IDG News Service - A botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites and causing headaches for businesses in the U.S. and South Korea.
The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission's (FTC's) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT).
"The DOT has been experiencing network incidents since this past weekend. We are working with the U.S. Computer Emergency Readiness Team [US-CERT] at this time," a DOT spokeswoman said Tuesday.
A spokeswoman for the U.S. Department of the Treasury confirmed that the Treasury's Web site had been hit with a denial-of-service attack. "We're working with our service provider to mitigate the impact," she said.
A spokeswoman for the FTC could not say what caused the outage at that agency's Web site, and the US-CERT did not return calls seeking comment.
Other targets have included banking Web sites in Korea, U.S. Bancorp, the U.S. Secret Service, the U.S. Department of Homeland Security, the U.S. Department of State, the White House, the U.S. Department of Defense, the New York Stock Exchange, the Nasdaq and the Washington Post, according to security researchers studying the incident.
The attack, while powerful, is not particularly sophisticated and appears to be more of a nuisance than a threat to security. It uses a variety of well-known distributed denial of service (DDoS) attacks that try to overwhelm Web sites with useless requests and make them unavailable for legitimate users, security experts say. Most of the targeted sites appeared to be working normally on Tuesday.
Such DDoS attacks are relatively common, but a few things make this week's incident unusual. The botnet code behind the attack does not use typical antivirus evasion techniques and does not appear to have been written by a professional malware writer, according to Joe Stewart, a researcher with SecureWorks who has looked at the code.
On Saturday and Sunday the attack was consuming 20 to 40 gigabytes of bandwidth per second, about 10 times the rate of a typical DDoS attack, one security expert said after being briefed by the US-CERT on Tuesday. "It's the biggest I've seen," said the expert, who asked not to be identified because he was not authorized to discuss the matter. By Tuesday it was averaging about 1.2 gibabytes per second, he said.
Security experts estimate the size of the botnet at somewhere between 30,000 and 60,000 computers.
It is also unusual to see relatively low-profile government Web sites being hit. "Who goes around targeting a site like the FAA or the U.S. Treasury? It's not something that most people would think to attack," Stewart said.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you think getting it right from day one is always what matters, you probably haven't been following technology too closely.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
Top Considerations for Moving to a Cloud Delivery Model for ITSM
Find out whether SaaS-based ITSM is right for you
- Software-as-a-service is more than just a cloud-based delivery model-it's a new approach to service that lets companies optimize utilization of in-house IT resources... All Government IT White Papers
- Pre-Engineered solutions from VCE Simplify Core Infrastructure Implementation In this video, the CTO of Purdue Pharma, a privately held pharmaceutical company explains how Purdue transformed their data center infrastructure with VCE.
- Integrated Infrastructure: Simplify Operations, Speed Deployments and Reduce Costs George Weiss, Gartner Vice President and Analyst, and Praveen Akkiraju, CEO of VCE, provide practical information regarding the various aspects of Integrated Infrastructures...
- Video: 5 Secrets To Scaling Enterprise Apps Watch this video to learn how to successfully scale enterprise apps>>
- Collaboration 2013: Where Mobility Meets Connectivity Mobility and collaboration are quickly converging and users are demanding more capabilities. It's no longer enough to enable file sharing. This Webcast dives...
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.