Sign Up: Free Daily Tech E-letter  
Technology Home
Tech Policy
Government IT
Personal Tech
Special Reports

Company Postings
Get Quotes
Press Releases
Tech Almanac

Attack on Advertising Provider Jams High-Traffic Web Sites


E-Mail This Article
Print This Article
_____DoubleClick Inc_____
(DCLK) Stock Quote and News
Historical Chart
Company Description
Analyst Ratings
Internet Attack Targets DoubleClick (, Jul 27, 2004)
Virus Overwhelms Google, 3 Other Search Engines (The Washington Post, Jul 27, 2004)
Web Worm Spreads, Slows Google Searches (, Jul 26, 2004)
More Security News
___Tech Policy/Security E-letter___
Written by's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
Click Here for Free Sign-up
Read E-letter Archive

By Brian Krebs
Special to The Washington Post
Wednesday, July 28, 2004; Page E05

Computer users had difficulty accessing portions of the Internet's most highly trafficked Web sites yesterday after hackers launched an attack against DoubleClick Inc., the company that serves up online advertising to hundreds of commercial sites.

The attack followed one on four major search engines Monday, but it was not clear whether the two incidents were related.

Beginning about 10:30 a.m. yesterday, DoubleClick's Internet servers began to receive a flood of bogus Web page requests, creating a bottleneck that blocked many major sites from displaying ad images.

That jam in turn made it difficult for Internet users to reach certain pages at nearly all of the Internet's 40 most-visited Web sites. At the height of the assault, affected Web pages were available less than 25 percent of the time, according to Keynote Systems Inc., a Web performance monitoring company in San Mateo, Calif.

"One of the things that makes the Internet so survivable is that no one company or technology runs the whole thing," said Lloyd Taylor, Keynote's vice president of technology and operations. "In this case . . . the attackers targeted a common infrastructure relied upon by many companies."

DoubleClick spokeswoman Jennifer Blum said the attack targeted the company's domain name servers (DNS) -- machines that help direct Internet traffic -- causing "severe service disruptions" for all 900 of its customers. The unknown hackers apparently orchestrated the attack by hijacking an army of personal computers that had been previously infected by a virus. They then instructed the compromised machines to collectively bombard the company with page requests -- an assault known as a distributed denial-of-service attack.

Among the sites hardest hit were those of Nortel Networks Ltd., Gateway Inc., MCI Inc., and, according to Keynote. Users also experienced delays accessing pages at before The Washington Post Co. blocked DoubleClick's ads from running on its site. Senior Vice President Monty Mullig said that several ads did not display properly on the site, but he said news content was unaffected because it runs on a different network.

Security experts said the DoubleClick attack today appears similar in nature to the assault hackers waged last month against Akamai Technologies, a company that distributes Web content for companies such as Google, Microsoft and Yahoo. In that attack, hackers apparently directed tens of thousands of hijacked computers to overwhelm Akamai's DNS servers, blocking access to many of the company's customers for nearly two hours.

The attack on DoubleClick suggests that hackers are beginning to target key Internet pressure points that -- when squeezed -- darken the Internet for most users, said Johannes Ullrich, chief technology officer for the SANS Institute's Internet Storm Center, which monitors hacker activity.

"The hackers don't need to attack the Internet. If you attack Akamai or DoubleClick you can take out 95 percent of what most people consider to be the Internet," Ullrich said.

Krebs is a staff writer for Home

© 2004 The Washington Post Company

Company Postings: Quick Quotes | Tech Almanac
About | Advertising | Contact | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication