- CERT/CC, one of the most important reporting centres for internet security problems, has been offline sporadically this week due to a distributed Denial of Service (DDoS) attack.
CERT/CC, the Computer Emergency Response Team/Coordination Center, posted a notice on its website on saying the site had been under attack since Tuesday at 11.30am EST (6.30am on Wednesday New Zealand time) and was frequently either unavailable or very slow. CERT/CC is a government-funded computer security research and development center based at Pittsburgh's Carnegie Mellon University which monitors internet security issues such a viruses, vulnerabilities and hacking and issues warnings about such incidents.
The irony of the situation is one matter, but very much another is how such an attack might affect CERT/CC's ability to issue security alerts and distribute other security information.
The organisation is still conducting business and has not lost any data, according to Ian Finlay, an internet security analyst at CERT/CC. The centre is able to send alerts through email and staff members are available via the organisation's hotline, according to its statement.
CERT/CC is working with internet service providers to investigate and end the attack, saysFinlay.
News of the attack on CERT/CC comes only a day after a group of researchers at the University of California at San Diego said in a report that over 4000 DoS attacks attacks are launched every week.
"We get attacked every day," says Richard D Pethia, director of CERT/CC. "The lesson to be learned here is that no one is immune to these kinds of attacks."
A Denial of Service attack is one in which the attackers flood a computer with requests for service, attempting to overload the server's ability to respond. A Distributed Denial of Service attack, such as the one CERT/CC is experiencing, comes when an attacker has taken over multiple PCs, called zombies, through hacking or viruses, and uses them to simultaneously attack the victim.