- The Washington Times - Thursday, October 24, 2002

The White House yesterday sought to allay concerns about an unusual attack this week against the 13 root computer servers that manage global Internet traffic, stressing that disruption was minimal, and that the FBI is working to find the attackers.
Most Internet users didn't notice any effects from Monday's attack because it lasted only one hour and because the Internet's architecture is designed to tolerate such short-term disruptions, experts said.
The White House said it was not clear where the attack originated, who might be responsible or whether the attack should be considered cyber-terrorism.
"We don't know. We'll take a look to see if there are any signs of who it may or may not be," spokesman Ari Fleischer said. "I'm not aware there's anything that would lead anybody in that direction. History has shown that many of these attacks actually come from the hacker community. But that's why an investigation is under way."
The FBI's National Infrastructure Protection Center and agents from its cyber-crime division were investigating, FBI spokesman Steven Berry said.
Civilian technical experts assisting with the investigation said the FBI was reviewing electronic logs of the computers used in the attack.
In so-called "denial of service" attacks, hackers traditionally seize control of third-party computers owned by universities, corporations and even home users and direct them to send floods of data at preselected targets.
The attack on Monday was notable because it crippled nine of the 13 root servers around the globe that manage Internet traffic. Seven failed to respond to legitimate network traffic and two others failed intermittently during the attack, officials said.
Service was restored after experts enacted defensive measures and the attack suddenly stopped.
"There was some degradation of service. However, nothing failed and providers were able to mitigate the attacks pretty quickly," Mr. Fleischer said.
A spokesman for Office of Homeland Security, Gordon Johndroe, disputed experts who characterized the attack as the most sophisticated and large-scale assault against these crucial computers in the history of the Internet. He said the attack did not use any special techniques and was not particularly sophisticated.
"There were minor degradations, but no failures," Mr. Johndroe said.
Computer experts who manage some of the affected computers, speaking on the condition of anonymity, said the attack effectively shut down the seven servers by saturating their network connections and partially saturating the connections for two others. Although the servers continued operating, they were unable to respond to legitimate Internet requests.
The 13 computers are spread geographically across the globe as a precaution against physical disasters and are operated by U.S. government agencies, universities, corporations and private organizations.
"The public harm in this attack was low," said Marc Zwillinger, a former Justice Department lawyer who investigated similar attacks against e-commerce sites in 2000. "What it demonstrates is the potential for further harm."
Monday's attack wasn't particularly disruptive because many Internet providers and large corporations and organizations temporarily store, or "cache," popular Web directory information for better performance.
Although the Internet theoretically can operate with only a single root server, its performance would slow if more than four root servers failed for any appreciable length of time.

Sign up for Daily Newsletters

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide