Attacks on Web sites rising
By JON SWARTZ
By JON SWARTZ
Web site attacks are increasing in frequency and ferocity, hammering DVD sales and disrupting online payment services.
Called "distributed denial of service attacks," they bombard sites with so much data that legitimate traffic can't get through.
They've been around for years. But they're now more powerful, and they're taking down more than just intended targets. In recent incidents, companies providing Web-hosting services for victims — as well as hundreds of their customers — have been caught in the crosshairs, creating a wave of collateral damage.
Security software giant Symantec saw an average 927 such attacks per day in the first half of last year, up 679 percent from the last six months of 2004.
Most of the attacks use PCs that are hacked illegally and turned into "bots" controlled remotely through underground networks. Hackers then rent out these bots for as little as 20 cents per computer. With millions of PCs now turned into bots, an attack can be overwhelming.
"If you have a bunch of people determined to knock you offline, it is difficult to defend yourself," says Dave Cole, director of Symantec Security Response.
There have been dozens of major Web attacks recently against sites with sizable market share, security experts say. Based on available security data, they suspect that smaller Web rivals looking for a competitive edge were behind many of the attacks.
As many as 1,000 other Web sites temporarily experienced slower service or were inaccessible because of the attack, says Jeff Posluns, chief information officer at SecuritySage Overdrive, which handles technology for Empirical, including its Web and security services.
The large attack was one of 10 observed in recent months by Rackspace Managed Hosting, which hosts the Web site of the drug company and 9,000 other firms. The FBI is probing the December attacks.
About 120,000 machines were used in the attack, which hit Web sites in the southeastern U.S., as well as major telecom carriers, according to ISDN-Net, an Internet service provider in Tennessee that was affected.
StormPay, which did not return phone calls, acknowledged the attacks in a note to customers on its Web site.