Originally created 02/11/00

FBI plans massive search



FBI officials said Wednesday they are launching the largest-ever computer crimes investigation to catch the perpetrators of a series of cyberattacks that have temporarily crippled some of the world's most popular Web sites.

The attacks disrupted service for millions of Internet users by temporarily overloading Web sites starting with Yahoo.com on Monday, sweeping through others including auction site eBay on Tuesday and, on Wednesday, pummeling leading financial sites such as ETrade.com and Datek, plus the ZDNet news site.

The aggressive government response, involving Attorney General Janet Reno, reflects not only the Internet's central role to the nation's economy, but a sense among officials that it is also an increasingly important public communications tool.

Authorities said they have not identified any suspects, and some FBI officials speculated that the crimes could be the work of overseas terrorists "trying to misuse the Internet to the detriment of the United States."

"This is a wake-up call," Department of Commerce Secretary William Daley said. "It's obvious from the news of the last few days that (law enforcement) efforts have to be expanded on."

But underscoring the ease with which such crimes can be committed in the Internet age, computer-security experts said that this massive Internet sabotage could just as easily been pulled off by a teen-ager typing away at an ordinary PC.

In fact, the federal probe is likely to focus on the murky world of computer hackers, an underground populated mainly by loose bands of adolescent males seeking virtual thrills and peer recognition.

No group has claimed credit for these recent attacks, but their magnitude has already earned the anonymous perpetrators a permanent place in the computer-crime pantheon.

"This is much bigger than the hacking of ... the White House Web site," said Weld Pond, the handle of a hacker who was one of the original members of a hacking group in Boston called Lopht.

Nevertheless, he and other hackers expressed a certain amount of disdain for the latest attacks, saying they are impressive for their audacity and magnitude, but required little technological sophistication in an age when hacking tools are as easy to find on the Internet as food recipes.

"The technology is such that it could almost be one person, even a 14-year-old kid" said Weld, who requested anonymity and now works as a researcher for Atstake.com, a computer-security firm. "But it's probably a small group of people. Typically, a lot of these things are just done for bragging rights."

At a press conference Wednesday, Reno pledged a massive mobilization of resources, including cooperative efforts with the U.S. intelligence community and military investigators.

"At this time we are not aware of the motives behind these attacks," Reno said, "but they appear to be intended to interfere with and to disrupt legitimate electronic commerce."

Reno said the National Infrastructure Protection Center, a section of the FBI, is working closely with agency field offices and specially trained prosecutors around the country. She declined to say whether the agency has any significant leads, but other federal officials privately said the attacks appeared to have been "bounced" through computer networks in New York, Chicago and Dallas.

The attacks appear to be violations of the computer fraud and abuse act, a federal statute that makes it a felony to cause damage to computers. Sentencing guidelines call for a minimum of six months in jail for each count, and a maximum of five years and fines of up to $250,000. Officials said each intrusion could constitute a separate count.

But even with this enormous commitment of resources by law enforcement, many security experts remained skeptical that whoever is behind the attacks will ever be caught because the hacking technique used is extremely difficult to trace.

[bf](Begin optional trim)

The attacks involved a technique known as "distributed denial of service" in which a small army of computers is used to bombard a particular Web site with so many requests for information that the site collapses under the load.

Experts said the attacks probably began with the downloading of a hacking tool that probes university, corporate and government networks for unprotected machines. These machines are then instructed to coordinate the simultaneous bombardment.

[bf](End optional trim)

The sheer enormity of the attack means that hundreds and perhaps thousands of computers were involved, Poulsen said.

The strategy takes advantage of hacking programs readily available at numerous Web sites. Such attacks are nearly impossible to prevent and difficult to trace because they come from disparate locations and carry fake return addresses.

Even extensive efforts to retrace the attacks could lead to a series of dead ends if the perpetrators took measures to disguise their work.

If the people behind the attacks are caught, many believe it will be because of human weaknesses -- bragging or clumsiness -- not technological ones.

On Wednesday Reno appealed to Congress to approve Clinton's request for $37 million to help the FBI fight cyber crime, a request that was part of the administration's budget announced earlier this week.