Attack Blocks Access to Popular Web Sites
A widespread electronic attack on a company that handles traffic for some of the world's most-visited Web sites knocked several high-profile sites offline for at least 45 minutes early Tuesday.
The attack targeted Internet servers run by Cambridge, Mass.-based Akamai Technologies, which distributes and manages Web data for companies such as Microsoft Corp., Yahoo Inc., Federal Express and Xerox Corp. It also handles traffic for the FBI and washingtonpost.com.
Akamai spokesman Jeff Young said the attack interrupted service to the Web sites around 9 a.m. ET and lasted for just under an hour. All the sites are currently accessible.
Young said that the attack was targeted at the Internet infrastructure on a large scale, and that "We have no reason to believe that the attack was directed solely at Akamai."
Amit Yoran, chief cybersecurity officer for the U.S. Department of Homeland Security, said federal authorities are working with Akamai and the companies that operate the Internet's underlying infrastructure to determine the source of the attack.
One of those companies, Ashburn, Va.-based MCI, is investigating the incident, a spokeswoman said.
Akamai manages high-traffic Web sites by storing its 1,100 customers' Web content on thousands of Internet servers around the world. It manages approximately 15 percent of the traffic on the Internet.
Young said that most of the sites that were affected are search engines that use Akamai's services.
The company's important role makes it an attractive target for hackers who use "distributed denial-of-service attacks" -- huge bursts of data sent by computers that they have taken over -- to overwhelm computer servers and render popular Web sites inaccessible to Internet users.
Akamai's clients often can withstand these data blasts because attackers must knock out all of Akamai's thousands of servers before they can claim success. Microsoft, one of Akamai's biggest customers, used the company's service to keep its Web site online last August, when the "Blaster" worm told infected computers to attack Microsoft's Windows security site.
Young said the attack seemed to be designed to interfere with its "DNS servers" that convert numerical Internet addresses into more recognizable names like "www.microsoft.com ."
"Essentially an attacker would need to have enough [compromised computers] under his control to knock out the thousands of Akamai servers and achieve the kind of global outage we saw today," Johannes Ullrich, chief technology officer for the Bethesda, Md.-based SANS Institute.
|
