Web attacks, because “It is there”: Unidentified crackers, in an apparently coordinated effort this last week, have caused many commercial Web hubs to crash or be forced to unplug from the Internet.
ZDNet, E*Trade, Yahoo, CNN, Amazon, Buy.com and eBay are among those seriously assailed, disrupting business for millions of Neters and causing lost revenues. The FBI has been called in.
The Denial-of-Service (DoS) attacks, solely intended to shutdown major Web-based systems, have not breached or compromised sensitive data. The perpetrators accomplish their devious intent by flooding a target Web site with requests for data, causing the site’s servers to overload. It has happened before.
Yahoo, the Internet’s first search engine site, draws 35 million visitors each month. One of the few who operate in the black, their bulk revenues are generated from advertising fees from 3800 banners throughout their pages.
Amazon.com, the largest bookstore, is becoming the biggest anything-store for such things as electronics, gifts, CDs and videos. They have invested in companies that supply groceries, prescription drugs, and pet supplies. Founder Jeff Bezos owns 42% of the company.
The online auction service of eBay sells 2,000 categories of merchandise, from antiques to Beanie Babies. Thirty-three million items were auctioned electronically in 1998 to about 7.7 million registered users. From their profits, a small percentage of each sale, they have acquired Butterfield & Butterfield, a traditional auction house. Chairman and founder Pierre Omidyar owns about 31%.
The whole of the Internet was unaffected during and after these daily intrusions. Most of those sites affected were fully functional within hours. The never-closed dependence of instantaneous information flow is sustained, overall. Barry Parr of International Data Corp. emphasizes that the Internet is “…much more reliable than the cell phone system.”
Although more widely reported, a Net paralysis is less injurious than the consequences of a nuclear power plant leak or an airline crash (e.g., recent Alaska Airlines). Lise Buyer of Credit Suisse First Boston says, “No individual has lost money or their privacy. This is simply vandals blocking the entrance way.”
The perceived risks are often greatly exaggerated because of their unfamiliar nature. Todd Gitlin at New York University said, “It’s how people feel about big blackouts in New York or an earthquake in California that confirms their intelligence not to live in those places.”
“It’s the engineering mentality,” Howard Besser at UCLA said. “Humans can triumph over nature, and we can totally control things. The natural order is that there is going to be problems. In order for something to be totally foolproof, you would have to make a world that I wouldn’t want to live in.”
Law enforcement have their tools for tracking the perpetrator(s), but the process is a logistical nightmare. Each intrusion incident helps the FBI pinpoint the source. Weld Pond, with L0pht, a computer security group, says, “Although not impossible, it’s hard to trace these things back, unlike tracing telephone calls.” More likely these attacks will lessen and the offenders will vanish.
An estimated hundred million people use the Internet in the US alone. Consumer purchases for goods and services on the Web last year were approximately $66,000M, in addition to investing, banking, and communicating.
The network is not a perfect medium for unguarded commerce. The laissez faire presumption of private conversations and secure transactions is clearly shaken. But neither should it all be judged as faulty.
Doom-sayers challenge the whole electronic instantaneousness as unreliable and dangerous. The mindset is ripe for doubt, as if superstition for this magical kaleidoscope were to breed latent fears and distrust.
Technologists are quick to patch, then plug, such security holes as events like these compel them. Bullet-proofing electronic storage and distributions systems from maliciousness might never be fully achieved. But neither should security be shrouded in carelessness, such as leaving credit cards or cash lying around.
Some are concerned more about backlash than vandalism. “The government or large companies may seek legislation that may be too onerous for the general populace, such as tracking people’s movements on the Web,” said Paul Saffo of the Institute for the Future. “God help us if Congress gets involved in trying to regulate the Internet.”
Dr. Nick Lawrence of Lawrence Technologies (Dallas, TX)—who lives in Paradise Valley, MT during the non-winter months—suggests a reasonable security precaution for the Internet user: “Turn off such things as scripting and cookies for everyday use of your Web browser. Then turn it on if you need to hit travelocity.com or etrade.com that requires it. Then turn it off again.”
The first guardians of our affairs are us. Neither should we be complacent
or terror-sticken. Abandoning or curtailing Internet activity—return to
the old ways—is no more practical than the “doesn’t bother me”
indifference.