In midst of probe, FBI experiences denial-of-services attacks firsthand

In midst of probe, FBI experiences denial-of-services attacks firsthand

By Shruti Dat' and

Christopher J. Dorobek

GCN Staff

While the FBI was investigating a flood of distributed denial-of-service attacks, its own Web site was down for more than three hours on Feb. 18 after hackers overwhelmed it with hits.

The denial-of-service attack on followed similar attacks on major commercial sites, including those of Yahoo Inc., eBay Inc. and Inc. [GCN, Feb. 21, Page 1].

To help government and industry organizations combat such attacks, the Project for the Partnership for Critical Infrastructure Security, a public-private security group, has published a new guidebook. The group said it would update the report, Consensus Roadmap for Defeating Distributed Denial-of-Service Attacks, as needed.

All groups that use the Internet should take steps to protect the global network because repeated attacks will damage the Internet's credibility as a communications medium, said Alan Paller, director of research at the SANS Institute of Bethesda, Md.

'What's new is that this can do big damage. It can damage the trust we have in the Internet,' he said last month at the Virtual Government conference in Washington.

Because of the nature of the recent attacks, a coordinated security effort is required, Paller said. During a recent security summit, President Clinton stressed that the federal government must lead by example, Paller said.

The security guidebook, published last month, comprises the work of several security organizations, including the Computer Emergency Response Team at Carnegie Mellon University and the SANS Institute. Agencies received copies at the Virtual Government conference.

The document lists immediate steps that agencies can take to reduce the risk of specific threats. It also includes some longer-term security recommendations.

The document is available on the Web at

The SANS Institute will create an e-mail distribution list for providing updates. To get on the list, send an e-mail message to with 'ddos roadmap' in the subject line.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.