German Internet Providers are Living Dangerously

After the DDoS attacks on Yahoo!, eBay, and Amazon in February 2000, the German Federal Minister of the Interior Otto Schily founded a task force which in June published a catalog of defense measures against such hacker attacks. However, a study by the Stiftung Warentest, a German consumer watchdog group, has shown that these security recommendations are not being given enough attention. 1,573 of the 103,770 German Internet addresses that were tested could be misused to flood other computers. In such an attack, the endangered computers readily relay the data sent to them, or even multiply the amount of data. The addresses that did the worst in the test were the Berlin shipping company Ulrich Rieck & Svhne, the Neuruppin city works site, and Amazon.de. These addresses increase the data packets from 30 to 50 times their original amount; for every "ping" sent there were up to 50 "pongs". Hackers can manipulate such computers. A flood attack can have concrete consequences for each and every surfer. If, for instance, an online stockbroker is lamed, customers may not be able to buy or sell stock for several hours. On the New Market, some securities can lose up to 50 percent of their value in this amount of time. The collapse of an online bank or an e-mail provider can also have grave consequences for surfers. The result of the study: around 1.5 percent of all the Internet computers that were tested sent more than one pong back and are therefore a danger to other network users. At first glance this seems to be a good result because it is such a small percentage. But in a worldwide computer network, just a few weak points can endanger the whole system.