February 9, 2000 1:50 PM PST

Leading Web sites under attack

Related Stories

Attack knocks out Buy.com

February 8, 2000

Outage a deliberate attack, Yahoo says

February 7, 2000
Several major Web sites have reported attacks over the past few days that rendered their sites largely inaccessible.

E-commerce giants eBay, Amazon.com and Buy.com, along with Yahoo, news site CNN.com, online trading sites E*Trade and Datek, and technology information provider ZDNet have reported similar attacks.

This is relatively easy to do and not easy to defend against. The FBI today held a press conference to address the recent denial of service attacks. Attorney General Janet Reno said that federal law enforcement officials will combine their resources to combat online vandalism.

The FBI would not disclose how many agents it is dedicating to the effort, but Ron Dick, chief of the Investigations and Operations section for the National Infrastructure Protection Center (NIPC), said: "As many as it takes."

This morning, E*Trade and ZDNet confirmed they had suffered from denial of service attacks.

An E*Trade representative said the attack began around 5 a.m. PST and lasted for about one and a half hours. The service has been fully restored, said Patrick DiChiro, an E*Trade spokesman. "The security of the site was never compromised, and neither were our customer accounts."

How a denial of service attack works E*Trade said that only a small percentage of its customers were affected, and the company steered others to live brokers and other alternative trading methods.

Web brokerage Datek Online was affected this morning between 6:35 and 7:05 a.m. PST, according to a spokesman. He said the company noticed that customer traffic accessing its site from one of its many Internet service providers had dropped to 10 percent of normal.

"That is a significant drop," said Michael Dunn, adding that neither the security of the site nor any customer accounts were breached because only the ISP used by Datek was hobbled.

"We directed traffic from that ISP to the other providers we use," Dunn said.

Robert Borchert, a Ziff-Davis spokesman, said, "All indications were that we were under attack for a denial of service similar to CNN and eBay." As of around 6:45 a.m. PST, the site's service was restored, Borchert added.

Web sites under fire
  Hit by attack* Approximate duration
Yahoo 10:20 a.m.
Mon.
3 hours
Buy.com 10:50 a.m.
Tues.
3 hours
eBay 3:20 p.m.
Tues.
90 minutes
CNN.com 4:00 p.m.
Tues.
110 minutes
Amazon.com 5:00 p.m.
Tues.
1 hour
ZDNet 6:45 a.m.
Wed.
3 hours
E*Trade 5:00 a.m.
Wed.
90 minutes
Datek 6:35 a.m.
Wed.
30 minutes
*All times PST
Like the other sites that were attacked over the past few days, ZDNet ranks in the top 25 most visited sites on the Web, according to Media Metrix.

eBay and Amazon confirmed late yesterday that they were struck by "denial of service" attacks, the same tactic that crippled Yahoo on Monday.

Earlier yesterday, Buy.com reported that it was down for about three hours as the result of an attack. Meanwhile, CNN.com, a leading Internet news site, also was victimized yesterday.

The attacks highlight the unique vulnerability of e-commerce: These businesses can be virtually shut down for several hours by faceless hackers, unlike a chain of Wal-Mart stores.

There was no indication yet whether the attacks of the past two days were part of a coordinated effort or the result of "copycats" mimicking the damage that was inflicted on Yahoo.

Sites such as Yahoo and eBay said they are working with the FBI and local law enforcement officials to track down the hackers.

"Like several other major Internet sites, Amazon.com came under a denial of service attack" at about 5 p.m. PST, Amazon spokesman Bill Curry said yesterday. "A large amount of junk traffic was directed to our site resulting in degraded service for about one hour."

Curry added that "service has been restored," but he declined to say whether the attack had stopped or whether Amazon took steps to thwart it.

In eBay's case, the online auctioneer posted a notice on its site notifying users of the problem about 3:20 p.m. yesterday, eBay spokesman Kevin Pursglove said.

"The preliminary finding is that indeed we did suffer a service attack similar to the events (on Monday)" against Yahoo, he added.

He said some users complained they were unable to access the site. Others could search the site and bid on items, although the site was sluggish. He contended the site was available to a "majority" of users but cautioned that all findings were preliminary.

Later yesterday, eBay posted a notice stating: "While the vast majority of service has been restored, we are experiencing issues with the pics servers which may be related to earlier issues.

"We continue to take multiple measures to fight this, including working with local and federal authorities, ISPs including Sprint, UUNet and AboveNet, our vendors including Cisco, our partners, and other Internet sites that have recently been attacked in the same way."

eBay added that the attack "has not and does not jeopardize data, such as credit card information or auction information."

A denial of service outage occurs when attackers bombard a Web site's servers with fake packets of requests for information. When the server responds, the attackers' system steps up the barrage by sending more requests. The affected Web site struggles to keep up with the mounting number of requests, slowing performance for users or ultimately crashing the system.

Keynote Systems, which measures the performance of Web sites, said the attack on eBay was similar to the other attacks.

It "looked very similar Shutdown
special report to Yahoo and Buy.com," said Daniel Todd, Keynote's director of public services. "It basically looked like a complete blackout at this point."

In Yahoo's case, the attack was focused on the company that hosts its Web sites, GlobalCenter. But the service attack against eBay struck at several points across the Internet, Todd said.

The attacks weren't limited to e-commerce and portal sites. CNN Interactive, which operates CNN.com, said late yesterday the news site also was struck by a denial of service attack.

"At 7 p.m. (EST) tonight we were attacked by hackers," said spokeswoman Edna Johnson.

Johnson added that by 8:45 "blocks" had been implemented to defend against the attack. "We are still under attack, but we (have) significantly improved what we are able to provide."

News.com's Jeff Pelline, Scott Ard, Jim Hu and Sandeep Junnarkar contributed to this report.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.