Pentagon downed Web site, Al-Jazeera editor says
By GRAEME SMITH
Globe and Mail
Saturday, March 29, 2003
For journalists inside the Al-Jazeera newsroom in Doha, Qatar, it was
obvious who attacked their Web site this week.
The Arabic-language television network had just launched its English site
and was publishing the first pictures of Iraq's prisoners of war on
Tuesday when a barrage of junk messages crippled the site.
The attacks continued all week. One enterprising hacker even used fake
Al-Jazeera letterhead to fool an Internet company into letting him
redirect visitors away from Al-Jazeera to other locations such as porn
sites and a page that displayed an American flag with the message: "God
bless our troops!"
"One measure of the importance of those American PoW pictures and the
images of the dead British soldiers is surely the sustained
'shock-and-awe' hacking campaign directed at aljazeera.net since the
start of the war," Faisal Bodi, a senior editor for aljazeera.net, wrote
in The Guardian newspaper yesterday. "As I write, the Al-Jazeera Web site
has been down for three days and few here doubt that the provenance of
the attack is the Pentagon."
But the idea that the U.S. military masterminded the hacker onslaught was
treated with extreme skepticism on Internet message boards and among
technical security experts yesterday.
Most observed that the attacks looked like the work of "script kiddies" —
neophyte hackers using readily available software tools.
"These people are immature, inexperienced and naive," wrote one
contributor to slashdot.org, a popular site that calls itself "news for
Al-Jazeera's biggest problems this week were caused by what are called
"distributed denial of service" attacks. These flooded the site with up
to 300 megabits (Mbps) of data per second, up from normal levels of 50 to
Traffic of that magnitude can be achieved by almost anyone with a few
weeks of computer training, said Johannes Ullrich, chief technology
officer at the Systems Administration Networking and Security Institute
"It doesn't take the Pentagon to generate 300 Mbps," Mr. Ullrich said.
A hacker typically sets up such attacks by tricking other computers into
downloading a piece of software, or exploiting security holes to install
the script on other people's computers. The software monitors an Internet
chat group, or IRC channel, from which the hacker can command all the
infected computers — a so-called "bot network" — to harass a Web site
until it collapses.
"This could be one person in his dorm room with a small bot network,"
said an Internet security expert who spoke on condition of anonymity.
"That's not to say it's not the Pentagon, but the scale isn't in the same
league as what you'd see in a military attack."
Other Web sites face the same sort of annoyance every day, Mr. Ullrich
"I would expect that it's some script kiddies. They can do these things
for the stupidest of reasons."
Although one hacker did declare the intention behind his attack with a
Web page full of pro-American vitriol, Mr. Ullrich said there's no reason
to assume the perpetrators were making a political statement. Sometimes
they target sites for sport, he said, or wage battles against each other,
known as "jousts," that accidentally shut down parts of the Internet.
On rare occasions, Mr. Ullrich said, intelligence agencies have been
known to supply young hackers with software and encourage them to hit
While that doesn't appear to have happened in this case, he said, the
complexity of the Internet means that investigators rarely find the true
"It's always hard to tell exactly what's going on."