NSC - Ten Of Thousands Of Computer 'Zombies' Could Cripple Internet

Rense.com
NSC - Ten Of Thousands Of Computer 'Zombies' Could Cripple Internet By Michael Kirkland
http://www.vny.com/cf/News/upidetail.cfm?QID=147841
12-29-00
WASHINGTON (UPI) - The U.S. government believes tens of thousands of innocent computer systems may have been turned into "zombies" that hackers could use to cripple the Internet, a top National Security Council analyst told United Press International Thursday.

The NSC's Richard Clark, special assistant to the president for trans-national threats, said the explosion of "zombies" -- innocent computer systems made more vulnerable by proliferating new technology -- would allow illegal hackers to launch an attack that would make last February's denial-of-service attacks look "fairly minor."

Though their unsuspecting users continue to operate them in a normal way, a vast number of computers may now contain a ticking software time bomb.

"Dedicated denial of service," or DDOS, attacks bring down computer networks by flooding them with more traffic than they can process.

Illegal hackers -- "crackers" as opposed to constructive hackers -- hide DDOS "packets" or "daemons" in the computer systems of unwitting users, turning the systems into "zombies." At a specific time, or after receiving a signal from the hacker, hundreds of innocent zombies can launch attacks against a single target.

Last February, multiple zombies flooded high-profile commerce sites with messages that had "spoofed" return e-mail addresses -- addresses that didn't exist.

When systems at sites such as E-Bay, CNN.com and Yahoo! tried to answer the spoofed messages, they were caught in an endless, futile cycle. A number of major e-commerce sites were shut down for days.

Only one suspect has ever been investigated in the attacks, a 15-year-old Canadian youth known online as "mafiaboy."

U.S. agencies such as the FBI's National Infrastructure Protection Center, or NIPC, believed the February attacks were launched from hundreds of innocent "zombies." But the problem may have gotten much worse in the last 11 months.

"We now believe that tens of thousands of computer systems have become zombies without (their users) knowing about it," the NSC's Clark said Thursday. "...This could mean a very large scale DDOS attack could be launched...which would slow the Internet to a crawl...."

The large-scale attacks could also crash the computer networks of Internet service providers.

"That's probably the greatest immediate (cyber-security) threat" for the incoming Bush administration, Clark said.

The proliferation of digital subscriber lines, or DSLs, that are "hard-wired" into the Internet -- as opposed to dial-in machines -- has opened the door for illegal hackers to access many personal computers, making them prime candidates to become zombies. "People need to put a firewall on their home DSL lines" to prevent hackers using them to launch DDOS attacks, Clark said.

Clark said illegal hackers "map" the Internet constantly, looking for DSL-connected systems that are vulnerable.

Firewall software is available from most DSL providers and several Internet security services.

Clark said government and industry need to assemble "a network of service providers and manufacturers, so that when (a large-scale DDOS attack) does begin to happen, we can communicate with all the experts around the country so that we can come up with the fix."

Once a fix is constructed, "we need to distribute that information as broadly and as quickly as possible," he added.

Government and private sector analysts have already spent much of 2000 warning that February's attacks could be repeated in a more damaging way.

NIPC Director Mike Vatis told UPI earlier this that a cyber-assault on U.S. systems by a foreign government might come in the form of a DDOS attack.

In July, a prominent security analyst in Tacoma, Wash., said the Internet has much more tempting targets for hackers than e-commerce sites.

Karen Worstell is vice president of information security at AtomicTangerine, and works in cooperation with Interpol to foil crime on the Internet.

"Some services on the Internet...are critical to its operation, such as 'domain name' service," Worstell told UPI last summer. "...If anything were to disrupt that, the error would propagate quickly on the Internet and the problem would be enormous."

MainPage
http://www.rense.com

This Site Served by TheHostPros