washingtonpost.com  > Technology > Tech Policy > E-Politics

Bush Web Site Bars Overseas Visitors

By Brian Krebs
washingtonpost.com Staff Writer
Wednesday, October 27, 2004; 4:52 PM

The Bush-Cheney reelection campaign has barred people outside the United States from viewing its Web site following an electronic attack that took down the campaign's Internet address for six hours last week, according to computer security experts.

Since midnight on Monday, no one outside the United States except people in Canada could see the site, said Rich Miller, a security analyst for Netcraft, a Web site monitoring firm in Bath, England. Internet users from other countries instead see a white page featuring the message: "Access denied: You don't have permission to access www.georgewbush.com on this server."

Microsoft Offers Anti-Spyware Software (The Washington Post, Jan 7, 2005)
Single Government ID Moves Closer to Reality (The Washington Post, Dec 30, 2004)
Online Dangers Likely to Continue Growing in 2005 (washingtonpost.com, Dec 16, 2004)
More Security News

The move happened one week after the Bush-Cheney and Republican National Committee sites were unavailable for almost six hours. Security experts said the outage probably was the result of a "distributed denial-of-service attack," in which hackers use tens of thousands of hijacked computers to overwhelm Web sites by flooding them with bursts of digital data.

The Bush campaign did not return repeated calls for comment.

RNC spokesman Scott Hogenson acknowledged last week's outage but declined to comment further, calling the incident "no big deal."

It is not unusual for Web sites to block e-mail and browser traffic from individual Internet addresses and from certain countries notorious for churning out online fraud scams and junk e-mail, but security experts said the Bush-Cheney campaign's move is probably unprecedented.

"I've never heard of a site wholesale blocking access from the rest of the world," said Johannes Ullrich, chief technology officer for the SANS Internet Storm Center, which monitors hacker trends. "I guess they decided it just wasn't worth the trouble to leave it open to foreign visitors."

Malicious hackers use computer worms and viruses to seize control of unprotected home computers and corral them into remote-controlled attack armies known as robot networks, or "bot nets." Between January and June, the number of bot networks monitored by Cupertino, Calif.-based online security company Symantec Corp. rose from fewer than 2,000 to more than 30,000.

A week after the attack, and on the same day that the site's access was restricted, the campaign hired Akamai Technologies Inc. to manage its Web data. The Cambridge, Mass., company has more than 1,000 clients, including Microsoft Corp., Yahoo Inc. and Federal Express. Akamai stores Web content on thousands of Internet servers around the world, a tactic experts say makes its customers' sites more resistant to disruption from electronic attacks.

An Akamai spokesman declined to comment for this story.

Mikko Hypponen, director of antivirus research at Finland-based F-Secure Corp., also could not reach the site from his home in Finland. But he questioned whether denying access to foreign visitors would make any difference. "I don't see any other reason why they'd do this other than to try and avoid problems coming from people who probably don't really have any desire to see the site to begin with," he said.

Jonah Seiger, founding partner of Connections Media, a Washington campaign consultancy that works with Democratic candidates, said that it did not make sense for the Bush-Cheney campaign to "consciously block access to anybody."

"Maybe the next thing they'll try is to block Democrats and people in blue states from coming to the site," Seiger said.

© 2004 TechNews.com