Sign up for our newsletters   

Baltimore City Paper home.
Print Email

Cyberpunk

Hacker Proof

By Joab Jackson | Posted 2/16/2000

The big news in the computer world lately is the temporary shutdown of all the major e-commerce sites by an unknown outside force on Feb. 7-9. Yahoo, CNN.com, Amazon.com, Buy.com, and the online-trading sites E*Trade and Datek were all crashed. Two things about the hack were immediately noteworthy: the sheer size of the sites being hobbled (they're powered by industrial-strength servers), and the fact that no one laid claim to what must have been a massively coordinated effort. Many online observers wondered if a hack this big might have been some sort of protest, against conspicuous consumption or something. Yet no one stepped forwarded or made a statement.

Much of the press assumed it was just the work of a random malicious hacker, a particularly daring bit of sabotage for the amusement and/or approval of his or her peers. If so, it didn't work—the hacker community seems unimpressed.

This I discovered more or less by accident.

On Feb. 13, I was busy watching another hack in progress, at the Web site of Bedford, Mass.-based RSA Security Inc., the self-proclaimed "Most Trusted Name in e-Security." I was marveling at how unsecure RSA's own site seemed to be; it was changing every few hours. At one point it came up as a page of text, reading in part, "Wat up whats up to all my nigs ya know who ya are . . ." Another time the hacker had defaced the actual home page. (This version has been catalogued by the Web site of the hacker magazine 2600: www.2600.com/hacked_pages/2000/02/www.rsa.com/") Still another version appeared for text-only browsers. All the bastardizations included the signifier OWNED BY COOLIO.

Clearly, one of the most trusted Internet-security firms was being vandalized—and a mere two days after the White House announced an Net-security summit to be held this week. Another day in cyberspace.

To get some information on this hack in progress, I drifted to an Internet Relay Chat channel, #desperado, a den usually filled with security consultants, hackers, hacker wannabes, and others interested in network security for one reason or another. There were about 12 people hanging out.

"Did anyone see RSA hack?" I asked to no one in particular. The response was a virtual collective yawn.

"A lame trick," one wrote.

"NOT A HACK," piped up another voice from the depths of anonymous cyberspace.

This sort of Web-page defacement may tantalize us press people, but it didn't even register with this bunch. One pointed out that the RSA site itself wasn't hacked; the vandal was merely redirecting anyone requesting to see www.rsa.com to other addresses, where the phony RSA pages lay in wait. Somebody pointed me to an article in the e-zine United Phone Losers on how this sort of thing is accomplished ("Security Alert—Secure Your Domain NOW!" :www.phonelosers.net/issues/upl016.html ).

In short, these #desperadoes were not easily impressed. So I asked about the massive Web attack everyone was talking about. This had to be the greatest hack of all time, I figured. Even the president had spoken out against it.

Again with the collective yawn.

"Really uninventive," typed one chatter.

"Pfft," wrote another.

"What's to be impressed about?! It's hardly the hardest thing to do, anyone with half a brain could do it," asserted someone going by the handle Narcosis. "[This kind of hack] happens all the time, it's just because high-profile sites were hit that the media and the FBI have taken it this far."

The kind of attack that took down all those sites is called a distributed denial of service. It's an automated process whereby multiple computers can crash a Web server by flooding it with massive numbers of requests to open connections for phony return addresses. And while it takes a lot of time to do it—surreptitiously setting up many computers to perform the appointed task—evidently it doesn't take a genius to do it. The tools to do it can be found on the Web.

Did anyone at #desperado have any idea why it was done? PC_Chick suggested that it may have been inspired by 2600's Feb. 4 call to hackers to protest the Motion Picture Association of America, which is suing to shut down Web sites posting programs that can unencrypt DVD discs ("Hacker magazine calls for movie-business protest": www.cnn.com/2000/TECH/computing/02/04/hacker.protest.idg/index.html). But Chick acknowledged that such a protest would have likely targeted movie-industry sites rather than e-commerce.

"Anyway," Narcosis added, "if this was in protest, they would have released a statement by now saying that's why they did it, it wouldn't be left this long if they were trying to make a point."

Everyone was left wondering about the why. But what really left me wondering was that the largest hack known to the general public is, in the eyes of hackers and security specialists themselves, not all that. In this forum, evidently, size doesn't matter.

Research assistance: David Cassel. Always crashing in the same car: joabj@charm.net.

Related stories

Cyberpunk archives

More from Joab Jackson

#Everything (8/19/2009)
A million conversations are going on right now on Twitter--what do they have to say to you

Three Feet High and Rising (7/22/2009)
Expat Baltimore writer and ex-Last Picture Show lead man Louis Maistros weaves a luring tale from New Orleans

Spy Lame (8/27/2008)
A Book About What Your Stuff Says About You Doesn't Reveal Enough

Comments powered by Disqus
Calendar
CP on Facebook
CP on Twitter