Wednesday May 23, 2001
DoS attack disables Net security watchdog
By Robert Lemos, ZDNet News

The CERT Coordination Center -the organization set up to send out computer security alerts-is cut off from the Internet after a denial-of-service attack floods its systems with data.

Unknown attackers inundated the Computer Emergency Response Team Coordination Center with data Tuesday and Wednesday, cutting off the public's access to the organization largely responsible for warning others on the Internet about computer-security threats.

The attack began around 9 a.m. PDT Tuesday and continued to stall traffic to the organization's Web site Wednesday. Access to the site was sporadic early Wednesday, with the Carnegie Mellon University-based center reportedly accessible from the eastern United States but inaccessible to many other users.

"Our connection to the Internet has been largely saturated by this activity," Ian Finlay, an Internet security analyst for the CERT Coordination Center, said in a recorded statement. "The www.cert.org Web site may be unavailable until the attack begins to subside."

Although the attack has prevented anyone from accessing the security advisories on CERT's Web site, the Center said it will still be able to get the word out on critical alerts.

"We have alternate means to issue advisories as it becomes necessary," Finlay said in the statement.

Chris Wysopal, director of research and development for security service firm @Stake, said CERT's predicament was ironic.

"They are the people that tell you how to protect against the problems," he said. "But the fact is, no one can totally protect against these types of attack."

The attack is unlikely to affect the Coordination Center's ability to release critical security alerts, because it's easy to evade such attacks with e-mail, said Wysopal.

However, the attack does underscore the danger in putting the United States' computer-alert teams under one umbrella.

"It highlights the fact that we need many different sources of security info," Wysopal said. "When all the information becomes too centralized, that's a security problem in and of itself."

While CERT is an important security advisory group, several others exist, including the Computer Incident Advisory Center, so-called information sharing and analysis centers and several advisory sites run by security companies.

Back To The Study

Home | Contact The Help Desk | Internet & Marketing Services