You can come out from under your desks now the hackers are gone.
Don't worry that the "cyber-terrorists" who recently shut down sites like Yahoo, eBay and Amazon.com will come after your personal home page. There's no need to unplug your PC from the wall for fear that one of those pimple-faced assassins will turn your "My Computer" icon into "Their Computer."
Sure, the federal government treated the hacker attacks like some sort of digital D-Day. Attorney General Janet Reno announced a full-fledged investigation, and even President Clinton said he was looking into it.
The news media, meanwhile, attacked the story with a zeal unseen since a certain White House intern decided not to dry-clean a certain blue dress.
Despite these histrionics, nothing much of consequence actually happened. In fact, the Big Hack Attack will end up doing more good than harm by encouraging Internet service providers to bring their defense systems up to 21st century standards.
Let's dispense with breathless descriptions of "denial of service attacks" and "ping floods" and get down to what actually happened: Somebody rigged a bunch of computers to send a very heavy load of traffic to some of the Web's most popular sites. The other key fact: Because software designed to make this happen is widely available, that somebody could be almost anybody.
Plan of attack
The first thing these hackers did was search the Net for poorly defended computers. They weren't looking for home PCs, mind you, but for persistently connected machines like those at Internet service providers and universities. While these computers should be prepared for such intrusions, many are not.
When they found suitably susceptible machines, they secretly installed software that can send traffic wherever and whenever the hacker chooses. After repeating this step dozens or hundreds of times, the hackers remotely ordered all these little software programs to send a flash flood of data directly at whatever sites they wanted to take down.
No Web site is immune from this sort of attack because there's no way to predict which machines will be sending the traffic. When the flood comes, your site drowns in data until you can track down the source of the streams and stop accepting traffic from those machines essentially plugging virtual thumbs in the dyke.
What was lost in the media coverage of these attacks is that nothing was really damaged. No pages were hacked, nobody's credit card was stolen, and the sites were back to normal after a couple hours of down time. It was as though a group of protesters blocked a store entrance for a few hours before the police shooed them away. But you wouldn't see Janet Reno getting all worked up about that.
Market analysts hinted the attacks would erode confidence in online shopping, but how could that possibly be true? You're telling me a store that's open 24 hours a day, seven days a week for a few years straight is going to lose customers because it's closed for a couple of hours? Even Apu at the Quickie Mart gets more time off than that.
As it turns out, I was as much a victim as anyone else. The afternoon Yahoo was taken down, I was trying to reach the site. After a minute or so of unrequited clicking, I figured something was wrong and surfed elsewhere. Later, I tried Yahoo again and everything was fine. Gosh, I just feel so used.
I'm not saying the hackers did no harm at all. The sites certainly lost a little business, and whoever shut them down should be held responsible for those losses. But treating these attacks like a federal emergency will inspire copycats and give off-liners another unwarranted reason to fear the Net.
"Honey, if you plug in that computer, those hackers are gonna just shut it down like they did to that eBay Amazon guy," they'll say. "Better hook it up to the generator."
Stunts like these are best seen as a reminder that the Net isn't as secure as it could be. If companies and campus officials respond by improving the security of their networks, as seems to be happening, then the recent attacks may end up having done more good than harm.
The conspiracy theory crowd will wonder if these relatively harmless hacks are being played up as an excuse to impose more restrictions on the Net. But it's more likely that both the federal government and the media are especially attentive to anything that might trip up the booming online economy. That attitude, combined with a general cluelessness about technology issues, produced what will be remembered in saner times as turn-of-the-century hacker hysteria.
To contact Joe Salkowski, you can e-mail him at email@example.com or write to him c/o Tribune Media Services Inc., 435 N. Michigan Ave., Suite 1400, Chicago, Ill., 60611.
For reprint and licensing requests for this article, CLICK HERE.
Stories You May Also Be Interested In
- www.computer.crime: E-Crime and What To Do About It
- Tech Talk---Media Reaction to Hack Attacks Outweighs Real Threat
- Cybersense---Hackers' 'Patriotic' Attacks Prove to be Misplaced Acts
- Hack Attacks to Cost Sony
- Cybersense - This Hacker Attack Short-Circuited Fortunes of Firm
- UCLA Health Data Breach Disclosed
- Internet Holds Silver Lining for L.A.
- Jane Applegate---Protecting Against Computer Viruses a Wise Investment