|Editions | myCNN | Video | Audio | Headline News Brief | Feedback||
Hacker hunters follow lead to Germany
Web site attackers exploited Stanford computers
BERLIN (CNN) -- Cyber detectives tracking hackers who launched an electronic offensive on several top Web sites have followed a lead to Germany.
A program called "Stacheldraht" (Barbed Wire) was used to carry out the attacks -- and whoever ran the program used its German name, a report in Die Welt newspaper said.
The FBI-led National Infastructure Protection Center is working on a theory that the Internet vandal responsible for Tuesday's attacks may be based somewhere in Germany.
U.S. President Bill Clinton has called a summit on Internet security for next week.
Computers at a remote marine research campus operated by Stanford University near Monterey, California, were among those fooled on Tuesday into helping hackers attack some of the Internet's most heavily used sites, the head of Stanford's computer security department says.
Stephen Hansen, head of computer security at the school, said about 50 Stanford computers were fooled into helping route the denial of service attacks on Web sites, including eBay.com, CNN.com, Amazon.com, Buy.com and Yahoo!
Such computers are sometimes called "zombie" computers. In a denial of service attack, they send commands to high capacity computers that flood the affected Web site with millions of messages, blocking access to would-be users.
This kind of hack floods a Web site with so many requests it can't cope. Sources told CNN that Yahoo! was hammered with requests at one gigabyte per second.
That is similar to 104 million people dialing one company's phone lines at once.
Hansen said, "Within minutes we had a network engineer there. He went into the configuration and said 'OK, turn that off, don't allow them to do that anymore.'
"Any time from that point on, any of those packets that arrived were ignored. I'm glad we were able to find it quickly and were able to deal with it in short order."
Universities can be sitting ducks to these attacks, since schools want professors, researchers and students to have easy access to computers to share research and swap information.
Stanford joins the University of California at Santa Barbara as victims of the high-tech hijackings, in which the zombie computers are enslaved to the command of hackers.
Kevin Schmidt, the UCSB campus network programmer, said, "If you go to a university, you have many different constituent groups. You've got research groups, you've got people here for one year, you've got visiting research faculty."
The first defense against hackers is a software block called a firewall -- but that may also keep out the very people for whom the system is intended.
One of the Internet's original uses was to link scholars around the world easily. Research projects at universities typically make it difficult to implement an effective firewall, since a large number of openings are needed for people to go through.
The recent spate of attacks may force universities to choose between academic freedom and system security.
Sources told CNN the denial of service hacks were not sophisticated. They were done using ready-made programs. The hope is that with so many attacks, one of them is bound to leave traces.
Tribal Village (TFN) and Trinoo are two of the programs that experts say are Internet time bombs -- ones used to jam the highly used sites.
Allison Taylor, of Network Associates, said, "They're roadmaps for people to copy from, and then you have copycat attacks over and over and over."
Taylor added, "We've found them in several places. They're prepackaged. The hacker downloads and hacks the program into a number of unsuspecting computers.
"For this attack to happen on all these companies there had to be lots of computers out there that were vulnerable."
Consulting firm says its server was used to attack AOL
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.