Monday night's hack of thousands of government, military and university computers begs a dark suspicion -- that it may have been the work of a carefully orchestrated plot. But security experts, who actually anticipated the attack six weeks ago, say the incident carried all the hallmarks of just plain mischief.
"It's more of a nuisance attack," said William Orvis, a security specialist for the Computer Incident Advisory Capability Unit (CIAC) of the Department of Energy. Of the 5,000 to 10,000 Microsoft NT and Windows 95 computers that were struck, few, if any, suffered any damage, Orvis said. Most systems subjected to the "denial-of-service" or "Teardrop" attacks simply fell victim to the "blue screen of death" -- a screen that accompanies Microsoft crashes.
"There's some risk that if your machine happened to be writing to the hard drive at the moment the attack hit, you could corrupt the drive," Orvis said, adding that even corrupted files were likely to be recovered.
According to Orvis, government, military, and university computers systems that sit on the Internet all-day were the most likely candidates for attack. "We've haven't heard much from private companies or individuals," Orvis said.
At the University of California at Berkeley, technicians began noticing sporadic but simultaneous crashes at about 4 p.m. PST on Monday. Systems failed at its business school and astronomy department, among others.
|The hack didn't come as any surprise. CIAC warned of its potential more than six weeks ago.
"By shortly after 5 p.m., Berkeley technicians felt that they had regained control, and blocked the current attack," explained Jesus Nena, the university's media relations director. "The attack was so minor that our technicians didn't find it warranting informing" higher ups.
| Do you think there is a hacker conspiracy? Add your comments to the bottom of this page.
While the attack was mostly benign, it was also preventable. CIAC identified the Windows vulnerability more than six weeks ago. "We've known about it [a potential attack] for some time, and CIAC put out a bulletin about a month and a half ago warning people to patch their computers," Orvis said.
In the end, the most likely target wasn't the government at all but a company, and one that's come under so much federal scrutiny lately -- namely Microsoft.
"Whether it's related to the current stuff in the government, I have no way of knowing," Orvis said. "As for Bill Gates, given the fact that the attack was on Windows NT and 95 machines, it's possibly related."
Luke Reiter, ZDTV's CyberCrime, contributed to this story.