SONYA COLBERG World Staff Writer
Website Worries
The cyberterrorism that hit high-profile Web pages could torpedo sites as small as some of those in Oklahoma, experts say.
And sites belonging to colleges -- including Oklahoma's universities -- could have been unwitting conspirators in the hacker attacks this week that bombarded sites belonging to Amazon, eBay, CNN, Buy.com, Yahoo!, ETrade and ZDNet.
"Smaller sites and much lower profile sites are sometimes of interest," David Sorkin, professor at John Marshal Law School and associate director of the Center for Information Technology and Privacy Law, said in a telephone interview from Chicago.
Hackers like to pick out interesting sites and post their own parody on top of the Web page, Sorkin said. But smaller sites more often fascinate hackers because they can go through them, covering their tracks along the way to another site.
"For example," he said, "if you want to break into Citibank and try to have money wired someplace else offshore, you wouldn't go directly there. You'd hack into a whole series of sites and try to cover your tracks in each one before going to the next. So nobody would be able to track you all the way back.
"That's why smaller sites are often victims to hacker attacks."
Roger Thompson of the International Computer Security Association in Virginia said hackers are tying up sites with huge volumes of junk e- mail simply because they can do it.
"Anybody is at risk," he said in a telephone interview. "People can't do anything about it."
Thompson said the average Oklahoman probably isn't a puppet in the latest hacker assault. It's more likely that colleges or people with high-speed access to the Internet are unknowingly partners in the attacks.
"These bits of code have been planted sometime over the last 4 or 5 months," Thompson said. "They're out there, and if people don't know they're being assimilated, then they don't know they're being used to mount the attacks."
He said hackers have planted programs all over the world that can be accessed remotely so that someone can direct them to start shooting anytime at Yahoo!.
"So a thousand or 10,000 access points start shooting wherever it's told to shoot until it's told to stop," Thompson said.
Although the sites were inaccessible for just an hour or so, Forrester Research estimated that Amazon's sales losses could have mounted to $4.5 million if its site had crashed for a day. Under the same scenario, losses at Yahoo! could have reached $1.6 million. |
Those are estimates that do not include things such as the impact of advertisements not being delivered to customers over a certain period of time, said Frank Prince, senior analyst in the e-business infrastructure division of Forrester Research.
Hackers come up with a new way to break into computers, and they often use that knowledge to build tool kits that allow someone much less knowledgable to do the same thing, Prince said in a telephone interview from Forrester headquarters in Cambridge, Mass.
He said the number of targets increases as everyone tries out their tool kit. Then the number falls because the trick looses its novelty because everybody is trying it.
"There might be a thrill to throwing the first egg at a building," Prince said. "There might be one for throwing the second egg, too. The same for the third one. But by the time someone has thrown the 50th egg, there's no thrill left -- the bragging rights taper off."
The FBI has begun collecting Internet traffic records of companies hit by hackers.
"Everything is in the infant stages," FBI spokeswoman Debbie Weierman said in a telephone interview from Washington, D.C. "We are working on those leads even as we speak."
She said computer users should take security precautions. They include making sure they have accurate fire walls and consulting the National Infrastructure Protection Center Web page at www.nipc.gov to download software that can scan computer systems to detect whether the system played a part in the electronic attacks.
The problem is so big that it has to be solved at the Internet Service Provider level, Thompson said. ISPs could use source- address antispoof filters to ensure that attacks originating within their own networks can be tracked easily.
Brent Johnson, owner of Tulsa-based SecureAgent.com, said his company began working on security issues about five years ago -- around the time some European airlines became interested in security.
"It's finally coming to a head here," he said.
Johnson said it's interesting that the attacks so closely follow a meeting last week when he discussed technology issues with Gov. Frank Keating and leaders of Oklahoma's universities and large companies. During that meeting, Keating predicted the next attack would not be on brick and mortar structures but on data structures.
"And here we are -- not a week later -- and it's happening," Johnson said.
Return to the News Coverage |
