Server security for hosts ranging from the high-end firms that oversee the web site of the American Central Intelligence Agency to private companies like PayPal has become a topic at the forefront of conversation in the IT industry following a slew of attacks on various high-profile web sites this past week.
“The bots seem to start to initiate an SSL connection and a bit of junk to the websites and then disconnect. They do not actually request an resources from the website or do anything else other than repeat the cycle periodically. They are doing this to hundreds of sites all day long. We find it hard to believe this much activity would be used to make the bots blend in with normal traffic, but at the same time it doesn’t quite look like a DDoS either.” – Internet watchdog group Shadow Server
Internet watchdog Shadow Server has outlined recent attacks against the C.I.A. web site, PayPal and hundreds of other organizations, carried out by assaulting the servers hosting the sites with an overwhelming number of SSL (secure socket layer) connections. Because the connections were limited in time and made no requests for information, the exact motive behind the attacks remains unclear. Shadow Server is suggesting that the culprit was none other then the Pushdo botnet in what appeared to be a failed DDoS attack with millions of requests being sent over a range of thousands of IP addresses.
A second string of attacks followed closely on the heels of U.S. President Barack Obama’s State of the Union address last week when a hacker managed to infiltrate the political web sites of 49 members of the House of Representatives. With the sites of members of both political parties affected, the hacker replaced each site with an obscene message aimed at the American President and claiming to originate in “Brasil.”
While many of the web sites are managed and hosted by technicians and hardware within the House itself, many others are hosted on servers managed by third-party companies. One company in particular, Virginia-based GovTrends, was revealed by House of Representatives spokesman Jeff Ventura to have left itself vulnerable to attack while performing infrastructure updates. GovTrends has become a focus for politicians as they look for answers and plan for heightened web site security to avoid future attacks.
While server security is always at the front of any good hosting provider’s mind, there’s nothing like government inquiries and close public scrutiny to up the proverbial ante.