Bombs away

Bombs away: Dispatch from the frontlines of the new electronic battlefield. By Andrew Leonard.

Published September 18, 1998 7:00PM (EDT)

It's not every day that you come into your office and find your e-mail box stuffed with 3,500 identical messages calling you "Fuckface." It's even less frequent that you discover that those 3,500 e-mails were sent to you via a computer in the Czech Republic, by an unknown assailant enraged by your magazine's coverage of political affairs.

In the emerging world of real, live cyberwarfare, such an e-mail attack is known as a mailbombing. The assailant's goal is to disrupt the recipient's interface with the Net by clogging up mail servers and network gateways with a torrent of gibberish or hate mail or pornographic images.

Security specialists refer to this kind of an attack as a "denial of service." And whoever was assaulting Salon was successful, for a short period, in achieving their goals. On Thursday afternoon, a barrage of automated mailbombs loaded with homophobic rants and pictures of people engaged in oral sex forced Salon's technical staff to cut off incoming mail for several hours and disrupted access to the Net for Salon staff.

There's nothing particularly new or noteworthy about an outbreak of mailbombing, by itself. Journalists who cover the Internet occasionally suffer such attacks, usually after writing an article that somehow managed to annoy the sensitivities of some band of malicious hackers. The recent crusade to publicize the plight of noted cracker Kevin Mitnick, who is currently languishing in jail without a trial or bail, is a classic example of the traditional kind of cybercultural issue that triggers these disruptive incidents.

But a politically motivated mailbombing that has nothing to do with computers, the Internet or Kevin Mitnick is a slightly different story. Salon was attacked for strictly partisan reasons -- the attack was apparently provoked by our ongoing coverage of independent prosecutor Kenneth Starr, and, more recently, Congressman Henry Hyde.

Such incidents are far rarer -- at least according to a quick survey of Net-based journalists. There are precedents, however. Last year, for example, the Institute for Global Communications, a nonprofit organization that hosts Web sites and provides Internet access for activist groups, was forced to shut down a Web site for a Basque autonomy group after it sustained debilitating mailbomb attacks.

IGC's story had a happy ending -- scores of Web sites eagerly offered to mirror the cybercensored content. But it may not always be so easy. Until recently, the group of people who felt passionate enough about politics to take direct destructive action and the group of people with the kind of skills necessary to route automated mailing software through computers in the Czech Republic did not correlate together very well.

But that's changing. As the Web matures, cyberwarfare will only grow more vicious. As more and more people become proficient with the kind of programming tools necessary for cyberwar -- or, concurrently, as more and more tools become easier to use for those who wish to wreak havoc -- we can expect politically motivated cyberchaos to climb steadily.

It's bound to happen. The wonders of the free market have already proven this in the arena of automated spam software, programs that have enabled thousands of Net marketers to do business. It's an easy step from spambot to warbot.

And who will the victims be? A Web site promoting abortion rights? Or one railing against gun control? Will fulminating liberals send mailbomb battering rams against the Drudge Report? The New York Times' Web site was shut down last Sunday by Mitnick devotees. How long before it shudders against attacks by Islamic cyberwarriors furious about its coverage of Israel?

A mailbomb is just the simplest of tools for a denial of service attack. Once prepared, a Web site can easily defend against it. But there are other, more serious weapons out there -- syn-flood attacks and the infamous Ping of Death, to pick just two. It's just a matter of time before the tools necessary to launch a devastating syn-flood attack are wrapped up in nice, user-friendly packages for any cyberterrorist with an ax to grind.

The Internet is supposed to be the greatest friend free speech has ever had. But it could also be one of the most effective foes. It's far too easy to automate destructive hate mail and unleash it on whomever you choose.

By Andrew Leonard

Andrew Leonard is a staff writer at Salon. On Twitter, @koxinga21.

MORE FROM Andrew Leonard

Related Topics ------------------------------------------