Leading Web sites under attack

Amazon.com, eBay, Buy.com, CNN.com, Etrade, and ZDNet were targeted by "denial of service" attacks that rendered their Web sites largely inaccessible.

Greg Sandoval
Greg Sandoval Former Staff writer
Greg Sandoval covers media and digital entertainment for CNET News. Based in New York, Sandoval is a former reporter for The Washington Post and the Los Angeles Times. E-mail Greg, or follow him on Twitter at @sandoCNET.
5 min read
Several major Web sites have reported attacks over the past few days that rendered their sites largely inaccessible.

E-commerce giants eBay, Amazon.com and Buy.com, along with Yahoo, news site CNN.com, online trading sites E*Trade and Datek, and technology information provider ZDNet have reported similar attacks.

This is relatively easy to do and not easy to defend against. The FBI today held a press conference to address the recent denial of service attacks. Attorney General Janet Reno said that federal law enforcement officials will combine their resources to combat online vandalism.

The FBI would not disclose how many agents it is dedicating to the effort, but Ron Dick, chief of the Investigations and Operations section for the National Infrastructure Protection Center (NIPC), said: "As many as it takes."

This morning, E*Trade and ZDNet confirmed they had suffered from denial of service attacks.

An E*Trade representative said the attack began around 5 a.m. PST and lasted for about one and a half hours. The service has been fully restored, said Patrick DiChiro, an E*Trade spokesman. "The security of the site was never compromised, and neither were our customer accounts."

How a denial of service attack works E*Trade said that only a small percentage of its customers were affected, and the company steered others to live brokers and other alternative trading methods.

Web brokerage Datek Online was affected this morning between 6:35 and 7:05 a.m. PST, according to a spokesman. He said the company noticed that customer traffic accessing its site from one of its many Internet service providers had dropped to 10 percent of normal.

"That is a significant drop," said Michael Dunn, adding that neither the security of the site nor any customer accounts were breached because only the ISP used by Datek was hobbled.

"We directed traffic from that ISP to the other providers we use," Dunn said.

Robert Borchert, a Ziff-Davis spokesman, said, "All indications were that we were under attack for a denial of service similar to CNN and eBay." As of around 6:45 a.m. PST, the site's service was restored, Borchert added.

Web sites under fire

  Hit by attack* Approximate duration
Yahoo 10:20 a.m.
3 hours
Buy.com 10:50 a.m.
3 hours
eBay 3:20 p.m.
90 minutes
CNN.com 4:00 p.m.
110 minutes
Amazon.com 5:00 p.m.
1 hour
ZDNet 6:45 a.m.
3 hours
E*Trade 5:00 a.m.
90 minutes
Datek 6:35 a.m.
30 minutes
*All times PST

Like the other sites that were attacked over the past few days, ZDNet ranks in the top 25 most visited sites on the Web, according to Media Metrix.

eBay and Amazon confirmed late yesterday that they were struck by "denial of service" attacks, the same tactic that crippled Yahoo on Monday.

Earlier yesterday, Buy.com reported that it was down for about three hours as the result of an attack. Meanwhile, CNN.com, a leading Internet news site, also was victimized yesterday.

The attacks highlight the unique vulnerability of e-commerce: These businesses can be virtually shut down for several hours by faceless hackers, unlike a chain of Wal-Mart stores.

There was no indication yet whether the attacks of the past two days were part of a coordinated effort or the result of "copycats" mimicking the damage that was inflicted on Yahoo.

Sites such as Yahoo and eBay said they are working with the FBI and local law enforcement officials to track down the hackers.

"Like several other major Internet sites, Amazon.com came under a denial of service attack" at about 5 p.m. PST, Amazon spokesman Bill Curry said yesterday. "A large amount of junk traffic was directed to our site resulting in degraded service for about one hour."

Curry added that "service has been restored," but he declined to say whether the attack had stopped or whether Amazon took steps to thwart it.

In eBay's case, the online auctioneer posted a notice on its site notifying users of the problem about 3:20 p.m. yesterday, eBay spokesman Kevin Pursglove said.

"The preliminary finding is that indeed we did suffer a service attack similar to the events (on Monday)" against Yahoo, he added.

He said some users complained they were unable to access the site. Others could search the site and bid on items, although the site was sluggish. He contended the site was available to a "majority" of users but cautioned that all findings were preliminary.

Later yesterday, eBay posted a notice stating: "While the vast majority of service has been restored, we are experiencing issues with the pics servers which may be related to earlier issues.

"We continue to take multiple measures to fight this, including working with local and federal authorities, ISPs including Sprint, UUNet and AboveNet, our vendors including Cisco, our partners, and other Internet sites that have recently been attacked in the same way."

eBay added that the attack "has not and does not jeopardize data, such as credit card information or auction information."

A denial of service outage occurs when attackers bombard a Web site's servers with fake packets of requests for information. When the server responds, the attackers' system steps up the barrage by sending more requests. The affected Web site struggles to keep up with the mounting number of requests, slowing performance for users or ultimately crashing the system.

Keynote Systems, which measures the performance of Web sites, said the attack on eBay was similar to the other attacks.

It "looked very similar Shutdown
special report to Yahoo and Buy.com," said Daniel Todd, Keynote's director of public services. "It basically looked like a complete blackout at this point."

In Yahoo's case, the attack was focused on the company that hosts its Web sites, GlobalCenter. But the service attack against eBay struck at several points across the Internet, Todd said.

The attacks weren't limited to e-commerce and portal sites. CNN Interactive, which operates CNN.com, said late yesterday the news site also was struck by a denial of service attack.

"At 7 p.m. (EST) tonight we were attacked by hackers," said spokeswoman Edna Johnson.

Johnson added that by 8:45 "blocks" had been implemented to defend against the attack. "We are still under attack, but we (have) significantly improved what we are able to provide."

News.com's Jeff Pelline, Scott Ard, Jim Hu and Sandeep Junnarkar contributed to this report.