Internet holding up well
The Internet, which links millions of people and controls some key parts of the U.S. infrastructure, has suffered no damage during "Operation Iraqi Freedom" and isn't threatened, officials say.
But some minor Web sites have been vandalized, and both federal and private-sector experts in the United States urged computer users to use maximum caution in maintaining their machines to minimize the chances of a serious attack. The Internet, a network of networks that has no owner or manager, remains healthy and resilient, they said.
"In periods of political tension, there's normally an upsurge in cyber-intrusions," said David Wray, a spokesperson for the U.S. Department of Homeland Security.
"But we have not seen that on the federal side at this point. We have not seen any increase in hacking or Web defacing activity on sites that are federal or are essential to the war effort or the infrastructure.''
The Internet Health Report — maintained by California-based Keynote Systems Inc. at http://www.internetpulse.net — is a constantly updated, colour-coded graphic that reflects any unusual delays within the Internet. All day Friday it was green, which denotes "healthy" — or a latency of less than 80 milliseconds (ms). On the weekend it was split between green and blue, which means "stable" — or a latency of less than 120 ms. (Yellow is "severe," with latency of less than 180 ms, while red denotes "critical," with a latency greater than 180 ms.)
Web-based attacks could come from at least three groups, said F-Secure Corp., a Helsinki, Finland-based creator of security software. Those are:
- U.S.-based patriotic hackers, who want to support the war effort by launching distributed denial-of-service attacks against Iraqi government or corporate e-mail servers or Web sites, thus temporarily crippling them.
- Islamic extremist groups launching attacks against U.S. Web sites, especially those ending in ".mil," indicating they are run by the military.
- Peace activists who oppose the war.
Starting two days before the United States attacked Baghdad, more than 200 sites were hacked, most of them related to Iraq, according to F-Secure. The number of sites hacked since then has been ``constantly increasing," and Friday totalled about 1,000, that company's Web site says.
Among the sites that were vandalized are the U.S. National Centre for Agricultural Utilization and the U.S. Navy.
Unix Security Guards, a pro-Islamic hackers' group, has defaced nearly 400 Web sites, writing anti-war slogans in both Arabic and English, Wray said. But he minimized those attacks.
"They don't affect any federal (U.S.) sites, anything essential to security, anything having to do with pushing gas through the pipelines or controlling the floodgates on dams," Wray said.
Lloyd Taylor, Keynote's vice president of technology and operations, agreed.
"No site that people really flock to has been affected," he said. "What's happened is more of a nuisance than a danger."
Two viruses or worms introduced this month — Prune and Ganda — contained some reference to Iraq. A third, called Lioten, was introduced in December. All three are controllable with updated antivirus software.
Scott Charney, chief security strategist at Microsoft Corp, said neither he nor other experts in computer security expect an attack that tries to bring down the Internet itself.
That's because it would be hard to bring down the networks, and also because doing so wouldn't create either the graphic images or the outright fear that terrorists often seek to create, he said in a recent interview with Computerworld magazine.
"The Internet's redundancy is the key to its strength," said Keynote's Taylor. "There are always two or three alternative routes for messages to go through. If one's not available, several others are."
Microsoft spokesperson Sean Sundwall said the company hasn't issued any extra warnings to customers about a need for increased security and hasn't noticed a spike in security-related questions from users.
Still, Charney urged corporate information technology personnel to be extra vigilant. He suggested they ask themselves whether they're in an infrastructure that might be targeted by terrorists or that supports military operations. If so, they could be a target, he warned.
If they are, they should be especially careful to determine that their servers are configured correctly, they can "lock down" their systems to exclude outsiders completely if necessary, and their patches (periodic fixes) are up to date.
Corporations' failure to protect their own systems can not only make them victims but can allow an attacker to harness those systems, unbeknownst to the company, in a denial-of-service attack.
Such attacks harness unprotected computers to flood a targeted Web site with so much traffic that legitimate users can't get through.
Individuals should also do their parts to protect themselves and the Internet, the experts said.
In a press briefing last week, U.S. Homeland Security Secretary Tom Ridge said the agency "will continue to monitor the Internet for signs of a potential terrorist attack, cyberterrorism, hacking and state-sponsored information warfare."
Cybercrime News Archive