The nation's government-funded computer security watchdog issued a warning Friday that computer intruders have taken control of hundreds of computers connected to the Internet. The attackers are in a position to launch a serious attack, according to the CERT Coordination Center, which said that the situation "poses a significant threat to Internet sites and the Internet infrastructure.
Computer hackers are exploiting two fairly common vulnerabilities in Unix computer systems discovered since July. "In about 100 cases since then, intruders have used the vulnerabilities to install distributed denial-of-service tools on machines", according to CERT Incident Response Team Leader Kevin Houle. "Those tools figured prominently in February's well-publicized attacks on big-name Web sites like Yahoo.com, Amazon.com, and CNN.com".
"New reports are coming in at the rate of about two to five per day", he said. "In one incident, we recorded over 560 hosts at 220 Internet sites around the world as being a
part of a Tribe Flood Network 2000 DDoS network," Poule said.
Tribal Flood networks allow a single attacker to control an army of "zombie" computers
remotely; the bandwidth of all those computers can then be brought to bear on a single target Web site, "flooding" it with traffic and effectively shutting it down.