Weekend Internet attack exceeded experts' fears

Government and corporate Web sites were crippled by an unidentified virus.

©Associated Press
January 28, 2003

WASHINGTON -- The weekend attack on the Internet crippled some sensitive corporate and government systems, including banking operations and 911 centers, far more seriously than many experts believed possible.

The nation's largest residential mortgage firm, Countrywide Financial Corp., told customers who called Monday that it was still suffering from the attack. Its Web site, where customers usually can make payments and check their loans, was closed most of Monday with a note about "emergency maintenance."

Police and fire dispatchers outside Seattle resorted to paper and pencil for hours Saturday after the virus-like attack disrupted operations for a 911 center. American Express Co. confirmed that customers couldn't reach its Web site to check credit statements and account balances during parts of the weekend. Perhaps most surprising, the attack prevented many customers of Bank of America Corp., one of the largest U.S. banks, and some large Canadian banks from withdrawing money from automatic teller machines Saturday.

The surprising disruptions shook popular perceptions that vital services were largely immune to such attacks.

President Bush's No. 2 cyber-security adviser, Howard Schmidt, acknowledged Monday that what he called "collateral damage" stunned even experts who have warned about uncertain effects on the nation's most important electronic systems from mass-scale Internet disruptions.

"One would not have expected a request for bandwidth would have affected the ATM network," Schmidt said. "This is one of the things we've been talking about for a long time, getting a handle on interdependencies and cascading effects."

Miles McNamee, a top official with the technology industry's Internet early-warning center, said the attack was "comparable to the worst of previous denial of service attacks and if so, marks another multibillion-dollar hit to the global Internet community."

The White House and Canadian defense officials confirmed they were investigating how the attack, which started about 12:30 a.m. Saturday, could have affected ATM banking and other important networks that should remain immune from traditional Internet outages.

Officials were most concerned about risks that citizens might lose confidence in financial networks.

The virus-like attack, alternately dubbed "Slammer" or "Sapphire," sought vulnerable computers to infect using a known flaw in popular database software from Microsoft Corp. called "SQL Server 2000."

Microsoft had made software updates available to patch the vulnerability in its SQL Server 2000 software -- used mostly by businesses and governments -- but many system administrators had yet to install them when the attack hit Saturday.

© 2006 • All Rights Reserved • Tampa Bay Times
490 First Avenue South • St. Petersburg, FL 33701 • 727-893-8111

Contact the Times | Privacy Policy
Standard of Accuracy | Terms, Conditions & Copyright