honoluluadvertiser.com

Sponsored by:

Comment, blog & share photos

Log in | Become a member
The Honolulu Advertiser
Posted on: Tuesday, March 14, 2006

Attacks on Web sites rising

By JON SWARTZ
USA Today

Web site attacks are increasing in frequency and ferocity, hammering DVD sales and disrupting online payment services.

Called "distributed denial of service attacks," they bombard sites with so much data that legitimate traffic can't get through.

They've been around for years. But they're now more powerful, and they're taking down more than just intended targets. In recent incidents, companies providing Web-hosting services for victims as well as hundreds of their customers have been caught in the crosshairs, creating a wave of collateral damage.

Security software giant Symantec saw an average 927 such attacks per day in the first half of last year, up 679 percent from the last six months of 2004.

Most of the attacks use PCs that are hacked illegally and turned into "bots" controlled remotely through underground networks. Hackers then rent out these bots for as little as 20 cents per computer. With millions of PCs now turned into bots, an attack can be overwhelming.

"If you have a bunch of people determined to knock you offline, it is difficult to defend yourself," says Dave Cole, director of Symantec Security Response.

There have been dozens of major Web attacks recently against sites with sizable market share, security experts say. Based on available security data, they suspect that smaller Web rivals looking for a competitive edge were behind many of the attacks.

Recent examples:

  • Empirical Film, which sells box-set DVDs online, missed nearly two weeks of holiday sales because of a "distributed denial of service" attack it believes came from an overseas competitor. More than 10,000 Web servers were used in a bot net controlled from Asia, according to Prolexic Technologies, which offers products to combat such attacks.

    As many as 1,000 other Web sites temporarily experienced slower service or were inaccessible because of the attack, says Jeff Posluns, chief information officer at SecuritySage Overdrive, which handles technology for Empirical, including its Web and security services.

  • At the same time, a U.S.-based drug firm's Web site was disrupted for 24 hours in what appeared to be an attack from the same Asia source, says Prolexic.

    The large attack was one of 10 observed in recent months by Rackspace Managed Hosting, which hosts the Web site of the drug company and 9,000 other firms. The FBI is probing the December attacks.

  • When online payment-processor StormPay booted some customers for allegedly operating a Ponzi scheme, it quickly became the target of a virulent attack that temporarily knocked it off line recently.

    About 120,000 machines were used in the attack, which hit Web sites in the southeastern U.S., as well as major telecom carriers, according to ISDN-Net, an Internet service provider in Tennessee that was affected.

    StormPay, which did not return phone calls, acknowledged the attacks in a note to customers on its Web site.