Hackers on Tuesday attacked at least three of the root servers that maintain the Internet's domain name system. However, the 12-hour-long attacks were largely unsuccessful, as most Internet users didn't notice any impact. The system's resilience is largely due to robust protection and a high degree of redundancy built into it.
eMarketer Whitepaper: Optimizing the E-Commerce Experience
From the Web to the Contact Center, are you prepared to proactively engage and keep your savvy customers? Read how e-commerce leaders are optimizing their sites with ratings, reviews, live help, Web analytics, mobile and more.
Hackers on Tuesday launched a denial-of-service (DoS) attack against at least three of the 13 root servers that maintain the Internet's domain name system (DNS).
The attacks, which lasted for 12 hours, reportedly targeted the server that maintains the dot-org suffix, and the servers at the Department of Defense and the Internet Corporation for Assigned Names and Numbers.
The attacks were largely unsuccessful -- and reportedly less serious than a similar attack in 2002 -- as most Internet users hardly noticed any impact. The DNS' resilience is largely due to robust protection and a high degree of redundancy built into it, including algorithms designed to balance unusually high levels of traffic.
"This is a high-profile target, so there are a lot of measures in place to protect it," Zulfikar Ramzan, senior principal reseacher with Symantec (Nasdaq: SYMC) Security Response, told TechNewsWorld. "If the attack had been successful, it would have been a different story."
The shoring up groups did following the previous attacks "clearly worked," Matt Sergeant, senior antispam technologist at MessageLabs, told TechNewsWorld. "They have been readjusted and redistributed so an attack will be more widespread than just concentrated on a specific server."
Little concrete information has been released about the attacks. Presumably, the involved organizations are still analyzing the data.
"No one is talking about it," Dave Kennedy, senior risk analyst for Cybertrust, told TechNewsWorld. "No one is asking for help."
In this environment, speculation, rumors and misinformation have been rampant. For instance, it has been reported that the bulk of the attacks emanated from South Korea.
"We don't understand why South Korea is being blamed because from what we are seeing it is not them," Kennedy stated. "I have seen other reports that said [attacks from] China [are] playing a bigger role."
Reports also vary about the severity of the attacks. "There have been some exaggerations from what I can tell," he noted. "The servers were never down. They may have been unreachable in some places but that was more a result of the servers protecting themselves during the attack."
More than likely, the hackers used a bot network, or zombie computers, to carry out the attacks, Ramzan said. "Individual computer users should make sure they are not an accessory to such acts" by maintaining proper security.
Unfortunately, Sergeant commented, bot networks are easily available. "The hackers could have created their own or bought a network for a few hundred dollars."
There is also no shortage of speculation on the intent of the attacks, and the fact that the attacks occurred on Safer Internet Day did not escape notice.
Kennedy pointed out that the attacks coincided with the North American Network Operators' Group annual meeting, held this year in Toronto. Another DoS attack in 2000 also occurred during the group's meeting, he said.
It's also possible the attacks were committed for a hacker or a group of hackers to show someone in their circle what they can do, Kennedy stated.
However, if that were the case, it's unlikely that there would be repeat demonstrations, at least on a regular basis, he said.
Hackers and malware writers need the Internet to do business themselves -- not only to communicate but also to run online scams, Kennedy contended.
"There is little point for them to bring it down. ... Generally, though, it is hard to get into the heads of hackers and try to figure out what motivates them," he said.
The most obvious motivation is financial gain -- the main driver behind most malware on the Internet today. Assuming everything had gone the hackers' way, in fact, they could have made more money than any malware writer had made before.
If the hackers had gained control of the servers, they could have begun rerouting traffic and performing sophisticated farming attacks, Randy Abrams, director of technical education at antivirus software firm Eset, told TechNewsWorld.
A user would type in an address and get rerouted to a different address without realizing it in this scenario. Online banking, as an example, would probably be a key target.
Print Version
E-Mail Article
Reprints
More by Erika Morphy
Next Article in Security
|
Click Fraud: A Growing Nuisance for Web Advertisers, Part 1 February 07, 2007 
Click fraud -- the practice of falsely inflating online ad clickthroughs -- has hit an all-time high, according to a recent report. How big a problem is it? Will click fraud vanish once publishers and advertisers place a high enough demand on authenticity? Or will the fraudsters grow in sophistication as the practice becomes more lucrative?
|
Related Stories
|
Hacker Claims to Have Cracked Next Gen DRM Standard December 29, 2006 
A hacker claimes to have decrypted the next gen DRM standard for high definition DVDs. Called Advanced Access Content System, or AACS, this standard has been adopted by most of the major Hollywood and music studios to protect the newest DVDs and CDs. The tools and title keys used were posted on the Internet and a video of the decryption was posted on YouTube.
|
Related News Alerts
More by Erika Morphy
|
Windows 7 Flies Off the Shelves November 06, 2009 
Early sales figures on Windows 7 boxed software suggest a high level of consumer enthusiasm for the OS. Unit sales were a whopping 234 percent higher than Vista's out of the gate. The revenue haul was not as impressive, as Microsoft offered sharp discounts to spur presales. Also, sales of PCs with Windows 7 preinstalled have been lackluster -- but October is historically a weak month for PC sales.
|
Southwest Doesn't Fool Around November 06, 2009 
Either Southwest Airlines had better deals for my favorite route than its competitors or its superior Web site tools made it easier for me to ferret them out. Either way, kudos to Southwest. In the not-so-hot department were the airline's long list of what passengers weren't allowed to do and its very short list of what Southwest was obliged to do for them. Left me feeling a little chilly.
|
Commerce Search Puts Google Inside Retailers' Catalogs November 05, 2009 
Google has launched a new cloud-based search tool targeting enterprise-level e-commerce operations, just in time for the 2009 holiday selling season. Commerce Search provides a set of features designed to improve the relevance of results for consumers searching a retailer's own product catalog, while boosting cross-selling opportunities.
|
Get Business and Technology News Alerts
Most Popular | Spotlight Features | Exclusives
This Week on ECT News Network | Podcasts
Online Retail Transaction Performance Indices
Inside E-Commerce Times
|
Reader Services
|
Corporate
|
Headline Feeds
Talkback: 
