April 19, 2000 11:45 AM PDT
Canadian police arrest suspect in major Web attacks
- Related Stories
Canadian officials search for hacker in cyberattacksFebruary 17, 2000
Leading Web sites under attackFebruary 9, 2000
A 15-year-old boy known online as "Mafiaboy" has been accused of launching the attacks that began last February. Canadian officials would not name the boy, because Canadian law prevents releasing the names of juvenile suspects.
The boy was arrested April 15. A complete search of his home followed, and all computers and computer equipment within the home were confiscated, Canadian officials said.
On April 17, a Canadian court charged the boy with a misdemeanor for specifically attacking CNN's Web sites during the week of February 7. Canadian officials did not say whether the CNN attacks would be the only charges brought against the boy.
The Web was rocked in February by an unprecedented series of attacks that temporarily blacked out half a dozen of the largest e-commerce and portal sites, drawing international attention.
Leading portal Yahoo was the first to be hit by a so-called distributed denial of service attack; e-commerce sites Amazon.com, eBay and Buy.com, trading sites E*Trade and Datek Online, and CNN also were brought down by the attacks for a brief period of time.
In a denial of service attack, hackers use any number of computers to send a barrage of information requests to servers that host Web sites. The overwhelming stream of information often clogs a server network and paralyzes the site it hosts.
While the boy awaits trial, restrictions have been put in place by the court to prevent him from using computers or accessing the Web. He may no longer use a computer except for at school, where he must be in the presence of a school supervisor. He also is not allowed to use the Internet in any way and may not go into stores that sell computers or computer parts, Canadian officials said
Just days after the attacks occurred, FBI officials asked for the help of Canadian law enforcement to investigate a Montreal-based Internet service provider in an attempt to gather information about a suspected hacker that could have been involved in attacks on some of the Net's leading Web sites.
Royal Canadian Mounted Police questioned executives at ISP Internet Direct about a former subscriber with the Internet handle "Mafiaboy." This online name was the same one that several security experts had pointed to as a possible suspect in the denial of service attacks.
The Mafiaboy handle held two accounts on Delphi Supernet, a Montreal-based ISP that Internet Direct acquired last May.
The boy is being charged under the Computer Fraud and Abuse Act, which was expanded in 1996 to cover all computers used in commerce. It prohibits the unauthorized access of information and the transmission of anything that causes damage or facilitates fraud and extortion.
Penalties can include up to six months in jail or 10 years for a repeat offender and twice the gross monetary loss to the victim.
The danger of attacks such as the ones in February has grown in recent months because of the release of software that makes it easier to distribute and operate these remote attack tools. Tools with names such as Trinoo, Tribe Flood Network and Stacheldraht (German for "barbed wire") are widely available on the Web.