SCO attacks keep coming back

More Internet attacks cut off access to the SCO Group's servers, as the Unix software company struggles to stop the hackers.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
Robert Lemos
2 min read
More Internet attacks cut off access to the SCO Group's servers this past weekend and again on Monday, as the Unix software company struggled to stop the hackers.

After the attacks largely abated Friday, they restarted at 3 a.m. PST Saturday until 11 p.m. Sunday, said Blake Stowell, a spokesman for SCO. The deluge of data, known as a denial-of-service attack, restarted Monday morning, and the company's Web site continues to be inaccessible.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

"At this point, we are continuing to use the same tactics: keeping in contact with our Internet service provider and the U.S. Secret Service," Stowell said.

The Web site and file servers have been inaccessible for five of the last seven days. If such attacks continue, the company could find itself unable to communicate with customers.

Groklaw, a legal analysis site that has been critical of SCO, cast doubt on the company's claims that it can't do anything about the attack. Such attacks can usually be largely mitigated by buying up more bandwidth and connecting through Internet service providers that have special technology aimed to defeat the assaults.

Security experts said previous attacks in May and August should have put adequate pressure on the company to take steps to protect its connection to the Internet.

"There are definitely things out there that they can buy or services that solve this problem," said David Moore, assistant director and researcher at the Cooperative Association for Internet Data Analysis (CAIDA) and an expert on denial-of-service attacks. "It is just a question of how important your Web site is to you and how much you are willing to spend."

CAIDA studied last week's attacks and found that SCO's servers had responded to more than 700 million requests in fewer than 32 hours. The requests took up computing resources and consumed Internet bandwidth as part of the denial-of-service attempt.

Lindon, Utah-based SCO has attracted the ire of the open-source community for its pursuit of a legal case that, if successful, would essentially give SCO rights to important parts of the Linux source code.

Most Linux users don't seem to be taking SCO's claims seriously, however, and the case shows little sign of slowing the growth of the operating system. A recent report market researcher IDC published found that sales of Linux servers grew almost 50 percent in the third quarter of 2003, compared with the same period a year earlier.