The Web whodunit

No one knows who's behind the wave of attacks on big sites -- but everyone's got a theory.

Published February 10, 2000 5:00PM (EST)

So far, there are few clues pointing to a perpetrator or a motive
in this week's spectacular sabotage of the most popular sites on
the Web. But never fear, speculation abounds -- from the prosaic
"just a bunch of kids with time on their hands" to the flat-out
conspiratorial: Is President Clinton to blame, or those darn DeCSS
hackers?

Since we at Salon Technology don't have a clue what's motivating the
attackers, we thought we'd round up the usual suspects with a
brief survey of who's saying what.

The massive "denial of service" (DoS) attacks began on Monday,
causing a three-hour outage at Yahoo, and have continued on
Tuesday and Wednesday -- knocking out such Net heavyweights as
Amazon, Buy.com, eBay, CNN, E-Trade, Datek and ZDNet for a few
hours each. None of the sites has experienced anything more
severe than some downtime -- a dull fact that hasn't prevented
raucous headlines like "Hacker
Havoc on the Web"
-- but both the government and the media
are treating the onslaught as a serious crime.

The FBI stormed Silicon Valley to talk with afflicted sites and
Clinton said he has "asked people who know more about
it than I do whether there is anything we can do about it."
Attorney General Janet Reno told a news conference, "We are
committed in every way possible to tracking down those who are
responsible," and News.com reported that the culprit could face
up to 10 years
of jail time
and a $250,000 fine. In a nice display of
ironic recursion, ZDNet, a victim of the attack on Wednesday,
ran a story headlined Deconstructing
denial of service attacks,"
explaining how the attack is
achieved and how to guard against it.

So who did it? According to the New York Times, officials
"have not ruled out foreign governments or individuals as the
culprits." Despite the dearth of hard data, Wired News, in a
story headlined "Smells Like Teen Malcontent," suggested the "packet
monkeys"
wreaking havoc on big-name sites are probably
adolescents. A separate story, hyperbolically describing the
attack as a "World
War Internet,"
cast unsubstantiated suspicion on university
students: "The reason: Campuses have fast connections to the
Internet -- necessary to overwhelm sites as large as Yahoo and
Amazon -- and dorm and faculty computers have notoriously poor
security."

Meanwhile, the programmers hanging out on Slashdot engaged in some
head-scratching about who did what and why, and entertained a few
good government conspiracy stories. One post pointed to a
theory
apparently screwed together by Internet gadfly Jim
Warren,
speculating on Clinton administration involvement in
the hack. Warren noted the suspicious proximity of last week's
Clinton's budget proposal -- which earmarked $240 million for
electronic wiretapping systems -- to several concurrent security
breaches, including the string of Net attacks this week. "What
better way to 'prove' the need for massively expanded government
surveillance," suggested Warren, "and create a frenzy of support
for it?!"

In a similar display of conspiracy-mongering, Web designer Ron
Knox posted a message to the NoEnd mailing list, which caters to
Bay Area designers, linking the attack to the outlawed DVD
encryption descrambling program DeCSS. Knox pointed out that on
Jan. 20, after a district court judge prohibited any U.S. Web
site from posting the DeCSS code, hacker groups like 2600 pledged
to protest; less than three weeks later the attacks began.
"Connection?" wrote Knox. "I wonder. Although I would imagine
taking down anything connected with the Motion Picture [Association]
of America (like movie studio sites) would have been more to the
point (and more obvious). But maybe no one would have noticed."

No cynical souls have yet accused the blue-chip Net sites
themselves of conspiring to fake the attacks and generate scads
of publicity -- but give 'em time. You know they're out there.


By Salon Technology Staff



Related Topics ------------------------------------------