The FBI and the U.S. Senate were forced to shut down their public Web sites this week following two online attacks that may have been acts of retaliation against the FBI for its recent crackdown on malevolent computer hackers.
The FBI site, www.fbi.gov, was taken offline Wednesday night after hackers jammed the system with electronic traffic, according to officials who said they don't know when the system may be restored. The Senate's Web site, www.senate.gov, was shut down Thursday night after officials discovered that hackers had broken in and defaced its home page with comments critical of the FBI.
FBI officials said they are investigating whether the attacks are linked and, in the case of the attack on the FBI site, said it might have been prompted by the agency's recent investigations into hacking.
"This may be some type of retaliation for search warrants that were issued," in Houston, Seattle and California, said FBI spokesman Paul Bresson. "There were some warrants issued on some pretty well-known hackers."
In another series of incidents yesterday, computers maintained by Internet service company Frontier Global Center in Herndon and in California were jammed by "denial of service" attacks similar to those launched against the government machines.
Those attacks focused on the computers that serve as telephone directories for the World Wide Web, "domain name servers" that automatically help to connect Internet surfers with sites. Anyone using Frontier Global as the chief directory of domain names, which includes customers of Internet service providers that have contracts with the company, could not reach Web sites unless they knew their actual addresses -- the string of numbers and dots for sites that are linked to names such as www.washingtonpost.com. It was unclear yesterday whether the Frontier Global attacks were connected to those against the government machines.
Earlier this month, after an FBI investigation, a federal grand jury in Alexandria indicted 19-year-old Eric Burns of Shoreline, Wash., alleging that he is the hacker known as Zyklon, who has compromised secure computer systems across the Washington area, including one operated for the U.S. government.
Zyklon's name was among several that showed up when vandals hit the White House Internet site earlier this month. The Secret Service is investigating the incident and will not comment on whether the agency believes Burns was involved.
Over the course of almost two years, according to federal investigators, news reports and computer security experts, Zyklon compromised dozens of secure computer systems around the world, including ones operated for the Toronto Star and the Chinese government.
After each attack, Zyklon would typically sign his work with the phrase "Crystal, I love you," a tribute to a high school crush, and mock the computer's weak defenses.
In Thursday's attack on the Senate site, officials there said hackers left an obscene message on the site's home page. The hackers said their assault was in response to the FBI's alleged harassment of several hacker groups, including the one that broke into the White House site.
A Virginia state government Web site also was attacked yesterday by hackers who took over a Web page and used it to accuse the Justice Department of "playing dirty games," according to Leslie Carter, deputy director of the state's Department of Information Technology. "The raids have been made," read the message. "We think it's payback time." The investigation into Zyklon also was mentioned in the message, which suggested that several hackers were being investigated only because "they don't got a clue about who hacked WhiteHouse.gov."
Carter said the incident has been reported to the Virigia State Police.
David Remnitz, chief executive of IFsec, an information security company based in New York, said the hackers involved in these attacks are out to prove a point.
"The want to show that they have a power in the electronic age and are easily able to take down the FBI, the Senate or a large corporation Web site," Remnitz said. Hackers "are becoming more and more sophisticated and able to cause damage like this."
The term "hacker" originally was a term of approval used to describe people who could write software well. Over time, a less reputable connotation has become more commonly associated with the term, and purists call computer intruders "crackers."
Attacking Web sites is a popular way for malevolent hackers to take on an institution or company they don't like. Because the sites are designed to be open to the public, most are vulnerable to tampering. Security-minded computer professionals insulate Web computers from those containing critical information, said Eugene Spafford, director of the Center for Education and Research in Information Assurance and Security at Purdue University. Tampering with a Web site on one of those isolated machines is no more serious than a vandal who "changes the sign advertising a sale" outside of a store.
Computer security expert Spafford agreed that the computer intruders could be trying to protest what they see as mistreatment by law enforcement officials -- but added, "if they're trying to generate sympathy, or trying to demonstrate that they are not a nuisance, this is not the way to do it. . . . They're certainly not doing anything to help their cause."