Warfare has come to the World Wide Web.
Last week a political activists' group bombarded the Pentagon's Web site with digital "hits" in an attempt to bring the Defense Department's Internet outpost to a standstill. But DoD carried the day by launching electronic countermeasures against the group's attacks.
A group of political activists calling themselves Electronic Disturbance Theater, who support Zapatista rebels in Mexico, initiated the Internet skirmish. The group contends that the U.S. is helping Mexico put down the rebel movement in the Mexican state of Chiapas.
On Sept. 9, when activists opened their Web browsers to the Electronic Disturbance Theater's home page, a program was automatically downloaded to their computers. The program began trying every few seconds to access DefenseLink, the Pentagon's Web site, in an attempt to overwhelm DoD's computers.
But DoD was ready for the attack. Pentagon technology specialists created a program that recognized when the activists tried to access the DoD site. Once an attacker was identified, the Pentagon's computers sent a program back to the activist's computer that shut down his or her Web browser, ending the attack.
"The Defense Department was aware of the group's threat, and we did take actions," said Pentagon spokeswoman Susan Hansen.
Attacks on U.S. government Web sites are keeping federal webmasters on their toes. The Air Force, Justice Department and Central Intelligence Agency Web sites have all been hacked in recent years by political groups. While such attacks are more nuisance than threat, federal officials are growing more and more concerned that computer security is a major component of national security.
Penny Leavy, vice president of marketing for San Jose, Calif.-based Finjan security software company, said attacks like the one against the Pentagon last week, in which programs are downloaded onto computers and run attacks in the background, are becoming more common.
"We're going to see more of those kinds of attacks," Leavy said. "To hack the government is the gold star in some hacker circles. You've gone to a new level once you're able to do that."
The program that ran the attack on DefenseLink is called a Java applet. Typically used for such benign purposes as making icons dance across a Web page, the applets are downloaded directly on to people's computers and run in the background. Java applets are called "mobile code" because they can move across the Internet on to individual computers without users even knowing the applets have been downloaded.
"Government security managers really need to think about a mobile code enforcement policy, and they need to think of a way to consistently enforce it," Leavy said.
Though DoD won the battle, Pentagon Web warriors know the war goes on.
"DefenseLink remains available," Hansen said. "Since the group is calling for subsequent days of activities, we have a continuing series of security measures in place."
NEXT STORY: House votes to avoid shutdown