Return to Transcripts main page
Live From...
Most World Internet Servers Downed Monday
Aired October 23, 2002 - 13:44 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
MILES O'BRIEN, CNN ANCHOR: The FBI and the White House are investigating a large-scale cyberattack. It happened Monday. You probably have not noticed, since it lasted only an hour. In that time, nine of the 13 servers that manage global Internet traffic were crippled.
CNN's technology guru Daniel Sieberg joins us now to tell us a little bit more about exactly what happened.
These servers are all over the world, aren't they, Daniel?
DANIEL SIEBERG, CNN TECHNOLOGY CORRESPONDENT: That's right, Miles. We're talking about what are called the root servers, or domain name servers. We're talking about .com, .org., .net. And these 13 root servers are essentially at the heart of the Internet. It's the best way to think of it. They provide information to all of these other servers around the world and to Internet service providers. Each one is similar to the next. So one is supposed to be similar to 13, each acting as a backup.
We're seeing now a map of where these root servers are located. As I say, 13 of them around the world, everywhere from Marina Del Ray, California; to College Park, Maryland; Vienna, Virginia; Stockholm, Sweden; London, in the U.K.; and Tokyo, Japan.
The next graphic we're seeing are the most affected servers, these nine of the 13 that were hit hardest by this attack. Interestingly, two of the ones that were hit the hardest, one belongs to the Defense Department, the other belongs to the U.S. Army Research Lab. So that may be of interest to some people out there.
But these are the, as I say, heart of the Internet, in a sense.
O'BRIEN: Daniel, give us a sense of how a hacker might launch an attack against a server. That sounds like it would be challenging.
SIEBERG: There's a couple of things here, Miles. First of all, in that particular attack, a lot of the experts and officials we've spoken to don't categorize it as that sophisticated. It uses something called a denial of service attack. People may have heard this term before. The idea behind it is sending an enormous amount of data, a huge volume of data, to these computers or servers and trying to overwhelm them in a sense. That's what this attack was about.
The officials and the experts that we have spoken to don't categorize this as very sophisticated. This type of technology isn't that hard to use. In fact, they are even saying it's not all that serious in this case, because, as you pointed out, nobody noticed any sort of degradation or loss of Internet service while they were surfing the Web. They could still send e-mail, they could still serve Web pages. That's partly because of some of the defensive applications and procedures that were in place. But also because it only lasted for an hour and just didn't hit as hard as some people may have expected.
What we're seeing here, this is a graphic provided to us from Matrix NetSystems. It looks at the latency or the delay of all of these different root servers, these 13 root servers around the world. There's a spike, if you can see it, just on the right where it's peaked. That's the delay that was happening during this hour period. It started at about 5:00 Eastern time on Monday and lasted for an hour. You can see that it actually goes off the chart. That is the delay that was being experienced by these servers.
O'BRIEN: Now I know why you call it the heart of the Internet. That looks like an EKG. (UNINTELLIGIBLE) bring out the paddles or something.
I guess the half full way of looking at this is the system repelled the attack and no one really was any worse for the wear.
SIEBERG: Right. Some of the other experts we've talked to, although these root servers are essential to the Internet, just as a heart is to somebody who's alive, they also are not necessarily critical in order for the Internet to carry on. A lot of the information that is contained on these root servers is also contained by Internet service providers and elsewhere. It's cached or backed up in a number of different locations. So even if a number of these servers go down, the Internet can still sustain itself. That is in part how they're designed, so that it's not necessarily one of them goes down and there's chaos on the Internet. There are these backup plans in place.
O'BRIEN: It's worth reminding people that the Internet, by it's very definition, by its very nature and the way it was built, it's not in any one place; it's everywhere. And as a result, it's probably impossible to bring it down.
SIEBERG: Not only is it impossible to bring it down because it's spread out so far, but that is going to make it equally hard for investigators to go out and try and find where this attack originated from. We've been talking with the FBI and their cybercrimes division. They've launched an investigation into this attack to see where it originated. There's a whole gamut of possibilities as to where it originated, whether it's a terrorist cell, a teenager at home, a group of hackers who got together to decide to do this. They won't release to us any information at this point as to where it originated. Although the attack itself is not very sophisticated and considered not very serious, it's very difficult to go back out to all of those computers. A denial of service attack harnesses maybe hundreds or even thousands of computers to bombard these service with this data, to in a sense have to trace it back to the Internet. A very difficult procedure for investigators.
O'BRIEN: Probably more difficult than it is for the hacker to do this, I guess.
SIEBERG: Absolutely. Absolutely. That definitely the way to look at it.
O'BRIEN: Daniel Sieberg, thanks very much. We appreciate your insights and information on that, and we're glad the Internet is still up and running.
SIEBERG: Absolutely.
TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com
Aired October 23, 2002 - 13:44 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
MILES O'BRIEN, CNN ANCHOR: The FBI and the White House are investigating a large-scale cyberattack. It happened Monday. You probably have not noticed, since it lasted only an hour. In that time, nine of the 13 servers that manage global Internet traffic were crippled.
CNN's technology guru Daniel Sieberg joins us now to tell us a little bit more about exactly what happened.
These servers are all over the world, aren't they, Daniel?
DANIEL SIEBERG, CNN TECHNOLOGY CORRESPONDENT: That's right, Miles. We're talking about what are called the root servers, or domain name servers. We're talking about .com, .org., .net. And these 13 root servers are essentially at the heart of the Internet. It's the best way to think of it. They provide information to all of these other servers around the world and to Internet service providers. Each one is similar to the next. So one is supposed to be similar to 13, each acting as a backup.
We're seeing now a map of where these root servers are located. As I say, 13 of them around the world, everywhere from Marina Del Ray, California; to College Park, Maryland; Vienna, Virginia; Stockholm, Sweden; London, in the U.K.; and Tokyo, Japan.
The next graphic we're seeing are the most affected servers, these nine of the 13 that were hit hardest by this attack. Interestingly, two of the ones that were hit the hardest, one belongs to the Defense Department, the other belongs to the U.S. Army Research Lab. So that may be of interest to some people out there.
But these are the, as I say, heart of the Internet, in a sense.
O'BRIEN: Daniel, give us a sense of how a hacker might launch an attack against a server. That sounds like it would be challenging.
SIEBERG: There's a couple of things here, Miles. First of all, in that particular attack, a lot of the experts and officials we've spoken to don't categorize it as that sophisticated. It uses something called a denial of service attack. People may have heard this term before. The idea behind it is sending an enormous amount of data, a huge volume of data, to these computers or servers and trying to overwhelm them in a sense. That's what this attack was about.
The officials and the experts that we have spoken to don't categorize this as very sophisticated. This type of technology isn't that hard to use. In fact, they are even saying it's not all that serious in this case, because, as you pointed out, nobody noticed any sort of degradation or loss of Internet service while they were surfing the Web. They could still send e-mail, they could still serve Web pages. That's partly because of some of the defensive applications and procedures that were in place. But also because it only lasted for an hour and just didn't hit as hard as some people may have expected.
What we're seeing here, this is a graphic provided to us from Matrix NetSystems. It looks at the latency or the delay of all of these different root servers, these 13 root servers around the world. There's a spike, if you can see it, just on the right where it's peaked. That's the delay that was happening during this hour period. It started at about 5:00 Eastern time on Monday and lasted for an hour. You can see that it actually goes off the chart. That is the delay that was being experienced by these servers.
O'BRIEN: Now I know why you call it the heart of the Internet. That looks like an EKG. (UNINTELLIGIBLE) bring out the paddles or something.
I guess the half full way of looking at this is the system repelled the attack and no one really was any worse for the wear.
SIEBERG: Right. Some of the other experts we've talked to, although these root servers are essential to the Internet, just as a heart is to somebody who's alive, they also are not necessarily critical in order for the Internet to carry on. A lot of the information that is contained on these root servers is also contained by Internet service providers and elsewhere. It's cached or backed up in a number of different locations. So even if a number of these servers go down, the Internet can still sustain itself. That is in part how they're designed, so that it's not necessarily one of them goes down and there's chaos on the Internet. There are these backup plans in place.
O'BRIEN: It's worth reminding people that the Internet, by it's very definition, by its very nature and the way it was built, it's not in any one place; it's everywhere. And as a result, it's probably impossible to bring it down.
SIEBERG: Not only is it impossible to bring it down because it's spread out so far, but that is going to make it equally hard for investigators to go out and try and find where this attack originated from. We've been talking with the FBI and their cybercrimes division. They've launched an investigation into this attack to see where it originated. There's a whole gamut of possibilities as to where it originated, whether it's a terrorist cell, a teenager at home, a group of hackers who got together to decide to do this. They won't release to us any information at this point as to where it originated. Although the attack itself is not very sophisticated and considered not very serious, it's very difficult to go back out to all of those computers. A denial of service attack harnesses maybe hundreds or even thousands of computers to bombard these service with this data, to in a sense have to trace it back to the Internet. A very difficult procedure for investigators.
O'BRIEN: Probably more difficult than it is for the hacker to do this, I guess.
SIEBERG: Absolutely. Absolutely. That definitely the way to look at it.
O'BRIEN: Daniel Sieberg, thanks very much. We appreciate your insights and information on that, and we're glad the Internet is still up and running.
SIEBERG: Absolutely.
TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com
