Web attacks raise security awareness

When internet giants can be felled by hackers, you must use all available tools to stave off attacks.

Written by Sally Whittle, Computing

Remember Space Invaders? Three lone ships drone across the screen, to be obliterated in five seconds of Atari magic. Moments later, the entire invader fleet descends to annihilate your pitiful collection of pixels. Game Over.

That's how executives at some of the internet's biggest-name companies felt last week. eBay and Amazon were cornered by denial of service attacks, as thousands of fake requests for information swamped their websites and took them off the air.

Events kicked off on Tuesday of last week, with an attack on Yahoo, taking the portal offline for three hours. This was swiftly followed by suspiciously similar attacks on eBay and Buy.com, the latter in its first hours of operation after going public.

Next day, Amazon, CNN, ZDNet and online broker Datek all reported assaults, with ZDNet down for two hours. Users also reported problems accessing AOL and Microsoft sites, but those companies did not admit to concerted attack.

Some victims withstood the onslaught better than others. While Yahoo and ZDNet both went dark for several hours, Amazon remained online, albeit with degraded service.

"We were hit in a similar way to several other major internet sites, but normal service was restored within an hour," said a spokesman.

Watch out - here comes denial of service
Denial of service first slimed into public awareness in 1996, when a hacker bombarded computers run by Public Access Networks, a small New York company, with requests to send information. In December 1999, a group calling itself the 'electrohippies' shut down the web servers of the World Trade Organisation.

While dedicated security experts can prevent many virus attacks and hacker intrusions, there is no surefire way of preventing this class of interference. So why didn't Amazon suffer the same fate as Yahoo?

One answer is that Amazon had deployed every tool available to minimise the effects of a possible attack. Filters that can distinguish between genuine and 'spoof' requests were not installed at Yahoo until several hours after the attack commenced.

These tools are expensive but, in light of all this, surely a worthwhile investment. The nominal bill for last week's events will top $1.2bn (£754m), according to Matthew Kovar, a senior analyst with researcher Yankee Group. This includes $1bn wiped off share values, $100m revenue losses and $200m for necessary security infrastructure upgrades.

"The resulting brand image, partnership, and future customer damage will result in further significant damage to all of these companies," he says.

Security software in demand
Unsurprisingly, demand for security software has gone through the roof. Network ICE reported a 50 per cent leap in sales of its anti-hacker software, while publicly traded stock of security consultancies surged. Watchguard Technologies shot up more than 60 per cent over the week, while Axent Technologies and RSA Security both saw rises of around 25 per cent.

The FBI, now responsible for tracking down the attackers, is urging businesses to check their security measures in the light of the attacks. "Companies must take ecommerce security more seriously," said Ron Dick, chief of computer investigations at the FBI's National Infrastructure Protection Centre. It is essential to keep up to date with software patches, he added.

"For front-end systems, you should have firewalls, routers and load-balancing systems to reduce the impact," says John Pescatore, research analyst with GartnerGroup.

Protection is also a responsibility of carriers and ISPs, say analysts, and users must pressure service providers to shield them. "It's time for ISPs to step up to the plate," says Pescatore. "They should provide intrusion detection systems and throttling controls to limit the effect of an attack."

Dummy servers immobile against attack
But the problem with many ISPs is that they use dummy servers which cannot distinguish between genuine user requests and spammed packets from distributed computers. But with more sophisticated hardware and filtering systems, service-denial waves could be detected at the ISP stage.

The Yankee Group agrees carriers need to work with hosting companies to better deal with attacks that occur over their backbones. "These companies should be legally and financially responsible for the consequences of not acting," said Kovar.

Yankee advises deployment of comprehensive security systems that include firewalls, hardened operating systems, security assessment and intrusion detection systems. "This may require a paradigm shift among corporations, starting at chief executive level," says Kovar. "Ebusinesses have prioritised web performance. They must change that to having a secure internet presence."

HOW YOU CAN COMBAT DENIAL OF SERVICE

  • Establish alternative channels. If your web channel is crippled, customers should be able to contact you by telephone or in person.
  • Distribute your infrastructure across multiple networks and data centres. This way, if you are under attack, at least some customers will still be able to access the site.
  • Pressure ISPs to become good corporate citizens. In an attack, the source IP address is often falsified. If ISPs implement anti-spoof filters, this is harder for hackers to do.
  • Ensure your company uses complete and up-to-date security patches to reduce the chances that your website will be used as a launch pad for denial of service attacks on other sites.
  • Have your say
  • Send to a friend
  • Print this
  • Share

Tags:

reader comments

related articles

Web-based attacks set to soar

Automated scripts now the most significant risk 05 Apr 2002

 

Users at fault over security

According to a leading security expert it is users, not operating systems, that represent an organisation's security weak spots. 12 Apr 2000

FBI alarm over virus that calls the police

A computer virus that can phone the emergency services and even wipe a user's hard drive has been reported by the Federal Bureau of Investigation (FBI). 03 Apr 2000

Mid-range routers face slump

Sales of mid-range routers declined steadily in 1999, but are set to plummet dramatically during 2000, according to research released last week by Dell'Oro Group. 16 Mar 2000

UK and US lead global charge against cybercrime

Leading information technology associations in the UK and US are joining forces to tackle the increasing problem of cybercrime. 10 Mar 2000

Microsoft steps up battle against web attacks

Microsoft has stepped up its research into denial-of-service attacks after the emergence of a new tool that threatens Windows servers. 07 Mar 2000

Virus variants put users at risk

Users are at risk from new variants of popular viruses which can evade some antivirus protection. 06 Mar 2000

related whitepapers

today's top stories

Telepresence: coming to a screen near you?

Telepresence systems enable organisations to hold boardroom-style meetings with far-flung participants without the hassle and expense of arranging travel and accommodation. But while the technology is impressive, it does not come cheap, as Martin Courtney discovered when he sat in on a virtual meeting with executives from Philips 10 Mar 2010

Users give their verdict on Azure

Some of the first wave of UK adopters met in London recently to air their views on Microsoft’s cloud computing platform. Dave Bailey listened in 10 Mar 2010

Protests greet new Digital Economy Bill amendment

ISPs, digital rights groups and Liberal Democrat supporters cry foul 05 Mar 2010

Publishing special - Publishers innovate to survive

1) IT could hold the key to the future of publishing 2) Case Study: The Guardian harnesses social and mobile apps 3) How publishers are reacting to the iPad 02 Mar 2010

IT Leaders' Forum in association with IBM

A unique opportunity to hear from expert speakers and engage in a debate about the future of the CIO job function 29 Jan 2010

Advertisement

Keys to successful Service‐Oriented Architecture implementation

This white paper explores best practices and general design patterns for service oriented architecture (SOA).

The Roadmap to IT Maturity — Matching Strategy to Infrastructure for Business Success

This paper defines a roadmap for matching infrastructure strategy to business success.

Advertisement

Keep up to date with the latest products, services and technologies from the world's leading IT companies; ITHound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

Job alerts

Sign up here

Find your next job

IT Salary Checker

Check salary here

Advertisement

Latest poll

NHS centralised data

NHS centralised data

Do you think the NHS can be trusted to safely look after personal data electronically?

View poll results

Latest audio and video articles

Video

HP unveils S Series notebooks

'Prosumer' line overhauled 01 Mar 2010

Web Seminar Listings

Preparing for enterprise-scale Windows 7 migration

The web seminar on 18 Feb will discuss how Windows 7 migration can increase IT efficiency in large enterprises, freeing up budgetary and personnel resources to focus on business innovation. Our panel of experts will examine the strategies, tools and services IT leaders can use to migrate successfully and reap the rewards of increased efficiency. 19 Feb 2010

Latest in-depth articles

LaboratoryFeatures

Finding the right formula

Drug and food testing company Eclipse Scientific wanted to make its internal communications system easier to manage and more responsive to the needs of employees and customers. Nicola Brittain reports 16 Mar 2010

Videoconference on a laptopFeatures

Get ready to roll

Moving staff over to a unified communications platform can have a huge impact on their working practices. Rachel Fielding explains how IT leaders can ensure the transition goes smoothly 16 Mar 2010

Primary Navigation