HACKERS: OPEN SEASON ON THE INTERNET
From Diana J. Choyce
Feb 21 - 27, 2000
The most serious break-in happened this month at the RealNames website
Hackers seem to have declared open season on the internet in the past month. Perhaps it's their way of celebrating the millennium? There are many incidences over the years, but lately it appears to be running full steam. Computers, by their very nature, can be programmed to do most anything. And any code that's made can eventually be broken. In some ways this highlights the very imagination of man. But using this imagination to disrupt business, information seeking, and the very privacy of individuals highlights our dark side.
The most serious break-in happened this month at the RealNames website. RealNames takes long URL addresses and converts them to shorter simpler keywords. It alerted its customers quietly to admit that criminals had broken into one of its databases and may have stolen credit card information belonging to its customers. "Within the last 24 hours, we have identified a situation that may have resulted in our subscriber information database being compromised, including password information," says Keith Teare, chairman and chief executive officer, in an e-mail distributed to customers. RealNames has said that it has no evidence of any of its customers credit cards being used as a result of the break in. And it has increased its security efforts in order to avoid a similar incident. Along with contacting federal investigators, it also issued new log-ins and passwords to all its customers. Of all the various types of hacks, this is the most insidious kind. As it puts very real people in jeopardy of losing valuable private information to thieves that have no good intent.
A different type of attack was used to knock several of the biggest internet names offline earlier this month. The rout began with Yahoo, a popular information search engine and portal. And the result was a shutdown of service for almost three hours. Yahoo attracts millions of visitors and serves as the gateway to many other Web sites. When it released its earnings report for the last three months of 1999, Yahoo noted that it is accessed by 120 million unique visitors and that it served an average of 465 million pages each day during this past December. The method used is called a distributed denial of service attack. By overwhelming a website server with requests for information, it can effectively close a site down. In the past this method has been used many times on smaller sites. But this is the first incidence of it being used on the most viewed properties on the internet. If sites as large as this can be hacked, it would seem that a whole new approach to security should be taken. The company plans to investigate the attack and noted that it did not come from one single point but appeared to have come in from multiple servers simultaneously.
A few days after Yahoo was attacked, new disruptions were mounted against eBay, Amazon, CNN, and Buy.com. Each site was affected from one to several hours. Both eBay and Amazon are ecommerce sites and likely lost thousands of dollars in business. eBay, a public auction site, alone boasts 10 million customers. Given the time sensitive nature of auctions, this was a major problem for them. Buy.com claims 1.3 million customers and feels the attack may have been timed to coincide with its initial stock offering that was planned the same day. Chief executive Greg Hawkins described the sabotage in a statement as "an outside coordinated attack to our network that prevented access to our system. "Some customers on the West Coast were unaffected. "The whole thing happened so quickly," said Mitch Hill, the company's chief financial officer. He said the attacks were traced to powerful computers in Boston, New York and Chicago, and that Buy.Com planned to contact the FBI on Wednesday. Buy.Com's chief executive estimated his site Tuesday was hit with 800 megabits every second, or eight times his site's capacity. He called the crush of data traffic aimed at his company "unprecedented.''
On an interesting note, many long time members of the "hacker community" regard these attacks as childish and amateur. Their description likens it to killing an ant with a baseball bat. Most hackers prefer to worm their way into a site's security. Some use it as a way of obtaining private information, while others do nothing, using it as a test of their computer skills. Still other deface web sites with messages or jokes, or use them as a platform for political statements. Brian Martin, editor of attrition.org, a popular Web site devoted to hacking and computer security, said many of the tools needed to launch denial-of-service attacks are readily available for downloading on the Web. These "attacks are worthless and childish,'' Martin said. "There is no grace, no skill and no intellect behind these attacks.'' Hackers believe that these attacks are preventable. "There is definitely software out there that can filter out these attacks,'' said "Space Rogue,'' a member of the hacker group L0pht Heavy Industries, which recently merged with the security consulting startup (at)Stake. "Unfortunately, the sites don't want to use it because it makes the pages load slower.'' The (at)Stake company is staffed by hackers who have moved
to help the industry keep their sites more secure by doing what they do best. And it makes sense that a hacker would know the best way to protect the integrity of a web site.