Forwarded from: "Arthur, T.A., CTR3" <AATHEODat_private> Why is a DIRECTOR of any kind of Cyberspace Security, let alone the Whitehouse director saying things like "Driven to the backstreets and back alleys of the Internet"? Alarm bells are ringing. Secondly, was the estimate (even the far fetched, over-inflated estimates some companies put out) ever stated as in "the BILLIONS"? Further, this article is toned as if the concept of a DDOS is new and "slapper" is a new threat, but the cited examples of EBAY and YAHOO hacking were years ago. Be careful folks, something wicked this way comes. -Ted -----Original Message----- From: InfoSec News [mailto:isnat_private] Sent: Thursday, November 14, 2002 1:42 AM To: isnat_private Subject: [ISN] Hackers could be planning major attack, says White House http://www.govexec.com/dailyfed/1102/111202h1.htm By Shane Harris sharrisat_private November 12, 2002 A new computer worm infecting a popular World Wide Web technology is proof that computer hackers have grown more sophisticated and could be preparing a significant attack, according to a senior White House official. Marcus Sachs, director of communication and infrastructure protection at the White House Office of Cyberspace Security, said hackers driven to "the back streets and back alleys of the Internet" by intense law enforcement scrutiny following the Sept. 11 attacks have quietly been building new threats. The new worm, widely known as Slapper, is a prime example of their abilities, he said. Officials believe millions of devices are vulnerable to Slapper, which is a computer code that burrows into a server, the program that provides the files that constitute Web pages. It enters through a well-known weakness in the Secure Socket Layer (SSL) that connects servers to the Internet. Once inside, the worm forces the server to seek out other infected machines, forming an army of so-called "zombies" that could bombard Web sites with bogus requests for information, causing a massive traffic jam on the Internet. The attack method, known as a distributed denial-of-service attack, has been used to disrupt service on sites such as Yahoo! and eBay. Attacks last year by other worms, such as Code Red and Nimda, caused billions of dollars in damage and targeted some government Web sites, including a White House server. The Slapper worm was identified two months ago, but federal officials still are concerned that many infected or at-risk organizations and individuals haven't taken adequate steps to protect themselves. The FBI's National Infrastructure Protection Center has found four variants of the worm, and notes that rates of new infection have declined. However, the agency also has warned that between 25,000 and 30,000 servers have already been infected. A steady buildup of infections preceded the Code Red and Nimda attacks. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Nov 15 2002 - 05:53:53 PST