22 January 2002 An Internet service provider (ISP) has been forced to close following a crippling denial of service (DoS) attack.
Emeric Miszti, CEO of Basingstoke, England-based ISP Cloud Nine, said that he was forced to close down all the company’s operations and pay off staff this morning after concluding that he could not beat the attackers.
“We tried overnight to bring our web servers back online, but were seeing denial of service attacks against all our key servers, including email and DNS [domain name servers],” Miszti told online Internet magazine ISPReview.
In a tacit admission, perhaps, that the ISP’s infrastructure design had left it exposed to such an attack, Miszti said that the company’s network would have had to have been re-designed to stop the attack and prevent a repeat in the future.
Furthermore, the ISP’s disaster insurance would not cover all the costs of re-building the network, which would be substantial given the haemorrhage of customers the company has suffered as a result.
The company claims that an initial attack was made against its firewall, which it tightened up in response. “What followed was first a firewall password brute force attack, resulting in successful hash and destruction of the firewall,” it told ISPReview.
Cloud Nine was subsequently unable to bring any of its servers back online. The attack had been happening for a couple of weeks, but the company only went public on Friday 18 January.
Cloud Nine was set up six years ago and became a popular second-tier dial-up and broadband ISP. It also hosted a number of business web sites. Miszti described the attack as “cyber terrorism”, but admitted that he had no idea who might have been behind it.
The aim of a DoS attack is to overload a system by sending it a stream of data from a variety of compromised sources, causing the target to crash and consequently become inaccessible. It is a favourite activity of “script kiddies”, who scan the Internet for Trojan horse programs that have been implanted on PCs and servers, typically by email borne viruses.
Flood warning (September 2001)
Distributed denial of service attacks are renowned for their ability to cripple IT systems by overloading servers with traffic.