TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

BUSINESS
Playing for Iraq's jackpot

Coke & smoke bite Dow

Sun Microsystems posts tiny profit

(MORE)

MARKETS	4:30pm ET, 4/16
DJIA	144.70	8257.60
NAS	3.71	1394.72
S&P	10.90	879.91

SPORTS
Jordan says farewell for the third time

Shaq could miss playoff game for child's birth

Ex-USOC official says athletes bent drug rules

(MORE)

All Scoreboards

WORLD

Quake help not fast enough, says Indian PM

U.S.

Bush: No help from Washington for California power crunch

POLITICS

Bush signs order opening 'faith-based' charity office for business

LAW

Prosecutor says witnesses saw rap star shoot gun in club

ENTERTAINMENT

Can the second 'Survivor' live up to the first?

HEALTH

Heart doctors debate ethics of testing super-aspirin

TRAVEL

Nurses to aid ailing airline passengers

FOOD

Texas cattle quarantined after violation of mad-cow feed ban

ARTS & STYLE

Ceramist Adler adds furniture to his creations

(MORE HEADLINES)

MAINPAGE WORLD U.S. WEATHER BUSINESS SPORTS

TECHNOLOGY

computing personal technology

SPACE HEALTH ENTERTAINMENT POLITICS LAW CAREER TRAVEL FOOD ARTS & STYLE BOOKS NATURE IN-DEPTH ANALYSIS LOCAL
EDITIONS:
CNN.com Europe change default edition
MULTIMEDIA:
video video archive audio multimedia showcase more services

E-MAIL:

Subscribe to one of our news e-mail lists.
Enter your address:

DISCUSSION:

chat
feedback

CNN WEB SITES:

CNNfyi.com
CNN.com Europe
AsiaNow
Spanish
Portuguese
German
Italian
Danish
Japanese
Chinese Headlines
Korean Headlines

TIME INC. SITES:

CNN NETWORKS:

CNN anchors
transcripts
Turner distribution

SITE INFO:

help
contents
search
ad info
jobs

WEB SERVICES:

E*Trade, ZDNet latest targets in wave of cyber-attacks

Earlier strikes hit eBay, Amazon, CNN.com, Yahoo!

February 9, 2000
Web posted at: 1:33 p.m. EST (1833 GMT)

In this story:

FBI expected to investigate

Tactic 'difficult to address'

RELATED STORIES, SITES

SAN FRANCISCO (CNN) -- The latest in a series of major cyber-attacks targeted Internet brokerage site E*Trade and information company Ziff-Davis Wednesday morning.

Several e-commerce sites, portals and news outlets have been hit by the computer attacks that began Monday, leaving them unreachable to the public for hours and flooded with junk data.

VIDEO

Interview with CNN Technology Correspondent Ann Kellan about how the attacks hardly affect home computers.
QuickTime	Play
Real	28K	80K
Windows Media	28K	80K

CNN's Catherine Callaway explains the Internet invasion.
QuickTime	Play
Real	28K	80K
Windows Media	28K	80K

CNNfn correspondent Fred Katayama reports on the attacks on Yahoo! and Buy.com.
QuickTime	Play
Real	28K	80K
Windows Media	28K	80K

RESOURCES

Check here to see how a denial of service attack works.

ALSO

FBI seeks Web vandals

MESSAGE BOARD

Insurgency

President Clinton said the federal government is looking into what it can do to stop the attacks and the FBI scheduled a news briefing for Wednesday afternoon.

E*Trade said it suffered a denial of service attack before the stock market opened Wednesday, lasting a little over an hour.

"It looks like a denial of service attack," spokesman Patrick DiChiro told CNNfn.com. "At any given time, a minority of investors were impacted, but the majority were able to conduct trades."

Approximately 70% of ZDNet's Internet content, including ZD Network News and ZDNet Product Reviews, was unreachable to users for two hours during the attack on its ZDNet.com address.

"All signs point to this being the same type of denial of service problem that's being experienced by other sites," according to Martha Papalia, spokesperson for Ziff-Davis.

Internet stock trading company Datek Online also reported problems. At about 9:35 a.m. EST Wednesday, traffic capacity on one ISP used by Datek dropped to about 10 percent of normal levels, according to Brian K. Dorf, associate manager of public relations for the company.

Technicians labeled the incident as a network router failure, but are still checking into the possibility that they were the target of an attack. Users were able to continue trades, Dorf said, by using a different address that took them to other ISPs. No trading information was compromised, Dorf said.

Other targets included retail giant Amazon.com, electronic auction house eBay, discount retailer Buy.com and CNN Interactive, all hit Tuesday, and the portal Yahoo!, hit on Monday.

The "denial of service attack," where hackers jam a Web site with useless data that tie up the site's computers, slowed the news site's operations for nearly two hours, CNN.com spokeswoman Edna Johnson said.

"We were seriously affected. We were serving content, but it was very inconsistent and very little," Johnson said in a written statement. "By 8:45 p.m., our upstream providers had put blocks in place that are shielding us, and we are now serving content."

FBI expected to investigate

There was no immediate claim of responsibility for the attacks. The FBI's National Infrastructure Protection Center is expected to investigate the attacks to try to determine their origin, a senior law enforcement official told CNN late Tuesday.

The FBI may well be taking a proactive approach now. ZDNet confirmed to CNN that the FBI contacted the company before it knew it was being hit and has begun to investigate.

The tactic used is similar to phone lines being tied up by too many calls, allowing no callers through. At Amazon.com, the premier e-commerce site, spokesman Bill Curry said their site was hit between 8 and 9 p.m. EST.

"Users who tried to log on to Amazon.com experienced slower load time for Web pages, but Amazon was still able to process orders," he said. "A large amount of junk traffic was directed to our site, resulting in degraded service for an hour."

Buy.com -- which had its initial public offering earlier Tuesday -- was down for about three hours. While the site experienced increased traffic as a result of the IPO, a company spokesman said it was not the cause of the Web site's crash -- hackers were.

Good news for a company is beginning to coincide with attacks. Just Tuesday, a day before they were attacked, Ziff-Davis released a positive earnings statement.

Background: Denial of Service Attacks

A denial of service attack is a merciless stream of information sent to a target with the intention of flooding it until it crashes or can no longer take legitimate traffic. Unlike most other "hacks," it does not involve the attacker gaining access or entry into the targeted server. The information frequently is sent in the form of "pings" -- small packets of data used as a signal between computers. If the pinger lies about its real address, the target computer can't return the ping to make the connection. In that case, the target waits and finally gives up. In great amounts, this can overwhelm a server.
More on denial of service hacking

At the hacked eBay, officials said a preliminary investigation shows that users were unable to view certain pages, like those describing items for auction.

Tactic 'difficult to address'

The attacks sent ripples through the Web world.

"This happens by some malicious people writing a computer program that send too, too many requests to a Web site," said Gene Shklar, with Keynote Systems, which measures Web site performance.

The attack on CNN Interactive marked the first major hack on the site since it launched in August 1995. Both CNN and CNN Interactive are owned by Time Warner Inc.

"What better Web site to attack than the Web site of the TV network that's doing news about this very occurrence?" Shklar said.

Richard Power, an official of the Computer Security Institute, said tools have been in place "for a while" for hackers to orchestrate such attacks.

"There have been attacks before, but these are the first highly publicized ones," he said. "Denial of service is one of the most difficult challenges in terms of securing the Internet that we face, actually, and it will be one of the most difficult things to address."