Tech Industry

National computer-security site attacked

A denial-of-service attack causes problems for those wanting to access the main Web site of the Computer Emergency Response Team's Coordination Center.

The Computer Emergency Response Team's Coordination Center, an important national clearinghouse for computer-security information, came under attack Wednesday, leaving its main Web site only intermittently reachable.

The so-called denial-of-service attack didn't affect the group's ability to push security incident information to its members, but made public access to its sites a crapshoot.

"We are working with our service providers to resolve this problem," Bill Pollak, public relations coordinator for the CERT Coordination Center, said in a statement.

A denial-of-service attack can take one of two forms: a flood of data that overwhelms the Web server or the bandwidth leading to the server, or a specific command crafted to disable critical servers or Internet routers. The CERT Coordination Center would not identify which type matched the attack it was suffering from.

The group, based at Carnegie Mellon University in Pittsburgh, Penn., coordinates the communications among the myriad response teams scattered among U.S. universities, companies and government agencies.

It has public Web sites to inform both members and non-members of threats but also has private networks capable of alerting members to high-priority computer-security incidents.

Officials at the CERT Coordination Center would not give details of the attack but earlier acknowledged that such attacks are not uncommon. In May, the group suffered a similar attack.

"We get attacked every day," Richard D. Pethia, director of the Networked Systems Survivability Program at Carnegie Mellon's Software Engineering Institute, said in a May interview. "The lesson to be learned here is that no one is immune to these kinds of attacks. They cause operational problems, and it takes time to deal with them."

The CERT Coordination Center is part of Carnegie Mellon's Software Engineering Institute.