Install

Get the latest updates as we post them — right on your browser

. Last Updated: 07/27/2016

Attack Exposes Net Weakness

WASHINGTON -- Computer saboteurs have paralyzed a New York Internet access company with the first major use of an electronic attack method that experts say could shut down virtually any Internet service in the world.


Beginning on Sept. 6, the still unidentified hackers flooded Public Access Networks Corp. (Panix), which serves about 6,000 individuals and 1,000 companies, with streams of messages that overwhelmed its computers, forcing the service to shut down for hours at a time.


Security specialists said Wednesday that the attack underlined the vulnerability of the global network and predicted that it would be used again.


William Cheswick, a scientist at Bell Labs, said that when he and a co-author were finishing an often-cited book on Internet security, they purposefully deleted a description of the kind of attack used on Panix. "It has horrendous results and we didn't have a way of fixing it," he said.


Here's how the attack worked: Beginning Sept. 6, Panix's computers began receiving special streams of packets, or snippets of information, with fake, randomly generated return addresses. The messages are very difficult to trace, making it hard to identify the culprits.


These types of packets essentially send a wake-up call to the receiving computer, checking that it is ready to receive information from the network. If the packets are legitimate, the computer handles them in a fraction of a second. If they have a confusing address, the computer will hold them for 75 seconds before discarding them.


Panix's computers -- like many on the Internet -- can hold fewer than a dozen such packets. But Panix's computers began receiving as many as 50 of such packets per second and were soon overwhelmed by a flood of bogus messages.


To try to shield their system from the attack, Panix managers were forced to block all incoming messages for hours at a stretch. Although Panix president and founder Alexis Rosen worked frantically to stem the problem, it stopped only when the stream of messages subsided.


No company is immune to these kinds of attacks, Cheswick said. "This is probably the most effective of these attacks that I know of,'' he said. "We're going to see more of it."