Skip to main content
CNN Europe CNN Asia
On CNN TV Transcripts Headline News CNN International About Preferences
powered by Yahoo!

FBI seeks to trace massive Net attack

Bid fails to topple Web

By Jeordan Legon

Bid fails to topple Web

   Story Tools


(CNN) -- As investigators continued tracking the source of a bid to topple the heart of the Internet this week, experts said the attack was neither the most efficient nor likely way to inflict pain on the average Web surfer.

"Most people had no idea this was happening," said Hari Balakrishnan, a computer science professor at the Massachusetts Institute of Technology. "If the top five most-visited sites were down, that's when people will tell you their service was disrupted."

It's called a "denial of service" attack. And investigators are hard at work trying to find those responsible, said FBI agent Steven Berry. A White House spokesman was asked whether cyber-terrorism was suspected.

"I'm not aware there's anything that would lead anybody in that direction. History has shown that many of these attacks actually come from the hacker community," spokesman Ari Fleischer told reporters.

Experts said the attacks would be hard to trace because hackers typically take over unsuspecting government and business computers as launch pads for bogus data.

Technical experts assisting with the investigation told the Associated Press the FBI was trying to pinpoint the origin of the attack by tracking logs of computers unwittingly used.

The attack is nothing new, Balakrishnan said. "I'm sure the top 20 portals in the world are seeing attacks as we speak."

Hackers are constantly trying to disrupt the servers where companies, schools and governments maintain their Web sites by overloading them with useless information.

Security specialists -- working for the government and companies -- monitor systems round-the-clock to ensure that hackers can be stopped in time. But on occasion, the attacks have been so fierce they've brought down sites such as eBay, Amazon and Yahoo.

Servers match requests with sites

The 13 servers hit this week -- key to the Internet's naming system -- are responsible for matching Internet addresses with users' requests.

The attack, which began around 4:45 p.m. EDT Monday, flooded the 13 domain-name service root servers around the world with 30 to 40 times the normal amount of data. Seven of the servers were affected enough to have periods of "zero-reachability," according to Web security firm Matrix NetSystems.

It took about an hour for security specialists to enact defensive measures and restore service.

The attack failed to disrupt service because the data on the 13 key servers is replicated tens of thousands of times by Internet service providers and other computers around the world.

start quoteThis is always an arms race. We shore up the defenses of the Internet and the attackers shore up their tools.end quote
-- Richard DeMillo, Georgia Tech

Only a small fraction of such requests -- as low as 6 percent by some estimates -- ever hit the 13 systems. Many of them are for domains that don't exist, wrongly configured queries or seldom-visited sites, Balakrishnan said.

In some ways, the attacks demonstrate how the government and companies stand ready to thwart hackers, experts say. But it also highlights the need to stay ahead of those that may attempt to bring down popular sites or steal credit card or other sensitive data.

"This is always an arms race," said Richard DeMillo, director of the Information Security Center at the Georgia Institute of Technology. "We shore up the defenses of the Internet and the attackers shore up their tools."

Story Tools

Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards
© 2004 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser. does not endorse external sites.