Terror Link to Mass ‘Blog’ Outage

bill at whump.com bill at whump.com
Fri Oct 24 11:02:10 PDT 2003

This story was sent to you by: Bill Humphries

Welcome to the cyberpunk future where bands of cowboy christians/muslims/wingnuts/ecoterrorists will attack your host if they disagree with your politics.

Distributed/anonymous hosting may become the next premium service.

Terror Link to Mass 'Blog' Outage 

By Lou Dolinar

October 24, 2003

Law enforcement officials are probing a "significant" series of computer attacks launched in the last week, including one that took down some of the most popular web logs, or "blogs," on the Internet, an AT&T spokesman said yesterday.

But the best-known of the affected sites, including Glenn Reynolds' "Instapundit" and the Long Island-based "Command Post," apparently weren't the intended victims of the so-called denial of service" attacks.

But those sites were taken out when unknown hackers went after an obscure Web site belonging to a group called Internet Haganah, which tries to get service providers to boot terror-connected Web sites off the Internet, according to Annette Howard, co-owner of Haganah's ISP, Hosting Matters.

By a using a network of dozens or even hundreds of compromised "zombie" computers, they flooded Haganah and Hosting Matters with more data than the two could handle. She said companies that provide her with connection services, AT&T and Peak Ten, also were hard-hit.

According to AT&T's Dave Johnson, the attack on Hosting Matters appeared to be part of a series of that may have victimized hundreds of companies in the last week or so, on many different backbones, not just AT&Ts. There's no indication of who's behind the hacking incidents, but "Law enforcement is involved and is taking a look at it." He declined to say which agencies were involved.

The head of Internet Haganah, Aaron Weisburd, said yesterday that he believed the incident aimed at his group was directed by hackers associated with Yussuf al-Ayyeri, one of Osama bin Laden's closest associates since the early '90s. Until he was killed in a gun battle with security forces in Riyadh last June, he maintained a network of Web sites for recruiting, fund-raising and communications.

Weisburd said he shut down more than 20 Web sites controlled by al-Ayyeri, and 299 sites altogether. "It's really a straightforward process. When they sign up for a Web site, no one knows who they are. We call up their service provider and say 'You're hosting a discussion on how to build a better bomb belt.' Generally they're pretty decent and take the site down."

In response, al-Ayyeri issued a cyber-fatwa, or religious edict, about a year ago, Weisburd said, urging his technically proficient users to try to shut down "Al Haganah." They've tried, off-and-on since then, to block his service, Weisburd said, discussed how to do it on various bulletin boards and succeeded last week. Since then, mirror sites he set up have also been attacked.

Meanwhile, bloggers at other affected sites were concerned that cyberterrorists might be targeting them, said Michele Catalano, the Long Islander who runs the popular command-post.org Web site.

She said she lost pretty much all ability to communicate: "The Command Post was down, my personal site was down, and the e-mail wasn't working. There were stories going on we needed to report and we couldn't do anything." Among the other sites hit were buzzmachine.com; timblair.spleenville.com; vodkapundit.com; danieldrezner.com and talkleft.com. 

Copyright (c) 2003, Newsday, Inc. 


This article originally appeared at:

Visit Newsday online at http://www.newsday.com

More information about the FoRK mailing list