Originally created 02/10/00

Web attacks bring down popular Web sites



WASHINGTON -- Internet vandals today continued an unprecedented campaign of electronic assaults against the biggest names in cyberspace, disrupting access for consumers to the some of the Web's most popular sites.

The ETrade online brokerage said today its Web site was attacked, but "customer accounts were never compromised," spokesman Patrick DiChiro said. Fewer than one-fifth its customers were affected by the clogged traffic for about 90 minutes before the company blunted the attack, he said.

ZDNet.Com, a popular news site that covers technology, said its Web site was shut down for two hours early today and also "appeared to have been the target of a denial-of-service attack."

Flagship sites that fell under attack Tuesday included those of eBay, Amazon, CNN and Buy.Com, all in unusually forceful assaults similar to one that overwhelmed Yahoo! a day earlier.

President Clinton said he didn't know if there was anything Washington could do. "But I have asked people who know more about it than I do whether there is anything we can do about it," the president said today as he left the White House for a trip to Texas.

Investors have been mostly unfazed by the attacks, even boosting some of the shares afterwards. At midday today, ETrade was down 75 cents a share at $22.25 amid a 35-point decline on the Nasdaq Stock Market. Among the week's other victims, Amazon.com was down $1.87« at $81.25, eBay was down $6.50 at $163.25, Yahoo! was down $12.50 at $364, and Buy.com was up $3.18† to $28.31¬.

eBay Inc., the online auction site with more than 10 million customers, said engineers were able to restore full service just before midnight EST. The company offered to credit any customer whose auctions were affected by the sabotage.

Amazon.Com Inc. said its site was inaccessible for more than an hour late Tuesday because large amounts of "junk traffic" were aimed at the company's computers, tying them up and preventing nearly all its customers from making purchases.

All the companies hit said hackers did not gain access inside their computers or retrieve information about their customers.

CNN said its Web site was "seriously affected." It fell under attack for nearly two hours before technicians were able to shield its computers from the hackers late Tuesday night.

eBay said it called the FBI, and that early signs showed problems caused by the same type of electronic assaults as those launched against Buy.Com Inc. earlier Tuesday and against Yahoo! Inc. on Monday.

Tuesday's attack against Buy.Com, which claims more than 1.3 million customers, apparently was timed to coincide with the company's initial stock offering. Chief executive Greg Hawkins described the sabotage in a statement as "an outside coordinated attack to our network that prevented access to our system." Some customers on the West Coast were unaffected.

"The whole thing happened so quickly," said Mitch Hill, the company's chief financial officer. He said the attacks were traced to powerful computers in Boston, New York and Chicago, and that Buy.Com planned to contact the FBI today.

These moves followed a brazen electronic attack Monday that for hours crippled Yahoo!, among the most popular sites on the Internet, though it was impossible to know immediately whether they were related.

"It's still in the early stages, but we're working to see if there are any common denominators," eBay spokeswoman Kristin Seuell said.

The problems also illustrated again the unique threats faced by online companies. Unlike their brick-and-mortar counterparts, these attacks using remotely controlled "zombie computers" can effectively shut down every Web storefront of an entire corporation.

Jeff Mallett, president of Yahoo! Inc., confirmed Tuesday that the FBI also was investigating the sabotage against his company. Mallett said the company, which makes most of its money from Internet advertising, does not anticipate a serious financial impact. In fact, its stock rose more than 5 percent Tuesday, or $19.13, to close at $373.13.

Yahoo!'s flagship Web directory handles 36 million visitors each month.

Among the Internet underground, where craving for publicity often fuels dramatic attacks against high-profile computers, no one claimed responsibility for the moves against eBay, Amazon, Yahoo! or Buy.Com.

"This is unfortunately one of the outcroppings of being a leading communications medium company," Mallett said. "Bad people do bad things. It's going to continue to happen, (but) the penalties are pretty severe."

Mallett and technical experts believe that about 50 powerful computers were hacked across the United States -- a fairly trivial task -- and instructed simultaneously to send falsified data to "routers" on the Internet that, in turn, were fooled into flooding the Yahoo! Web site with electronic signals.

Mallett estimated that during the attack's peak, Yahoo! was drowning in one gigabit of incoming data every second. A gigabit is roughly 130 million characters of standard text.

"Most sites don't get that in a year," spokeswoman Diane Hunt said. "That's an incredible amount."

Hunt said that while recovering from the overload, Yahoo! accidentally introduced a bug into its Web-based e-mail system that caused some messages to get garbled. She said the information wasn't lost and the company was working to restore the messages.

Buy.Com's chief executive estimated his site Tuesday was hit with 800 megabits every second, or eight times his site's capacity. He called the crush of data traffic aimed at his company "unprecedented."