From Diana J. Choyce
Feb 21 - 27, 2000
The most serious break-in happened this month at the RealNames
website
Hackers seem to have declared open season on the internet in the past
month. Perhaps it's their way of celebrating the millennium? There are many incidences
over the years, but lately it appears to be running full steam. Computers, by their very
nature, can be programmed to do most anything. And any code that's made can eventually be
broken. In some ways this highlights the very imagination of man. But using this
imagination to disrupt business, information seeking, and the very privacy of individuals
highlights our dark side.
The most serious break-in happened this month at the RealNames website.
RealNames takes long URL addresses and converts them to shorter simpler keywords. It
alerted its customers quietly to admit that criminals had broken into one of its databases
and may have stolen credit card information belonging to its customers. "Within the
last 24 hours, we have identified a situation that may have resulted in our subscriber
information database being compromised, including password information," says Keith
Teare, chairman and chief executive officer, in an e-mail distributed to customers.
RealNames has said that it has no evidence of any of its customers credit cards being used
as a result of the break in. And it has increased its security efforts in order to avoid a
similar incident. Along with contacting federal investigators, it also issued new log-ins
and passwords to all its customers. Of all the various types of hacks, this is the most
insidious kind. As it puts very real people in jeopardy of losing valuable private
information to thieves that have no good intent.
A different type of attack was used to knock several of the biggest
internet names offline earlier this month. The rout began with Yahoo, a popular
information search engine and portal. And the result was a shutdown of service for almost
three hours. Yahoo attracts millions of visitors and serves as the gateway to many other
Web sites. When it released its earnings report for the last three months of 1999, Yahoo
noted that it is accessed by 120 million unique visitors and that it served an average of
465 million pages each day during this past December. The method used is called a
distributed denial of service attack. By overwhelming a website server with requests for
information, it can effectively close a site down. In the past this method has been used
many times on smaller sites. But this is the first incidence of it being used on the most
viewed properties on the internet. If sites as large as this can be hacked, it would seem
that a whole new approach to security should be taken. The company plans to investigate
the attack and noted that it did not come from one single point but appeared to have come
in from multiple servers simultaneously.
A few days after Yahoo was attacked, new disruptions were mounted
against eBay, Amazon, CNN, and Buy.com. Each site was affected from one to several hours.
Both eBay and Amazon are ecommerce sites and likely lost thousands of dollars in business.
eBay, a public auction site, alone boasts 10 million customers. Given the time sensitive
nature of auctions, this was a major problem for them. Buy.com claims 1.3 million
customers and feels the attack may have been timed to coincide with its initial stock
offering that was planned the same day. Chief executive Greg Hawkins described the
sabotage in a statement as "an outside coordinated attack to our network that
prevented access to our system. "Some customers on the West Coast were unaffected.
"The whole thing happened so quickly," said Mitch Hill, the company's chief
financial officer. He said the attacks were traced to powerful computers in Boston, New
York and Chicago, and that Buy.Com planned to contact the FBI on Wednesday. Buy.Com's
chief executive estimated his site Tuesday was hit with 800 megabits every second, or
eight times his site's capacity. He called the crush of data traffic aimed at his company
"unprecedented.''
On an interesting note, many long time members of the "hacker
community" regard these attacks as childish and amateur. Their description likens it
to killing an ant with a baseball bat. Most hackers prefer to worm their way into a site's
security. Some use it as a way of obtaining private information, while others do nothing,
using it as a test of their computer skills. Still other deface web sites with messages or
jokes, or use them as a platform for political statements. Brian Martin, editor of
attrition.org, a popular Web site devoted to hacking and computer security, said many of
the tools needed to launch denial-of-service attacks are readily available for downloading
on the Web. These "attacks are worthless and childish,'' Martin said. "There is
no grace, no skill and no intellect behind these attacks.'' Hackers believe that these
attacks are preventable. "There is definitely software out there that can filter out
these attacks,'' said "Space Rogue,'' a member of the hacker group L0pht Heavy
Industries, which recently merged with the security consulting startup (at)Stake.
"Unfortunately, the sites don't want to use it because it makes the pages load
slower.'' The (at)Stake company is staffed by hackers who have moved
to help the industry keep their sites more secure by doing what they do
best. And it makes sense that a hacker would know the best way to protect the integrity of
a web site.
