The vast majority of war-related cyberattacks last week appear to have been little more than low-level Web site defacements that had little or no impact on U.S. businesses.
But the sustained denial-of-service attacks that crippled the English-language Web site of Arab satellite TV network Al-Jazeera served as a sobering reminder of just what can happen if a company does become a hactivist target.
One week into the war with Iraq, most of the predicted cyberfallout appears to have been limited to the Web equivalent of graffiti, said security experts. “At least 99 percent of the attacks are pure defacement of Web sites” with pro- and antiwar messages, said Michael Albrecht, a manager at F-Secure Corp. in Helsinki, Finland
The company estimated that as many as 10,000 Web sites worldwide may have been defaced since the war began. Although U.S. government and military sites appear to be targets of choice, vandals are attacking any vulnerable service they can find, Albrecht said. In most instances, the attacks appeared to be coming from individuals rather than from organized groups or government entities, he added.
No Surprises
The level of hacking activity has been no different from usual, said Marty Lidner, an incident-handling team leader at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh. “In the big scheme of things, the level of activity reported to us hasn’t really changed,” Lidner said.
“There has been no significant increase in Web defacement activity between prewar chatter and actual war,” said Russ Cooper, an analyst at TruSecure Corp. in Herndon, Va. “A defacement may say ‘No war,’ but it would have said