Hackers Try to Shut Down White House Web Site, but Security Foils Their Attack

A computer worm dubbed “Code Red” programmed some 225,000 computers to launch an electronic attack on the White House Web site Thursday. The attack was ineffective.

The goal of the attack was to shut down the site and perhaps slow other Internet traffic.

The worm defaced Web sites operated by the infected computers with the message: “HELLO! Welcome to https://www.worm.com! Hacked by Chinese!”

The message has led to speculation that the attack was launched by hackers in China, who mounted a campaign in May that defaced hundreds of Web sites operated by U.S. agencies and private companies. That spate of online mischief was triggered by the collision between a Chinese military jet and a U.S. spy plane.

Brian Dunphy, a network monitoring expert at the security firm Riptech Inc., first detected Code Red on July 14, then saw an explosion Thursday in the number of infected computers, called Web servers. Some of the firm’s customers have experienced significant performance problems related to the worm.

The worm was designed to send a torrent of electronic data to the White House Web site at 5 p.m. PST, creating a massive overload that would cause the site to shut down. Such hacks, known as “distributed denial of service” attacks, are well known. They were successfully used against a number of leading Web businesses last year.

But the time-release element of this attack is new, said Bruce Schneier, a cryptographer and security expert with Counterpane Internet Security Inc. of San Jose.

White House security was able to deflect the bogus data and steer legitimate traffic to an alternate Internet address.