Hackers hit high-profile web sites

A number of big-name web sites have been hit by hacking attacks similar to the kind that brought down Yahoo! for three hours this week.

Amazon, Buy.com, CNN and eBay were all crippled by a hacking technique, termed "denial of service", which security experts claim is all but impossible to defend against.

The severity of the attacks has sparked speculation that the FBI will investigate. Hackers use distributed servers to bombard a target Web site with requests. Because the requests come from a variety of IP addresses, they are not recognised as an attack by traditional security systems.

Malcolm Skinner, product marketing manager at security company Axent, said: "It looks like all these attacks came from one source. It was a very clever distributed attack and if companies like Amazon cannot defend themselves, there is a little chance for the rest of us. I think the FBI has little chance of catching these hackers."

Skinner added: "Yahoo! is not likely to sue the owners of the servers used to launch these attacks but it does raise issues of legal liability."

He said businesses could be held responsible if they fail to take adequate security measures and claimed the risks were greater in the UK because 60 per cent of ecommerce sites do not have a firewall.

Paul Cronin, penetration tester at Centurycom, said: "It is very, very difficult to counter this kind of attack - even for ISPs. It's time for the security industry to wake up and work to find a solution to this."

Alastair Breward, partner in the IT and telecoms group at the Taylor Joynson Garrett law office, doubted businesses could be held responsible for hackers misusing their machines. He said: "Once hackers take control of a system - in itself a criminal offence - I'd be very surprised if the owner would be held liable."