The most serious attack on the internet in more than a year stranded millions of online and phone users and knocked out bank machines across the United States on Saturday, in what security experts feared was just a prelude to a bigger cyber-assault.
Internet traffic slowed to a crawl because of the fast-spreading ”slammer” attack which appeared to have hit hardest in Asia.
The slammer affected nearly 250 000 computers worldwide by Saturday evening, said Vincent Gulloto, vice president of MacAfee Avert Labs and leader of Network Associates’ Antivirus Response Team.
The attack focused on Microsoft’s popular database software ”SQL Server 2000” and struck in the United States on Saturday.
Slammer is considered a computer worm, which unlike a computer virus does not require a user to open an e-mail attachment or initiate any other type of command to infect the computer, and can spread undetected without a user doing anything to help it along.
The cyber-attack prevented most Bank of America customers from withdrawing money from the company’s 13 000 ATM machines and also knocked out some trans-Atlantic Internet and phone service.
The attack was similar to the ”Code Red” virus that affected 300 000 computers in July 2001, and it was the largest attack on the internet since the Nimda virus struck on the one-week anniversary of the September 11, 2001, terrorist attacks.
Computer experts fear slammer could be a ”test fire,” setting up a larger cyber attack in the future.
”It may be tomorrow, six days or six years, but we’ll see this kind of attack again,” said Alan Paller, director of research at the SANS Institute, a Bethesda, Maryland high-tech security organisation.
In fact, the slammer attack may have been specifically designed for a weekend strike so hackers could gauge how much damage could be done in advance of launching a more devastating attack, security experts said.
Still, US companies collectively wiped their brows, thankful the hit came on a weekend so their systems could be fixed without disrupting business.
Traffic control sites worldwide noted the slowdown in e-mail and other transmissions at around 0530 GMT Saturday, but the situation returned more or less to normal by 1500 GMT, according to the National Infrastructure Protection Centre (NIPC) and the CERT, a private internet-monitoring group that offers advice on network protection.
High-speed Internet networks went down across South Korea on Saturday in what telecom engineers said was the country’s worst breakdown in telecommunications systems, according to US computer security experts who were monitoring the online chaos globally.
Internet service lines, including those of Korea Telecom, Hanaro and Dacoom, were all paralysed, but US telecom authorities said a back-up system was being put in place on Saturday. – Sapa-AFP