'Anomalous Internet Traffic' Overwhelm At Least 3 of 13 Internet Pipelines

Annie

Diamond Member
Nov 22, 2003
50,848
4,828
1,790
No worries, right?


http://www.breitbart.com/news/2007/02/06/D8N4JF080.html

Hackers Attack Key Net Traffic Computers

Feb 06 9:19 PM US/Eastern


By TED BRIDIS
Associated Press Writer

WASHINGTON (AP) -- Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.

Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet's most vital pipelines.

The Homeland Security Department confirmed it was monitoring what it called "anomalous" Internet traffic.

"There is no credible intelligence to suggest an imminent threat to the homeland or our computing systems at this time," the department said in a statement.

The motive for the attacks was unclear, said Duane Wessels, a researcher at the Cooperative Association for Internet Data Analysis at the San Diego Supercomputing Center. "Maybe to show off or just be disruptive; it doesn't seem to be extortion or anything like that," Wessels said.

Other experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.

The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in "org" and some other suffixes, experts said. Officials with NeuStar Inc., which owns UltraDNS, confirmed only that it had observed an unusual increase in traffic.

Among the targeted "root" servers that manage global Internet traffic were ones operated by the Defense Department and the Internet's primary oversight body.

"There was what appears to be some form of attack during the night hours here in California and into the morning," said John Crain, chief technical officer for the Internet Corporation for Assigned Names and Numbers. He said the attack was continuing and so was the hunt for its origin.

"I don't think anybody has the full picture," Crain said. "We're looking at the data."

Crain said Tuesday's attack was less serious than attacks against the same 13 "root" servers in October 2002 because technology innovations in recent years have increasingly distributed their workloads to other computers around the globe.

___

AP Internet Writer Anick Jesdanun contributed to this report from New York.
 
Seems that they were just trying to stir up trouble, which may find them:


http://www.internetnews.com/security/article.php/3658551

Security
February 7, 2007
Internet 'Didn't Crumble' Under DNS Attacks
By Ed Sutherland

Internet users barely felt a ripple yesterday when hackers launched a concerted attack on several key Domain Name System (DNS) servers.

Experts say legions of everyday users were enlisted in the attack on 13 root DNS (define) servers, which translate a site's numeric address to more familiar names, like internetnews.com.

For a couple of hours, beginning late Monday and stretching into Tuesday, three of the 13 DNS servers came under fire, as hackers tried to overload the computers sitting at the top of the Internet's chain of distribution. Users felt "maybe a fraction of a second delay," Johannes Ulrich, CTO of SANS Internet Storm Center, told internetnews.com.

DNS servers run by the U.S. Department of Defense, the Internet Corporation of Assigned Names and Numbers (ICANN) and UltraNet, which manages the .org domain, were affected by the attack, Ulrich said.

Although it may be days before investigators learn details of the attack, early reports point to China or Asia as the source.

Zully Ramzan, a researcher at Symantec (Quote) Security Response, pointed to South Korea as a possibility and described the attack as a "brief nuisance."

"The Internet didn't crumble last night, which shows that the protection worked," Graham Cluley, senior technology consultant at Sophos, told internetnews.com.

Unlike a similar attack in 2002 that crippled nine of 13 DNS servers, the latest assault used many more zombie hosts, said Ulrich. Servers are more flexible now, and able to withstand much more strain.

Cluley, who likened a DNS attack to 20 hippos trying to get through a revolving door at the same time, also noted the irony the attack. The people who depend on the Web may have been the ones whose computers unknowingly tried to bring it down, he said.

While law enforcement will try to track the packets sent, maybe learn which systems were recruited for the attack, Ulrich gave little hope of a smoking gun, such as a computer connected to the Internet with malware still installed.

"It shows how powerful these denial of service attacks are," the SANS researcher said.

Cluley believed mischief -- not money -- was the reason for the attack. And although tracing this latest attack on the Internet may be difficult, Cluley argues that by assaulting a key part of the Internet, hackers are asking for trouble.

"I wouldn't want to be in their shoes."
 

Forum List

Back
Top