A Florida man was charged today in federal court with hacking into two computer systems as part of establishing a "bot" network of compromised computers from which launched a denial of service attack on computer servers managed by Akamai Technologies.
United States Attorney Michael J. Sullivan and Kenneth W. Kaiser, Special Agent in Charge of the Federal Bureau of Investigation in New England, announced today that JOHN BOMBARD, age 32, of Seminole, Florida, was charged in an Information today with two counts of Intentionally Accessing a Protected Computer Without Authorization.
Akamai Technologies, headquartered in Cambridge, Massachusetts, distributes online content and business processes over a network of computer servers. The Information alleges that on June 15, 2004, Akamai suffered a significant increase in web traffic to a number of its domain name system ("DNS") servers, which translate written Internet addresses, such as http://www.example.com, into numeric addresses, such as 123.45.678.90, for use by computers. This increase in web traffic was caused by a distributed denial of service ("DDOS") attack against Akamai's Global Traffic Management DNS servers.
A denial of service attack on a computer system or network causes a loss of service to users by consuming the bandwidth of the victim network or overloading its computational resources. Commonly such attacks are implemented through the distribution of the denial of service efforts among many compromised computers, which are instructed to act simultaneously against the victim network or system. The Akamai DNS servers targeted in the DDOS attack served numerous Akamai customers. The affected Akamai customers had access to their respective web sites slowed or rendered inaccessible for a period of time.
The Information further alleges that the attack against Akamai's infrastructure originated from a "bot" network. Bot networks, commonly known as "botnets," are collections of hundreds or thousands of computers that have been compromised by software specifically designed to create a network of computers that can be used, among other things, to implement a DDOS attack. A bot is a computer program that seeks out and places itself on vulnerable computers, then runs silently in the background until it receives direction from another, controlling computer. The bot network used in the Akamai attack received its instructions from a series of computers, including ones located at two major universities, the identities of which have not been made public.
The Information further alleges that BOMBARD compromised these computer systems using a variant of the GAOBOT worm. A computer worm is a software program capable of reproducing itself and that can spread from one computer to the next over a network. According to the Information, BOMBARD directed communication from the university computer systems to the bot network from a computer located on his domain, "f0r.org."
If convicted, BOMBARD faces up to 2 years' imprisonment to be followed by 1 year of supervised release and a $200,000 fine on each of the charges.
The case was investigated by the Federal Bureau of Investigation. It is being prosecuted by Assistant U.S. Attorney Stephen P. Heymann, Chief of Sullivan's Computer Crime Unit.
The details contained in the Information are allegations. The defendant is presumed to be innocent unless and until proven guilty beyond a reasonable doubt in a court of law.