VIA NEWS RELEASE LINDON, Utah — The SCO Group, Inc., owner of the UNIX operating system, today confirmed that on Wednesday, Dec. 10, 2003 at approximately 4:20 a.m. Mountain Time, it experienced a large-scale distributed denial of service (DDoS) attack. The attack caused the company’s Web site and corporate operational traffic to be unavailable during the morning hours including e-mail, the company intranet, and customer support operations. The company’s site remains unavailable while this DDoS attack continues to take place. The company is working with its Internet Service Provider to restore www.sco.com to legitimate Internet users.
This specific type of DDoS attack, called a “syn attack,” took place when several thousand servers were compromised by an unknown person to overload SCO’s Web site with illegitimate Web site requests. The flood of traffic by these illegitimate requests caused the company’s ISP’s Internet bandwidth to be consumed so the Web site was inaccessible to any other legitimate Web user.
“SCO is working with law enforcement officials and gathering information through mechanisms that we have in place to help us identify the origin of these attacks,” said company spokesman Blake Stowell. “We deplore these activities by those who try to intimidate or harass legitimate businesses through cyber-terrorist tactics while hiding their true identity.”
