Attack On U.S. Internet Sites Flops

Big Story - President Bush visits Iraq
This Internet attack apparently fizzled.

The federal government said that early Tuesday it detected a series of electronic attacks against U.S. Internet providers, launched hours after the FBI alerted technology companies and others of potential trouble.

The alert, based on information from Italian authorities, cited "credible but nonspecific information that wide-scale hacker attacks" were planned against U.S. Web sites and Internet providers, "possibly emanating from Western Europe," a U.S. official said, speaking on condition of anonymity.

"There was a real spike in Internet traffic at odd hours," confirmed Richard Clarke, the Bush administration's top official for cyber-security. "It was clearly unusual because it was five times and seven times normal, but it didn't take anything down."

One firm that monitors the health of the Internet, Matrix NetSystems Inc., said it detected a 1 percent decrease in Internet accessibility within hours of the attacks, and a small number of the 3,000 Internet devices it monitors were completely overwhelmed within the United States. Analyst Abelardo Gonzalez said a 1 percent drop was a rare enough event that it probably reflected an impact from the attacks.

But most such organizations and companies said they barely detected a hiccup of unusual activity, with few reports of odd outages or even widespread e-mail delays.

"We're not seeing anything out of the ordinary," said Marty Lindner of the CERT Coordination Center, a federally funded research lab focused on computer security, formerly known as the Computer Emergency Response Team.

Another sensor network that monitors worldwide Internet traffic using thousands of computers "didn't receive any unusual reports," said Johannes Ullrich, who manages the network, called the Distributed Intrusion Detection System, or Dshield.

Officials said a flood of data spiking nearly 700 percent more than usual was aimed at Internet providers and Web sites on the East Coast starting about 2 a.m. EDT Tuesday, then shifted toward providers and sites on the West coast.

But unlike some recent so-called "denial of service" attacks, which employed hundreds or thousands of computers to overwhelm Web sites, this latest attack appeared to come from a relatively small number of machines, the official said. That allowed Internet providers to protect their networks more easily by filtering data from the attacking computers.

Keynote Systems Inc., which measures the reliability and speed of Web sites and the Internet as a whole, saw no significant degradation during the day. The company checked major Internet highways as well as the performance of individual sites belonging to news organizations, search engines, and companies like Amazon and Microsoft.

"Availability has stayed pretty consistent," said Roopak Patel of Keynote.

Major Internet service providers like Verizon and Qwest also reported no problems.