Web Attacker Shuts Internet Provider


Online shoppers, erotica enthusiasts and potential Coast Guard recruits nationwide were thwarted over the weekend when an Internet service provider in Santa Cruz was subjected to an electronic attack.

Web Communications, which hosts more than 3,000 sites on the World Wide Web, was shut down for 40 hours beginning at 12:20 a.m. Saturday. As many as 200 messages per second bombarded the company's computers, causing them to lock up, forcing the company to temporarily pull the plug on its operation.

The attacker, whose identity was still unknown, has been traced to Vancouver, Canada.

Because the shutdown took place during a busy holiday shopping weekend, it put a damper on online merchants.

Grady Herring, president of Gospel Roots Networks, had a religious-products sales promotion planned for his Web site and said the shutdown cost him more than $20,000 in sales. Tina Koenig, who sells computer-themed gifts through her Cybercalifragilistic, likened the service outage to placing a bomb in a retail store.

Among Web Communications' other Web sites are a Coast Guard recruiting center in Seattle, the French Embassy in San Francisco and numerous adult entertainment spots. But most of its sites belong to small businesses drawn to the service by inexpensive fees that start at $30 a month.

About 20% of the company's 2 million hits a day are from Internet surfers seeking adult entertainment, said Chris Schefler, chief operating officer.

Web Communications was able to trace the attacker to a computer at Malaspina College in Vancouver. Shortly after the assault began, Web Communications technicians contacted PSINet, which provides it with a connection to the Internet. After 10 hours of testing connections, PSINet concluded that the attack had begun at MCI Communications Corp.

MCI was able to determine that the messages were being routed from a Canadian computer network and eventually tracked it to the college that provides Internet connections to the local school district.

The culprit remains at large. "It's usually just a bored teenager," Schefler said.

Although the kind of attack mounted against Web Communications--called in Internet parlance a syn-flood--once was something that could only be performed by an experienced hacker, syn-flood source code was published in recent months. Since then, MCI reports four assaults similar to last weekend's against Web Communications.

Copyright © 2019, Los Angeles Times
EDITION: California | U.S. & World