DoD Net Administrators Must Check for Hacker Denial of Service 'Tools'
By Jim Garamone
American Forces Press Service
WASHINGTON, Feb. 10, 2000, Feb. 10, 2000 All DoD network administrators will check their computers and servers to ensure they're not infected by hacker tools that can be used for denial of service attacks, DoD officials said Feb. 10.
Hackers launched denial of service attacks on some of the leading Web sites in the country including Amazon.com, Yahoo.com, E*Trade, eBay and Buy.com and shut them down for varying amounts of time. In such attacks, hackers invade vulnerable computer networks and then plant and trigger a control program called a "tool" that forces the host systems to send a continuous stream of bogus messages to a second victim's computer system.
The more computers infected by tools, the larger the message stream and the harder it is to identify the hacker. Eventually the stream swamps the victim and forces a shut down until defenses are installed or the victim can pinpoint the infected hosts and get them to stop.
"We have not felt the attack and we have nothing to suspect that our systems have been used as agents to make the attack," said Pentagon spokesman Rear Adm. Craig Quigley during a press conference. "We think it is a prudent thing to check."
Hackers can plant and launch their tools without operators even being aware their computers are taking part in an attack.
DoD's Joint Task Force -- Computer Network Defense is monitoring the department's computer networks, which have not been the targets of these hacker attacks.
"Boy, it's something we're watching very carefully, but we have not been hit," Quigley said, although DoD would be vulnerable to such attacks. "We're asking network administrators around the department to take a look at the computers on their networks, to take a look at the drives to see if someone has planted some of this denial of service tools on the drives of DoD computers."
If network administrators find their system is infected by a tool, they must shut down and remove it. He said no date is set for the finish of this project.
Quigley stressed that no evidence points to any DoD computer system being involved in the attacks. The department is the federal government's biggest single user of computers, however, and, "We won't know unless we check," he said.
DoD officials are working closely with the National Infrastructure Protection Center on the attacks, Quigley said.
There is no real way to defend against the attacks, but the best defense is awareness.
"Just be on your toes and be aware of what's happening," he said. "Monitor your systems, know how they are working and note changes."