SCO Hit with Another Denial-of-Service Attack

At the same time that a judge’s call for evidence sent SCO Group’s stock price lower, the Lindon, Utah-based company was taking a hit on its Web site, against which attackers launched a denial-of-service (DoS) attack that also knocked some of the company’s internal operations offline.

SCO, hit by a similar Web site attack earlier this summer, has been the subject of a great deal of criticism after charging that its proprietary Unix System V source code was illegally used in in IBM’s AIX operating system and Linux distributions. SCO is suing IBM for US$3 billion and also is threatening legal action against Linux users who do not purchase a license from SCO.

While they bitterly oppose SCO’s strategy and contentions, leaders of the open-source software movement have denounced the Web site attacks.

SCO spokesperson Blake Stowell said the company is working with law enforcement and gathering information “through mechanisms that we have in place” to identify the origin of the attacks. “We deplore these activities by those who try to intimidate or harass legitimate business through cyber terrorist tactics while hiding their true identity,” Stowell added.

No Love, No Sympathy

While a recent court ruling was seen as a victory for SCO opponents who want the company to show its evidence, SCO has succeeded in creating widespread dislike in the industry, Aberdeen Group research director Bill Claybrook told TechNewsWorld.

“I don’t think too many people like them,” Claybrook said. “I haven’t talked to a single person or company that has any sympathy for SCO. The reason is the way they’ve conducted the lawsuit and the contention that anything that goes through System V, they own.”

He said the crux of the case will come down to where code came from, not simply whether there is System V code in versions of Linux.

No Fear, Either

Claybrook added that despite some in the industry cautioning that SCO has the potential to succeed in the courtroom, most executives do not fear their company may be at the top of SCO’s list.

“I don’t think anybody’s scared of them at all,” he said. “I don’t think anybody’s worried. The fact that they’re suing IBM and it will get settled and the whole thing will be over keeps people from worrying.”

Claybrook added that he believes IBM is going to win.

No Web Site

SCO — which has indicated it likely will bring legal action by February 2004 against a Fortune 500 commercial Linux user that declined its licensing offer — confirmed its site was unavailable after it experienced a large-scale DoS attack early Wednesday morning.

The attack was launched by several thousand computers that had been commandeered and directed to overload SCO’s site with multiple, repeated requests to cripple the company’s online presence, according to SCO.

The attack also crippled SCO’s e-mail, intranet and customer-support operations. SCO said it is working with its ISP to restore its site, which was still unavailable Thursday afternoon.

No Win Expected

Claybrook said that reaction to SCO’s assault on Linux and the open-source software model in general has been particularly virulent because “people get emotional about open source.”

However, he predicted that open-source advocates will have the last laugh when SCO fails to win in the courtroom — something the analyst believes SCO is beginning to realize.

“I think one of the reasons they continue to put the heat on people to buy a license is because they don’t think they’re going to win the case,” Claybrook said.

Real-World Threats

SCO director of worldwide IT infrastructure Jeff Carlon told TechNewsWorld that attackers “expanded the scope of the attack” Thursday morning and went after the company’s mail server and public FTP site as well.

SCO spokesperson Mark Modersitzki said threats the company received through the mail and over the Internet are numerous and disturbing.

“The kind of mail we get on a daily basis has some egregious things in it,” Modersitzki told TechNewsWorld. Echoing SCO head Darl McBride, Modersitzki claimed the severity of threats and attacks on the company Web site illustrates two things: It is an emotional issue, and “we’ve got something here that people are concerned about.”

1 Comment

  • Mr. Lyman
    .
    I just read your titled "SCO Hit with Another Denial-of-Service Attack," with some interest. However, it is my belief that SCO was not, in fact, attacked. The article titled, "Security Expert Doubts SCO’s Attack Story," which you’ll find here:
    .
    http://www.groklaw.net/article.php?story=20031210163721614
    .
    is an excellent technical analysis of the issues involved, followed in the comments section by some spirited debate on the real cause of the problem.
    .
    Obviously, the question of law enforcement involvement can be fact checked by calling the Lindon, Utah Police and/or the Lindon area offices of the FBI and Secret Service.
    .
    Alex Roston

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

LinuxInsider Channels