• silicon.com
• Management
• CIO Insights

By Sally Watson, 15 February 2000 00:30

NEWS US President Bill Clinton is meeting with executives from 20 Internet companies today as the crisis over denial-of-service attacks continues. The meeting will include representatives from some of the companies affected by last week's attacks - including eBay and Yahoo! - along with technology firms like Cisco. The US government is particularly worried about the recent spate of hacking as the country becomes increasingly reliant on digital communications and its technological infrastructure. The meeting will also include Attorney General Janet Reno William Daley, commerce secretary Sandy Berger, national security adviser and John Podesta, the President's chief-of-staff. The FBI is continuing its investigation into the attacks, with evidence emerging that computers at the University of California and Stanford were used in last week's blitz. The computers were hacked into and remote software installed, thereby making them part of a distributed network of machines sending material to the targeted server. According to Richard Parkinson, UK MD of security specialist Network Associates (NAI), the security community has known about this type of vulnerability for over a year. "It's surprising it hasn't happened before," he said. Parkinson added that universities are often used in distributed denial-of-service attacks. "Hackers tend to target large sites with large bandwidth connections and large numbers of servers. Universities also tend not to have the money for stringent security," he said. A report in German newspaper, Die Welt, suggests the hunt may now move to Germany with investigators seeking an 'ethical' hacker known as Mixter. The report claims tools developed by him may have been used in the attacks. According to NAI's Parkinson this is unlikely to be the last of this type of attack. "By the very nature of providing services on the Internet you are opening yourself up to a degree," he said. "As long as there's technology out there being developed and changed it's inevitable that human error will create a vulnerability which people will exploit." The hacker, Mixter, has released his own set of guidelines for dealing with denial-of-service attacks at http://packetstorm.securify.com/ . For related news see:
'Hacking wave ends as FBI prepare to investigate' http://www.silicon.com/a35689
'Hackers hit high-profile Web sites' http://www.silicon.com/a35655
'Clinton details cyber-security plans' http://www.silicon.com/a34997