Filed at 7:43 a.m. ET
WASHINGTON (AP) -- Researchers uncovered a serious flaw in the
underlying technology for nearly all Internet traffic, a discovery
that led to an urgent and secretive international effort to prevent
global disruptions of Web surfing, e-mails and instant messages.
The British government announced the vulnerability in core
Internet technology on Tuesday. Left unaddressed, experts said, it
could allow hackers to knock computers offline and broadly disrupt
vital traffic-directing devices, called routers, that coordinate the
flow of data among distant groups of computers.
``Exploitation of this vulnerability could have affected the glue
that holds the Internet together,'' said Roger Cumming, director for
England's National Infrastructure Security Coordination Centre.
The Homeland Security Department issued its own cyberalert hours
later that attacks ``could affect a large segment of the Internet
community.'' It said normal Internet operations probably would
resume after such attacks stopped. Experts said there were no
reports of attacks using this technique.
The risk was similar to Internet users ``running naked through
the jungle, which didn't matter until somebody released some
tigers,'' said Paul Vixie of the Internet Systems Consortium
Inc.
``It's a significant risk,'' Vixie said. ``The larger Internet
providers are jumping on this big time. It's really important this
just gets fixed before the bad guys start exploiting it for fun and
recognition.''
The flaw affecting the Internet's ``transmission control
protocol,'' or TCP, was discovered late last year by a computer
researcher in Milwaukee. Paul Watson said he identified a method to
reliably trick personal computers and routers into shutting down
electronic conversations by resetting the machines remotely.
Experts previously said such attacks could take between four
years and 142 years to succeed because they require guessing a
rotating number from roughly 4 billion possible combinations. Watson
said he can guess the proper number with as few as four attempts,
which can be accomplished within seconds.
Routers continually exchange important updates about the most
efficient traffic routes between large networks. Continued
successful attacks against routers can cause them to go into a
standby mode, known as ``dampening,'' that can persist for
hours.
Cisco
Systems Inc., which acknowledged its popular routers were among
those vulnerable, distributed software repairs and tips to otherwise
protect large corporate customers. There were few steps for home
users to take; Microsoft
Corp. said it did not believe Windows users were too vulnerable
and made no immediate plans to update its software.
Using Watson's technique to attack a computer running Windows
``would not be something that would be easy to do,'' said Steve
Lipner, Microsoft's director for security engineering strategy.
Already in recent weeks, some U.S. government agencies and
companies operating the most important digital pipelines have
fortified their own vulnerable systems because of early warnings
communicated by some security organizations. The White House has
expressed concerns especially about risks to crucial Internet
routers because attacks against them could profoundly disrupt online
traffic.
``Any flaw to a fundamental protocol would raise significant
concern and require significant attention by the folks who run the
major infrastructures of the Internet,'' said Amit Yoran, the
government's cybersecurity chief. The flaw has dominated discussions
since last week among experts in security circles.
The public announcement coincides with a presentation Watson
expects to make Thursday at an Internet security conference in
Vancouver, British Columbia, where Watson said he would disclose
full details of his research.
Watson predicted that hackers would understand how to begin
launching attacks ``within five minutes of walking out of that
meeting.''
^------
On the Net:
U.K. National Infrastructure Security Coordination Centre:
www.niscc.gov.uk
Homeland Security cyberdivision: www.us-cert.gov
.gif){kind=spacer}
.gif){kind=tracking}
