Click Here
ad info
Click Here

Video of the Day
Flying or driving? Which one is riskier? Find out what our survey says.

Watch more CNN VIDEO
CNN.com U.S. News
myCNN | Video | Audio | Headline News Brief | Free E-mail | Feedback


Search




U.S.
TOP STORIES

FAA to order emergency inspections of all MD-80 series aircraft

Forbes turns out the lights on his five-year campaign

Workers hurt at Philadelphia construction site

Law enforcement asks cyber-community for more vigilance

House to vote Thursday on marriage tax provision

Oil prices holding high, for now

(MORE)

TOP STORIES

FAA to order emergency inspections of all MD-80 series aircraft

FBI agents in several states on trail of hackers; probe could extend overseas

Forbes turns out the lights on his five-year campaign

Nasdaq posts record high; Dow closes down

(MORE)
SPORTS

WEATHER

Enter your U.S. Zip:

Click here for U.S. States or world cities
WORLD

POLITICS

TECHNOLOGY

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE

BOOKS



(MORE HEADLINES)
* U.S.
MULTIMEDIA:
DISCUSSION:
CNN WEB SITES:
CNN Websites
FASTER ACCESS:
TIME INC. SITES:
CNN NETWORKS:
Networks image
SITE INFO:
WEB SERVICES:







Hackers - Insurgency on the Internet
Main Page | Bracing for Cyberwar | Hacking Primer | Scenes from the 'Hacker Underground' | Hacking: Two Viewpoints | Timeline | Gallery | News Archive | Discussion | Related Sites

FBI agents in several states on trail of hackers; probe could extend overseas

hacker

February 10, 2000
Web posted at: 6:26 p.m. EST (2326 GMT)


In this story:

Motive still unknown

Y2K daemons?

More vigilance catching intrusions

Pentagon checking its computers

RELATED STORIES, SITES icon



WASHINGTON (CNN) -- The massive federal investigation into a string of computer attacks on the Internet is leading agents across the United States and may extend overseas, Justice Department officials say.

VIDEO
VideoCNN's Marsha Walton reports on security measures for securing e-commerce sites.
QuickTime Play
Real 28K 80K
Windows Media 28K 80K
 
  RESOURCES
 
ALSO
MESSAGE BOARD

Deputy Attorney General Eric Holder said there is "no indication at this point that we are looking at anything that comes from outside the country, though there have been previous, similar attacks that have been launched from outside the country, so that is a possibility we'll certainly have to consider."

Senior officials said the multistate investigation now includes major efforts by FBI field offices in four states, and involves "countless numbers" of agents in several others.

Motive still unknown

"These are people who are criminals," Holder told reporters at a Justice Department briefing Thursday.

"The collective loss, and the cost to respond to these kinds of attacks, can run into the tens of millions of dollars or more."

On Wednesday, online brokerage E-Trade Group Inc. and technology news site ZDNet Inc. became the latest victims. Their sites were knocked out for more than an hour.

The attacks began Monday against Yahoo!, the largest independent Web site. They spread Tuesday to CNN.com and leading retailers Buy.com, eBay and Amazon.com.

Holder said investigators inside and outside the government were working together in a complex effort to track down the hackers. He said that while authorities do not yet know the motive of those responsible, officials consider the matter "very serious" and that the Justice Department may have to consider increasing penalties for cyber-criminals.

A senior Justice Department official involved in the probe said it's likely the hacker or hackers who clogged several popular Internet sites used "dozens or even hundreds" of computers to launch the attacks.

The official, asking not to be identified, said after officials discovered certain "distributed denial of service" tools in December, a warning was sent out.

Hackers
  • Bracing for Cyberwar
  • Hacking Primer
  • Hacking: Two Views
  • Timeline
  • Gallery
  • Discussion
  • TIME: Counterhacking 101
  • Related Sites

  • Y2K daemons?

    The official said these tools, called daemons, can be planted on hundreds of innocent third-party computers, and await a command issued much later from a remote location to launch attacks on a single target.

    The official refused to comment on whether the daemons found in the intensive preparations to guard against Y2K problems were involved in the current attacks.

    A Senate leader who has conducted a series of hearings on countering the cyber threat issued a statement Thursday saying the government had failed to be prepared for such cyber attacks, and he promised additional hearings. "Efforts to protect critical computer networks have unfortunately not kept pace with the march of technology," said Sen. Jon Kyl, R-Arizona.

    "I have been a firm believer that it was always a question of when, not if, our vulnerabilities would be exploited by someone with malicious intent," Kyl said. "The events of the last three days confirm that view."

    More vigilance catching intrusions

    One positive development from the attacks is that some network administrators are being extra careful about checking possible intrusions.

    The Los Angeles Times Web site, latimes.com, received a warning from its Internet service provider, GTE Internetworking, that there had been several attacks against the ISP and urged its customers to be more vigilant.

    Information:
    The FBI asks that any suspected criminal activity be reported to the NIPC Watch and Warning Unit (202) 323-3204/3205/3206 or nipc.watch@fbi.gov
    FBI's recommended steps for victims of illegal computer intrusion:
    • Respond quickly to greatly reduce potential damage and monetary losses.
    • Consider activating Caller ID on inbound lines.
    • Have pre-established points of contact for the general counsel, emergency response personnel, law enforcement, etc.
    • Appoint one person to handle potential evidence. Establish a chain-of-custody.
    • Do not "duel" with the hacker. This typically invites more attacks.
    • Do not use your network's E-mail functions to discuss the incident. The mail server may have been compromised.
    • If you reside within the Washington, D.C. Metropolitan area, contact the WFO IPCIS.

    On Wednesday morning, engineers discovered that one of the latimes.com servers was running a "little abnormally," according to Dan Royal, operations manager for the site.

    They found that someone had entered the server from the outside and placed an "Internet relay chat" program that took up so much bandwidth as to create a disturbance. The incident had no effect on users.

    "It caused no damage, other than a whole lot of people pulling their hair out," Royal said.

    Pentagon checking its computers

    Pentagon officials stressed the military has not been hit by the denial of service attacks and said there's nothing to indicate the systems have been compromised.

    "We've been watching with great interest," said Rear Adm. Craig Quigley at Thursday's Pentagon briefing. "We need to be aware of potential hacking into the DOD computer system and be able to defend against some of those attacks."

    The Defense Department is putting out a message to its computer network administrators to check the hard drive systems.

    Quigley said the Pentagon wants "to see if someone has planted some of this denial of service tools on the drives of Defense Department computers." The spokesman said the check is to make sure the Pentagon's computers could not have unwittingly been a part of the denial of service regime that's being used to clobber some of the other servers."

    Pentagon computers were updated and prepared for any Y2K rollover glitches in a $3.6 billion fix over 18 months leading up to January 1.

    There was no estimate on how long the new checks would take, but the spokesman said Pentagon officials will be on their toes and aware of what's happening.

    The Defense Department is the federal government's single biggest user of computers. "We have no reason to suspect that any of our systems are in fact involved in this, but we're also not sure until we check."

    Justice Department Producer Terry Frieden and Pentagon Producer Jim Barnett, Technology Editor Ian Hopper and Reuters contributed to this report.



    RELATED STORIES:
    Government sees cyber-attacks as disruption of commerce
    February 9, 2000
    Justice Department wants more funds to fight cyber crime
    February 9, 2000
    Brazilian police arrest two hackers accused of diverting millions
    February 8, 2000
    DVD and the digital copyright act
    February 4, 2000
    CERT warns of malicious code on Web sites
    February 4, 2000
    Legendary computer hacker released from prison
    January 21, 2000

    RELATED SITES:
    Federal Bureau of Investigation - FBI
    National Infrastructure Protection Center


    Note: Pages will open in a new browser window
    External sites are not endorsed by CNN Interactive.

    Search


    Back to the top 2000 Cable News Network. All Rights Reserved.
    Terms under which this service is provided to you.
    Read our privacy guidelines.