FBI, Mounties hunt Internet hackers

[InfoSec News <isn () C4I ORG>]

http://www.canoe.ca/TechNews0008/15_hackers.html

Tuesday, August 15, 2000

Edmonton-based service provider attacked

By RACHEL EVANS -- Edmonton Sun

RCMP are working with the FBI to track down computer hackers who
overloaded an Edmonton-based Internet service provider yesterday,
denying access to some customers.

Edmonton RCMP found the "denial of service" attack on OA Group Inc.'s
server that barred subscribers from logging on to their Internet
accounts originated in Chicago and they were working with the FBI to
zero in on the culprit, said RCMP Cpl. Gibson Glavin.

"We work with the FBI regularly in this section working with Internet
crime," he said.

"The victims being here in Canada and the source of the attack being
in the United States, we would try to extradite whoever it was that
was responsible."

The hacker could be charged with mischief in relation to data under
the Criminal Code of Canada, which carries a maximum 10-year prison
term for an indictable offence or six months in jail and/or a $2,000
fine for a summary conviction, Glavin said.

He added the motivation for the attack will likely determine what
charges are laid. He speculated the motive may be to create a nuisance
or it may be a specific attack on a business.

OA Group Inc. provides an Internet pipeline and at 7 p.m. Sunday
someone sent a massive amount of garbage information to someone on the
system.

Security features protected OA Group's system, said marketing
vice-president Don Riep, but access to up to 800 subscribers' Web
sites was slowed down or denied because the pipeline became clogged.

The server either shuts down or becomes busy with the bogus requests
during such an attack.

"We basically blocked the traffic from coming in to our clients," Riep
said of how the company combatted the attack.

"Number 1 is to protect our network, which is what we did. There's
nothing we can do other than contact the guys upstream (larger
Internet providers) to protect themselves. We pulled a lot of strings
to have this happen as fast as it did."

The network was running at about 90% full function last night, he
said, adding the cost of the attack wasn't yet known.

The last such attack on the system occurred four or five years ago and
lasted about 10 minutes, Riep said.

He added such attacks do happen on the Internet but the one that hit
them this week was "a large attack."

Videon fought off a similar attack in February when some U.S. Internet
giants were crippled.

Officials at Videon's cable Internet service said they fought off a
"smurf" attack and beat it in an hour so that few customers would
notice the brief slowdown.

An expert said the local company was able to beat the onslaught while
Yahoo, Amazon.com and Toronto-based music retailer HMV.com were
crippled the same week because Videon can shut down the flow coming in
because most of its flow is outgoing.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".