief scientist at Infrastructure Defense Inc.

The massive denial of service attacks that brought down some the biggest Web sites last month shined a spotlight on those previous tools  Trinoo, Tribal Flood and Stacheldraht, which can turn any computer connected to the Internet into a zombie. Then, armies of zombies can be remotely controlled from a single location and instructed to flood a particular computer with so many requests that the site is rendered useless.

The vandals who attacked last month never identified their motive and seemed to pick their victims arbitrarily.

The Electrohippies attack will be very different, said spokesman Paul Mobbs. The group has yet to decide on its exact victim, but the protest will be focused on genetic modification of food crops. The victim will be warned, Mobbs said.

If they dont want the hassle they can turn their server off or they can gamble that we wont get the support necessary, which would be an entirely realistic gamble on their part, Mobbs said.

The fact that the so-called DDoS attack might not work also makes the Electrohippies tool fundamentally different from other hacker denial of service programs. The Electrohippies tool is actually a simple Web page that can be e-mailed to potential protestors. No zombie computers are used or compromised. All attacks will come directly from the protesters computer.

We are into open and accountable action, Mobbs said.

The tool itself simply repeatedly requests 12 to 15 elements on a Web page, not unlike a user manually hitting refresh over and over to download a page. In fact, last November, the Electrohippies staged a protest of the World Trade Organization using that technique. A single Web page was designed to open up multiple browsers on any users computer, with all the browsers requesting WTO.org. That effort slowed the trade oorganizations Web site but also slowed the Electrohippies site, which hosted the attack page.

http://www.msnbc.com/news/380065.asp

-- Jen Bunker (jen@bunkergroup.com), March 10, 2000