While the biggest hacker attack in Web history loomed like a tsunami on the virtual horizon last Monday, Alan Hannan was looking for nothing more dangerous than soda and cookies in a San Jose, Calif., hotel lobby. Like hundreds of techies who help keep the backbone of the Internet properly aligned, Hannan had spent the morning at the North American Network Operators' Group conference listening to a talk on something called denial-of-service (DOS) attacks. "I thought I knew about them well enough," says Hannan. "I didn't pay much attention. I wish I had."
Before he could finish his Coke, Hannan's cell phone buzzed. It was David Filo, co-founder of Yahoo and one of Hannan's clients. "It looks like we're having some problems with the site," Filo said. Could Hannan take a look?
Although neither man knew it yet, the Web's most popular portal was being bombarded with enough confusing information to cause the digital equivalent of a nervous breakdown. Normally, Yahoo absorbs a couple hundred million bits of data each second, meaning it can handle millions of Yahoo users asking simultaneously for, say, the lowdown on Ricky Martin without breaking much of a sweat. But now Yahoo's Internet service provider, Global Crossing--Hannan's company--was clogging up with as many as 1 billion bits a second.
But it was the type of information that did the most damage. This was no Ricky Martin request. It was millions of phantom users suddenly screaming "Yes, I heard you!"--which was very unusual since Yahoo hadn't said anything. Worse, the phantoms had all given Yahoo fake return addresses. Yahoo got so hung up trying to get back to them all, it couldn't get around to dishing up those Ricky links to regular users. Service, in other words, was denied. Visitors to Yahoo saw an empty screen.
Hannan and his team zipped back to Global Crossing's HQ. In an hour they figured out they were under a DOS attack. It took another couple hours of monitoring their $500,000 routing machines to figure out which one was being attacked and to install the kind of filters that would scare the phantoms away. It wasn't brain surgery. Kids make DOS attacks all the time. But when the engineers saw the size of the barrage--10 times as large as anything ever recorded--they gasped. "We all agreed," says Hannan, "that we had a very formidable opponent."
The next three days were marked by serial slowdowns at some of the biggest sites on the Web: Amazon.com eBay, CNN.com (owned by Time Warner, parent company of TIME), ZDNet, ETrade, Excite. Like so many virtual vandals before him, the phantom foe clearly craved attention. He got it in the shape of a front-page media frenzy, a full-scale FBI investigation and a hastily convened White House conference on Web hacking. And yet he stubbornly refused to show up at his own party, prompting PC paranoia and all manner of conspiracy theories.