Internet service provider AboveNet Communications and law enforcement officials are on the hunt for the cyberattackers who halted traffic on Tuesday to almost 1,000 businesses that contract Internet services and Web-page hosting through the company.
"It is important to me -- both personally and professionally -- to catch the person who did this," said Paul Vixie, vice president of Internet services for AboveNet's parent company Metromedia Fiber Network.
At 9:45 a.m. Pacific Time on Tuesday, the network switches used by AboveNet seized up, losing configuration data and stopping traffic on the company's network.
By the early afternoon, the company's San Jose, California, offices had realised that they had been attacked.
DoS effects the same
While Vixie stresses that the attack was unlike the distributed denial-of-service attacks that slowed -- and in some cases halted, service to eight major Web sites in February -- the effects were the same.
"The customer impact was almost total," he said. "The people who did this were quite skilled, unlike the others in the previous attack."
Tricia Godwin, a procurement specialist at online purchasing agent OutPurchase.com, felt the pain.
The company -- a business-to-business provider of purchasing services for small and medium-sized businesses -- couldn't access the Internet, and its customers could not access its Web site for several hours on Tuesday.
"We lost a whole day's business," said Godwin, who measures her business in the number of quotes she generates. During the outage, she estimates that 50 to 60 quotes were lost. "Ouch! It definitely hurt."
'Could have happened to (anyone)'
Another customer, Buildpoint.com, which announced that it had started using AboveNet's services earlier this month, had similar problems.
"Our customers were certainly affected by the outage," said Henry Purdy, director of product development for the bid management e-commerce site. "People were not able to log on to our system to do business. We had several phone calls from customers."
With 100 employees, Buildpoint serves subcontractors and the construction industry, facilitating bidding for materials and services.
The company's management adopted an understanding attitude.
"This sort of attack could have happened to any co-location service," said Chris Page, director of information technology, who added that the incident underscores the need for redundant services. Ironically, Buildpoint is less than two weeks away from installing a second network for just such a purpose.
AboveNet's top three customers had fewer problems, said Carol Nash, an AboveNet spokesperson.
eBay, AOL had backups
Manufacturing service provider Electronic Media International had taken down its network for maintenance; and well-known auction house eBay had a second network to handle the traffic, as does America Online, which uses AboveNet as a secondary provider.
Meanwhile, with his technical staff, AboveNet's Vixie worked until the wee hours of the morning Wednesday making certain the attacker left nothing behind.
"Even though the customers were up (and running) by midday yesterday, we needed to look for evidence of backdoors or anything left over (by the attacker)," he said.
As part of the work, Vixie secured information for the FBI, which is currently investigating the case, though neither Vixie nor the FBI would give details.
High hopes for vandal hunt
Still, Vixie has high hopes that they will track down the attacker. "Technically, there is cause for hope, where in the (Denial of Service) case, there was no cause for hope," he said.
"Right now, this has come down to finding a needle in a haystack rather than a grain of sand on the beach."
Take me to the Cyber terrorism special
Check out ZDNet's new Interactive Broadband Guide