Online attack hits US government Web sites

July 8, 2009 - 2:58 am | 27 views

Technology.am (July 8 ,2009) — A botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites. It causes headaches for businesses in the U.S. and South Korea.

US-gov The botnet code behind the attack does not use typical antivirus evasion techniques and does not appear to have been written by a professional malware writer, according to Joe Stewart, a researcher with SecureWorks who has looked at the code.

The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission’s (FTC’s) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT).

On Saturday and Sunday the attack was consuming 20 to 40 gigabytes of bandwidth per second, about 10 times the rate of a typical distributed denial of service (DDoS) attack, one security expert said after being briefed by the U.S. Computer Emergency Readiness Team [US-CERT] on Tuesday.

By Tuesday it was averaging about 1.2 gibabytes per second, he said.

Security experts estimate the size of the botnet at somewhere between 30,000 and 60,000 computers.

The U.S. Department of the Treasury confirmed that the Treasury’s Web site had been hit with a denial-of-service attack. The FTC could not say what caused the outage at that agency’s Web site. It is also unusual to see relatively low-profile government Web sites being hit.

Other targets have included banking Web sites in Korea, U.S. Bancorp, the U.S. Secret Service, the U.S. Department of Homeland Security, the U.S. Department of State, the White House, the U.S. Department of Defense, the New York Stock Exchange, the Nasdaq and the Washington Post, according to security researchers studying the incident.

Further Reading