UPDATE - Web Attack Halts Traffic to Nearly 1,000 Businesses

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

---------- Fair use for education and research purpose only ----------

Tuesday May 16 01:31 PM EDT

Title: AboveNet Vows to Nab Cybervandals

By Robert Lemos, ZDNet News

Web attack halted traffic to nearly 1,000 businesses using AboveNet's services, though larger customers like AOL and eBay had backup plans.

Internet service provider AboveNet Communications Inc. and law enforcement officials are on the hunt for the cyberattackers who halted traffic on Tuesday to almost 1,000 businesses that contract Internet services and Web-page hosting through the company.

"It is important to me -- both personally and professionally -- to catch the person who did this," said Paul Vixie, vice president of Internet services for AboveNet's parent company Metromedia Fiber Network Inc.

At 9:45 a.m. Pacific Time on Tuesday, the network switches used by AboveNet seized up, losing configuration data and stopping traffic on the company's network.

By the early afternoon, the company's San Jose, Calif., offices had realized that they had been attacked.

DoS effects the same

While Vixie stresses that the attack was unlike the distributed denial-of-service attacks that slowed -- and in some cases halted, service to eight major Web sites in February -- the effects were the same.

'We lost a whole day's business. Ouch! It definitely hurt.'|Tricia Godwin, OutPurchase.com "The customer impact was almost total," he said. "The people who did this were quite skilled, unlike the others in the previous attack."

Tricia Godwin, a procurement specialist at online purchasing agent OutPurchase.com, felt the pain.

The company -- a business-to-business provider of purchasing services for small and medium-sized businesses -- couldn't access the Internet, and its customers could not access its Web site for several hours on Tuesday.

"We lost a whole day's business," said Godwin, who measures her business in the number of quotes she generates. During the outage, she estimates that 50 to 60 quotes were lost. "Ouch! It definitely hurt."

'Could have happened to (anyone)'

Another customer, Buildpoint.com, which announced that it had started using AboveNet's services earlier this month, had similar problems.

'Right now, this has come down to finding a needle in a haystack rather than a grain of sand on the beach.'|Paul Vixie "Our customers were certainly affected by the outage," said Henry Purdy, director of product development for the bid management e-commerce site. "People were not able to log on to our system to do business. We had several phone calls from customers."

With 100 employees, Buildpoint serves subcontractors and the construction industry, facilitating bidding for materials and services.

The company's management adopted an understanding attitude.

"This sort of attack could have happened to any co-location service," said Carter Page, director of information technology, who added that the incident underscores the need for redundant services. Ironically, Buildpoint is less than two weeks away from installing a second network for just such a purpose.

AboveNet's top three customers had fewer problems, said Carol Nash, an AboveNet spokesperson.

eBay, AOL had backups

Manufacturing service provider Electronic Media International had taken down its network for maintenance; and well-known auction house eBay Inc. had a second network to handle the traffic, as does America Online Inc., which uses AboveNet as a secondary provider.

Meanwhile, with his technical staff, AboveNet's Vixie worked until the wee hours of the morning Wednesday making certain the attacker left nothing behind.

"Even though the customers were up (and running) by midday yesterday, we needed to look for evidence of backdoors or anything left over (by the attacker)," he said.

As part of the work, Vixie secured information for the FBI, which is currently investigating the case, though neither Vixie nor the FBI would give details.

High hopes for vandal hunt

Still, Vixie has high hopes that they will track down the attacker. "Technically, there is cause for hope, where in the (denial of service) case, there was no cause for hope," he said.

"Right now, this has come down to finding a needle in a haystack rather than a grain of sand on the beach."



-- (Dee360Degree@aol.com), May 16, 2000

Moderation questions? read the FAQ