Info seekers, hackers besiege government sites
War protesters and hackers are assaulting .gov and .mil Websites “in digital retaliation” for the war in Iraq in record numbers, according to the security firm mi2G Ltd. of London.
“We have noticed more activity in the last 36 hours than we have ever seen. It’s record-breaking,” company chairman D.K. Matai said.
Presidential cybersecurity adviser Howard Schmidt said today the attacks are not unexpected under these circumstances.
“Headline issues bring out people who want to attack systems,” he said. Some are political hacktivists expressing a point of view, some may be looking for sensitive data, and some activity is routine and not related to current events.
The attempts so far have been mostly against Web servers running Linux rather than Sun Solaris or other Unix operating systems, Matai said. The company since June has been tracking a group calling itself Unix Security Guards, based in the Middle East and Eastern Europe, Matai said.
“They’ve focused completely on Linux in the last 24 hours,” he said.
The server for the White House site has so far not been compromised, Schmidt said. One reason is probably that the White House site is a single server, while there are thousands of other .gov and .mil servers that can be hit. The White House does get thousands of scans a day. Security efforts for the site include shutting down unused services and doing port filtering.
Schmidt was vice chairman of the President’s Critical Infrastructure Protection Board until it was dissolved Feb. 28. He said his exact status is up in the air, and it has not been decided whether he will remain in the White House as part of a new critical infrastructure protection council or move to the Homeland Security Department.
Legitimate traffic has also had an impact on Web sites. Attackers and anxious citizens have tried to visit military Web servers so often in the last two days that the home page of Army.mil at one point took more than a minute to download over high-speed lines, according to Internet consultancy Keynote Systems Inc. of San Mateo, Calif.
Downloads also dragged at the Marines Corps site, USMC.mil, and to a lesser extent at Defenselink.mil, AF.mil and Navy.mil.
Eric Siegel, Keynote’s principal consultant, said frustrated information seekers were largely responsible for the slowdowns.
“What’s probably going on with the Army site is bandwidth problems,” Siegel said. “They don’t have a fat enough pipe” for heavy public use, and streaming audio programs through the SoldiersRadioLive’s Apple QuickTime player could account for additional slowdown, he said.
“It has taken commercial sites until now to figure out that test tools give radically different results from the live Web,” Siegel said. “People go to a site, wait, say ‘the hell with it’ and go somewhere else. But the Web load continues when viewers abandon their sessions. The server can’t recover its resources” until connections time out.
Keynote has assessed several U.S. government sites since the start of invasion of Iraq by coalition forces. It found that sites of the Energy, Justice and State departments, Senate, White House and other federal agencies “are not showing notable problems.”
War protest sites had much lengthier download times, however, as did foreign sites such as AlJazeera.net and the Jerusalem Post, at JPost.com.
Cybercrime News Archive